😈 [ SagieSec, Sagie Dulce ]

#RPCFirewall version 2.0 is out!

Watch this tutorial that shows how to set it up, and start protecting against various RPC attacks : #petitpotam, #psexec, #dcsync, #wmic and more...

New features:
✔️ Support RPC Filters.
✔️ RPC Firewall as a service
✔️ Monitor & protect new processes
✔️ "Status" command for detailed deployment info
✔️ Better resolution of source host and port

🔗 https://youtu.be/BNzfmYwkioY
🔗 https://github.com/zeronetworks/rpcfirewall

🐥 [ tweet ]

👹 [ snovvcrash, sn🥶vvcr💥sh ]

🧵(1/3) I get so excited every time I contribute to #impacket 🤗 Anyways, here’s an upcoming update to secretsdump[.]py ↪️ There’s now this -ldapfilter option that allows an attacker to #DCSync a bunch of user with a single shot 🧨

https://t.co/4ASCbqysj8

🔗 https://github.com/SecureAuthCorp/impacket/pull/1329

🐥 [ tweet ]

Немного ссылок про DCSync, методы его детекта и обход сетевой сигнатуру IDS с secretsdump.py:

https://habr.com/ru/company/rvision/blog/709866/

https://habr.com/ru/company/rvision/blog/709942/

https://threadreaderapp.com/thread/1622684071473123351.html

#dcsync