BloodHound 4.0: Azure extension
https://www.youtube.com/watch?v=gAConW5P5uU
https://posts.specterops.io/introducing-bloodhound-4-0-the-azure-update-9b2b26c5e350
https://www.youtube.com/watch?v=gAConW5P5uU
https://posts.specterops.io/introducing-bloodhound-4-0-the-azure-update-9b2b26c5e350
YouTube
Six Degrees of Global Admin – Andy Robbins & Rohan Vazarkar (SO-CON 2020)
In 2016 we released BloodHound, which helps attackers and defenders alike identify and execute or eliminate attack paths in Active Directory. Since then, BloodHound's collection and analysis capabilities have been limited to Active Directory and domain-joined…
A modular Jupyter notebook to automate / parse your recon to excel including:
- Subdomain Enumeration
- Cloud Enumeration
- GitHub Enumeration
- Shodan and Probing
- + more
https://github.com/obheda12/JupyterPen
- Subdomain Enumeration
- Cloud Enumeration
- GitHub Enumeration
- Shodan and Probing
- + more
https://github.com/obheda12/JupyterPen
GitHub
GitHub - obheda12/JupyterPen: A Repository dedicated to creating modular and automated penetration testing frameworks utilizing…
A Repository dedicated to creating modular and automated penetration testing frameworks utilizing Jupyter Notebooks - GitHub - obheda12/JupyterPen: A Repository dedicated to creating modular and au...
HyperDbg debugger is an open-source, hypervisor-assisted user-mode, and kernel-mode Windows debugger with a focus on using modern hardware technologies. It is a debugger designed for analyzing, fuzzing and reversing.
https://github.com/HyperDbg/HyperDbg
https://github.com/HyperDbg/HyperDbg
GitHub
GitHub - HyperDbg/HyperDbg: State-of-the-art native debugging tools
State-of-the-art native debugging tools. Contribute to HyperDbg/HyperDbg development by creating an account on GitHub.
Using Nim language for offensive operations
https://github.com/byt3bl33d3r/OffensiveNim
https://secbytes.net/Implant-Roulette-Part-1:-Nimplant
https://github.com/byt3bl33d3r/OffensiveNim
https://secbytes.net/Implant-Roulette-Part-1:-Nimplant
GitHub
GitHub - byt3bl33d3r/OffensiveNim: My experiments in weaponizing Nim (https://nim-lang.org/)
My experiments in weaponizing Nim (https://nim-lang.org/) - byt3bl33d3r/OffensiveNim
ImageMagick - Shell injection via PDF password
https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html
https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html
Blogspot
ImageMagick - Shell injection via PDF password
"Use ImageMagick® to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats (over 200) includ...
Cross-site Scripting via WHOIS and DNS Records
https://medium.com/tenable-techblog/cross-site-scripting-via-whois-and-dns-records-a25c33667fff
https://medium.com/tenable-techblog/cross-site-scripting-via-whois-and-dns-records-a25c33667fff
Medium
Cross-site Scripting via WHOIS and DNS Records
On a whim, I tossed this into the address field of the registrant data of a domain so it’d appear in whois records…
Lateral movement via MSSQL: a tale of CLR and socket reuse
https://www.blackarrow.net/mssqlproxy-pivoting-clr/
https://www.blackarrow.net/mssqlproxy-pivoting-clr/
Tarlogic Security
Lateral movement via MSSQL: a tale of CLR and socket reuse
Technical details about how to pivot through a Microsoft SQL Server . Using mssql as a proxy for lateral movement
How to run Windows 10 on ARM in Qemu with Hypervisor.framework patches on Apple Silicon Mac
https://gist.github.com/niw/e4313b9c14e968764a52375da41b4278#file-readme-md
https://gist.github.com/niw/e4313b9c14e968764a52375da41b4278#file-readme-md
Gist
How to run Windows 10 on ARM or Ubuntu for ARM64 in QEMU on Apple Silicon Mac
How to run Windows 10 on ARM or Ubuntu for ARM64 in QEMU on Apple Silicon Mac - README.en.md
Forwarded from r0 Crew (Channel)
Big Match: matching open source code in binaries for fun and profit https://rev.ng/blog/big-match/post.html #reverse #dukeBarman
Forwarded from r0 Crew (Channel)
PTM - Page Table Manipulation From Usermode https://back.engineering/01/12/2020/ #exploitation #windows
Private Group Of Back Engineers
PTM - Page Table Manipulation From Usermode
PTM is a Windows 10 C++ library that allows a programmer to manipulate all memory, physical, and virtual from user-mode. The project inherits an interface from VDM allowing the use of a physical memory read-write primitive to fuel this project. VDM is used…
Announcing the Atheris Python Fuzzer
https://opensource.googleblog.com/2020/12/announcing-atheris-python-fuzzer.html
https://opensource.googleblog.com/2020/12/announcing-atheris-python-fuzzer.html
Google Open Source Blog
Announcing the Atheris Python Fuzzer
Google has found thousands of security vulnerabilities and other bugs using Fuzzing. Now we are introducing the Atheris fuzzing engine.
"Important, Spoofing" - zero-click, wormable, cross-platform remote code execution in Microsoft Teams
https://github.com/oskarsve/ms-teams-rce/blob/main/README.md
https://github.com/oskarsve/ms-teams-rce/blob/main/README.md
GitHub
ms-teams-rce/README.md at main · oskarsve/ms-teams-rce
Contribute to oskarsve/ms-teams-rce development by creating an account on GitHub.
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
https://github.com/megadose/holehe
https://github.com/megadose/holehe
GitHub
GitHub - megadose/holehe: holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve…
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function. - megadose/holehe
4 Free easy wins that make Red Teams harder
https://www.trustedsec.com/blog/4-free-easy-wins-that-make-red-teams-harder/
https://www.trustedsec.com/blog/4-free-easy-wins-that-make-red-teams-harder/
TrustedSec
4 Free Easy Wins That Make Red Teams Harder - TrustedSec
TrustedSec's blog is an expert source of information on information security trends and best practices for strategic risk management.
CVE-2020-17049: Kerberos Bronze Bit Attack - Overview
https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-overview/
https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-overview/
NetSPI
CVE-2020-17049: Kerberos Bronze Bit Attack - Overview
Read a helpful overview of the Bronze Bit attack (CVE-2020-17049) against Kerberos implementations in Windows Active Directory.