Forwarded from PT SWARM
RCE on a backend IIS server via file upload with an atypical file extension.
More community curated payloads can be found at https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files/Extension%20ASP
More community curated payloads can be found at https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files/Extension%20ASP
🔥OWASP Top 10 2021 DRAFT is out 🔥
Now available for peer review, comment, translation, and suggestions for improvements:
owasp.org/Top10/
#OWASPTop10
Now available for peer review, comment, translation, and suggestions for improvements:
owasp.org/Top10/
#OWASPTop10
APT
https://twitter.com/buffaloverflow/status/1435596990650503168?s=21 #0day #office
Twitter
Felix
🙋Having a hard time replicating Office samples exploiting CVE-2021-40444 (MSHTML Remote Code Execution Vulnerability) because the server side component is taken down? ⚙️Imaginary C2 got you covered, it allows to easily simulate the server side component:…
APT
Offensive WMI The Basics (Part 1) # https://0xinfection.github.io/posts/wmi-basics-part-1/ Exploring Namespaces, Classes & Methods (Part 2) # https://0xinfection.github.io/posts/wmi-classes-methods-part-2/ #wmi
0xInfection's Blog
Offensive WMI - Interacting with Windows Registry (Part 3)
This is the third instalment of the “Offensive WMI” series (the 2nd is here), and this blog will focus on interacting with the Windows Registry. A useful thing to know before we start, MITRE ATT&CK classifies querying of registry values under T1012 and its…
Active Directory Pentest Mindmap
# https://github.com/Orange-Cyberdefense/arsenal/raw/master/mindmap/pentest_ad.png
# https://www.xmind.net/m/5dypm8/
UPD (12.11.2021):
https://raw.githubusercontent.com/Orange-Cyberdefense/arsenal/master/mindmap/pentest_ad.png
UPD (10.11.2022):
https://orange-cyberdefense.github.io/ocd-mindmaps/img/pentest_ad_dark_2022_11.svg
#mindmap #ad #pentest
# https://github.com/Orange-Cyberdefense/arsenal/raw/master/mindmap/pentest_ad.png
# https://www.xmind.net/m/5dypm8/
UPD (12.11.2021):
https://raw.githubusercontent.com/Orange-Cyberdefense/arsenal/master/mindmap/pentest_ad.png
UPD (10.11.2022):
https://orange-cyberdefense.github.io/ocd-mindmaps/img/pentest_ad_dark_2022_11.svg
#mindmap #ad #pentest
🔥1
Karma v2
Passive Open Source Intelligence Automated Reconnaissance Framework
https://github.com/Dheerajmadhukar/karma_v2
#osint #recon
Passive Open Source Intelligence Automated Reconnaissance Framework
https://github.com/Dheerajmadhukar/karma_v2
#osint #recon
GitHub
GitHub - Dheerajmadhukar/karma_v2: ⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework) - Dheerajmadhukar/karma_v2
Kali Linux Tools Page
Now you can learn more about all the tools that you can install in Kali.
https://kali.org/tools/
#tools #cheatsheet #kali
Now you can learn more about all the tools that you can install in Kali.
https://kali.org/tools/
#tools #cheatsheet #kali
targetedKerberoast
Kerberoast with ACL abuse capabilities
https://github.com/ShutdownRepo/targetedKerberoast
#kerberoasting #ad #spn
Kerberoast with ACL abuse capabilities
https://github.com/ShutdownRepo/targetedKerberoast
#kerberoasting #ad #spn
GitHub
GitHub - ShutdownRepo/targetedKerberoast: Kerberoast with ACL abuse capabilities
Kerberoast with ACL abuse capabilities. Contribute to ShutdownRepo/targetedKerberoast development by creating an account on GitHub.
SpoolSploit
SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. A couple of highly effective methods would be relaying machine account credentials to escalate privileges and execute malicious DLLs on endpoints with full system access.
https://github.com/BeetleChunks/SpoolSploit
#ad #spooler #rpc
SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. A couple of highly effective methods would be relaying machine account credentials to escalate privileges and execute malicious DLLs on endpoints with full system access.
https://github.com/BeetleChunks/SpoolSploit
#ad #spooler #rpc
GitHub
GitHub - BeetleChunks/SpoolSploit: A collection of Windows print spooler exploits containerized with other utilities for practical…
A collection of Windows print spooler exploits containerized with other utilities for practical exploitation. - BeetleChunks/SpoolSploit
Brute Force Wordlist
Some files for bruteforcing certain things.
https://github.com/random-robbie/bruteforce-lists
#wordlist #bruteforce
Some files for bruteforcing certain things.
https://github.com/random-robbie/bruteforce-lists
#wordlist #bruteforce
GitHub
GitHub - random-robbie/bruteforce-lists: Some files for bruteforcing certain things.
Some files for bruteforcing certain things. Contribute to random-robbie/bruteforce-lists development by creating an account on GitHub.
RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941)
Amazing writeup on finding a vulnerability through .NET reversing, enjoyed reading about the breakpoints that were set and how they logically owned Citrix ShareFile through a third party dependency
https://codewhitesec.blogspot.com/2021/09/citrix-sharefile-rce-cve-2021-22941.html
#citrix #sharefile #rce
Amazing writeup on finding a vulnerability through .NET reversing, enjoyed reading about the breakpoints that were set and how they logically owned Citrix ShareFile through a third party dependency
https://codewhitesec.blogspot.com/2021/09/citrix-sharefile-rce-cve-2021-22941.html
#citrix #sharefile #rce
Blogspot
CODE WHITE | Blog: RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941) – A Walk-Through
Citrix ShareFile Storage Zones Controller uses a fork of the third party library NeatUpload. Versions before 5.11.20 are affected by a rela...
AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
https://github.com/darkquasar/AzureHunter
#azure #o365
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
https://github.com/darkquasar/AzureHunter
#azure #o365
GitHub
GitHub - darkquasar/AzureHunter: A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365 - darkquasar/AzureHunter