Introduction to Windows tokens for security practitioners
https://www.elastic.co/blog/introduction-to-windows-tokens-for-security-practitioners
https://www.elastic.co/blog/introduction-to-windows-tokens-for-security-practitioners
Elastic Blog
Introduction to Windows tokens for security practitioners
Windows access token manipulation attacks are well known and abused from an offensive perspective, but rely on an extensive body of arcane Windows security internals. In this blog post, we demystify h...
Malware Development Pt. 1: Dynamic Module Loading in Go
https://posts.specterops.io/malware-development-pt-1-dynamic-module-loading-in-go-1121f07f3a5a
https://posts.specterops.io/malware-development-pt-1-dynamic-module-loading-in-go-1121f07f3a5a
Medium
Malware Development Pt. 1: Dynamic Module Loading in Go
Loading and managing shared libraries in memory.
A Voyage to Uncovering Telemetry: Identifying RPC Telemetry for Detection Engineers
https://ipc-research.readthedocs.io/en/latest/subpages/RPC.html
https://ipc-research.readthedocs.io/en/latest/subpages/RPC.html
DRAKVUF™ is a virtualization based agentless black-box binary analysis system. DRAKVUF™ allows for in-depth execution tracing of arbitrary binaries (including operating systems), all without having to install any special software within the virtual machine used for analysis.
https://drakvuf.com
https://drakvuf.com
Introducing Kernel Data Protection, a new platform security technology for preventing data corruption
https://www.microsoft.com/security/blog/2020/07/08/introducing-kernel-data-protection-a-new-platform-security-technology-for-preventing-data-corruption/
https://www.microsoft.com/security/blog/2020/07/08/introducing-kernel-data-protection-a-new-platform-security-technology-for-preventing-data-corruption/
Microsoft News
Introducing Kernel Data Protection, a new platform security technology for preventing data corruption
Kernel Data Protection (KDP) is a set of APIs that provide the ability to mark some kernel memory as read-only, preventing attackers from ever modifying protected memory.
Unauthenticated RCE on MobileIron MDM
https://blog.orange.tw/2020/09/how-i-hacked-facebook-again-mobileiron-mdm-rce.html?m=1
https://blog.orange.tw/2020/09/how-i-hacked-facebook-again-mobileiron-mdm-rce.html?m=1
Orange Tsai
How I Hacked Facebook Again! Unauthenticated RCE on MobileIron MDM
[ 繁體中文版本 | English Version ] Hi, it’s a long time since my last article. This new post is about my research this March, which talks about how I found vulnerabilities on a leading Mobile Device Mana
Zerologon: unauthenticated domain controller compromise by subverting Netlogon cryptography (CVE-2020-1472)
https://www.secura.com/pathtoimg.php?id=2055
https://www.secura.com/pathtoimg.php?id=2055
I Like to Move It: Windows Lateral Movement Part 2 – DCOM
https://www.mdsec.co.uk/2020/09/i-like-to-move-it-windows-lateral-movement-part-2-dcom/
https://www.mdsec.co.uk/2020/09/i-like-to-move-it-windows-lateral-movement-part-2-dcom/
MDSec
I Like to Move It: Windows Lateral Movement Part 2 - DCOM - MDSec
Overview In part 1 of this series, we discussed lateral movement using WMI event subscriptions. During this post we will discuss another of my “go to” techniques for lateral movement,...
A different way of abusing Zerologon (CVE-2020-1472)
https://dirkjanm.io/a-different-way-of-abusing-zerologon/
https://dirkjanm.io/a-different-way-of-abusing-zerologon/
dirkjanm.io
A different way of abusing Zerologon (CVE-2020-1472)
In August 2020, Microsoft patched CVE-2020-1472 aka Zerologon. This is in my opinion one of the most critical Active Directory vulnerabilities of the past few years, since it allows for instant escalation to Domain Admin without credentials. The most straightforward…
#Instagram_RCE: Code Execution Vulnerability in Instagram App for Android and iOS
https://research.checkpoint.com/2020/instagram_rce-code-execution-vulnerability-in-instagram-app-for-android-and-ios/
https://research.checkpoint.com/2020/instagram_rce-code-execution-vulnerability-in-instagram-app-for-android-and-ios/
Check Point Research
#Instagram_RCE: Code Execution Vulnerability in Instagram App for Android and iOS - Check Point Research
Research by: Gal Elbaz Background Instagram, with over 100+ million photos uploaded every day, is one of the most popular social media platforms. For that reason, we decided to audit the security of the Instagram app for both Android and iOS operating systems.…
Exploiting SIGRed (CVE-2020–1350) on Windows Server 2012/2016/2019
https://medium.com/@datafarm.cybersecurity/exploiting-sigred-cve-2020-1350-on-windows-server-2012-2016-2019-80dd88594228
https://medium.com/@datafarm.cybersecurity/exploiting-sigred-cve-2020-1350-on-windows-server-2012-2016-2019-80dd88594228
Medium
Exploiting SIGRed (CVE-2020–1350) on Windows Server 2012/2016/2019
by Worawit Wangwarunyoo , DATAFARM Research Team, Datafarm Company Limited
GHunt is an OSINT tool to extract a lot of informations of someone's Google Account email.
https://github.com/mxrch/ghunt
https://github.com/mxrch/ghunt
GitHub
GitHub - mxrch/GHunt: 🕵️♂️ Offensive Google framework.
🕵️♂️ Offensive Google framework. Contribute to mxrch/GHunt development by creating an account on GitHub.
Bypassing Android MDM Using Electromagnetic Fault Injection By A Gas Lighter For $1.5
https://payatu.com/blog/arun/bypassing-android-mdm-using-electromagnetic-fault-injection-by-a-gas-lighter-for-$1.5$
https://payatu.com/blog/arun/bypassing-android-mdm-using-electromagnetic-fault-injection-by-a-gas-lighter-for-$1.5$
SpeedPwning VMware Workstation
https://www.synacktiv.com/sites/default/files/2020-10/Speedpwning_VMware_Workstation.pdf
https://www.synacktiv.com/sites/default/files/2020-10/Speedpwning_VMware_Workstation.pdf
Anti-Virus Vulnerabilities: Who’s Guarding the Watch Tower?
https://www.cyberark.com/resources/threat-research-blog/anti-virus-vulnerabilities-who-s-guarding-the-watch-tower
https://www.cyberark.com/resources/threat-research-blog/anti-virus-vulnerabilities-who-s-guarding-the-watch-tower
Cyberark
Anti-Virus Vulnerabilities: Who’s Guarding the Watch Tower?
This blog entry is a special anti-malware edition showcasing how the most common bugs security products suffer from can allow a standard user to escalate into a privileged user. What we found...