بسم الله الرحمن الرحيم

We write about Windows Internals, Hypervisors, Linux, and Networks.

Starting April 6th, SpecterOps will be presenting a week of webinars while we collectively work from home in response to Covid-19. Each day is a different 30 minute talk given by one of our experts from our Adversary Simulation, Detection, and Adversary Resilience…

Estimated Reading Time: 4 minutes After months of releasing the first version of Octopus, I’m more than glad to announce that the stable version of Octopus is out! During the past few months, I worked with talented people to enhance Octopus capabilities and…

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost - danigargu/CVE-2020-0796

IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices. - OWASP/IoTGoat

NTLM relay is a technique of standing between a client and a server to perform actions on the server while impersonating the client. Protections such as SMB signing or MIC allow to limit the actions of an attacker. This article goes into detail about this…

While Kubernetes has many advantages, it also brings new security challenges.

What if I told you that all editions of Windows Server, from 2008R2 to 2019, are prone to a DLL Hijacking in the %PATH% directories? What if I also told you that the impacted service runs as NT AUTHORITY\SYSTEM and that the DLL loading can be triggered by…

Over the past year, the security community - specifically Red Team Operators and Blue Team Defenders - have seen a massive rise in both public and private utilization of System Calls in windows malware for post-exploitation activities, as well as for the…

Bypass AMSI and Defender using Ordinal Values. Contribute to rmdavy/AMSI_Ordinal_Bypass development by creating an account on GitHub.

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV. - kgretzky/pwndrop

Introduction

Over the past 1.5 years I’ve been doing quite a lot of exploration into Azure AD and how it works under the hood. Azure AD is getting more and more common in enterprises, and thus securing it is becoming a bigger topic. Whereas the traditional Windows Server…