امنیت اطلاعات
محقق امنیتی باگ 0day جدیدی را در ویندوز کشف کرد که به هکر اجازه میدهد هر فایل دلخواهی را در سیستم بازنویسی کند. این کارشناس امنیتی ( خانم کارشناس ) اکسپلویتی نیز برای این آسیب پذیری منتشر کرده است: https://github.com/SandboxEscaper/randomrepo پیش از این…
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from Cyberwar Zone
گروه "تپندگان" که پیش از این با نفوذ به نمایشگر برخی فرودگاه ها به شهرت رسیده بودند.این بار خبر از نفوذ به سایت tamin.ir و دسترسی به اطلاعات تامین اجتماعی کشور را منتشر کرده اند.
#threatintel #tapandegan
🔘@cyberwarzone
#threatintel #tapandegan
🔘@cyberwarzone
Demiguise - HTA encryption tool
https://github.com/nccgroup/demiguise/blob/master/Readme.md
#hta
#windows
#exploit
#backdoor
#malware
#rat
@sec_nerd
https://github.com/nccgroup/demiguise/blob/master/Readme.md
#hta
#windows
#exploit
#backdoor
#malware
#rat
@sec_nerd
GitHub
demiguise/Readme.md at master · nccgroup/demiguise
HTA encryption tool for RedTeams. Contribute to nccgroup/demiguise development by creating an account on GitHub.
Forwarded from KeralaGram [Official]®
Google Play Protecting is marking Mobogram as an unsafe app
Mobogram can install potentially harmful apps without your permission
#Mobogram #Unofficial #Telegram #Client
ℹ️ @KeralagramChannel
Mobogram can install potentially harmful apps without your permission
#Mobogram #Unofficial #Telegram #Client
ℹ️ @KeralagramChannel
KeralaGram [Official]®
Google Play Protecting is marking Mobogram as an unsafe app Mobogram can install potentially harmful apps without your permission #Mobogram #Unofficial #Telegram #Client ℹ️ @KeralagramChannel
توضیح و شرح فنی تیکت طلایی در ابزار mimikatz
https://www.beneaththewaves.net/Projects/Mimikatz_20_-_Golden_Ticket_Walkthrough.html
#windows
#privesc
#mimikatz
@sec_nerd
https://www.beneaththewaves.net/Projects/Mimikatz_20_-_Golden_Ticket_Walkthrough.html
#windows
#privesc
#mimikatz
@sec_nerd
www.beneaththewaves.net
Mimikatz 2.0 - Golden Ticket Walkthrough - Projects - Beneath the Waves
A step-by-step example of using the Kerberos
ابزارها و راهکارهای جمع آوری اطلاعات از سرویس SMB
https://0xdf.gitlab.io/2018/12/02/pwk-notes-smb-enumeration-checklist-update1.html
#windows
#pentest
#privesc
@sec_nerd
https://0xdf.gitlab.io/2018/12/02/pwk-notes-smb-enumeration-checklist-update1.html
#windows
#pentest
#privesc
@sec_nerd
0xdf hacks stuff
PWK Notes: SMB Enumeration Checklist [Updated]
🚨[Updated for 2024] Check out the latest version of this post here.🚨
github.com/A-mIn3/WINspect
Powershell-based Windows Security Auditing Toolbox
#windows
#security
#ps
@sec_nerd
Powershell-based Windows Security Auditing Toolbox
#windows
#security
#ps
@sec_nerd
GitHub
GitHub - A-mIn3/WINspect: Powershell-based Windows Security Auditing Toolbox
Powershell-based Windows Security Auditing Toolbox - A-mIn3/WINspect
Bug Bounty Cheat Sheet
https://github.com/EdOverflow/bugbounty-cheatsheet
#bugbounty
#pentest
#web
@sec_nerd
https://github.com/EdOverflow/bugbounty-cheatsheet
#bugbounty
#pentest
#web
@sec_nerd
بالا بردن سطح دسترسی یوزر ویندوز تا سطح SYSTEM با سوء استفاده از Osquery
CVE-2019-3567
https://offsec.provadys.com/osquery-windows-acl-misconfiguration-eop.html
#windows
#privesc
#pentest
@sec_nerd
CVE-2019-3567
https://offsec.provadys.com/osquery-windows-acl-misconfiguration-eop.html
#windows
#privesc
#pentest
@sec_nerd
Red Team Techniques: Gaining access on an external engagement through spear-phishing
https://blog.sublimesecurity.com/red-team-techniques-gaining-access-on-an-external-engagement-through-spear-phishing/
#phishing
#spear_phishing
#msf
@sec_nerd
https://blog.sublimesecurity.com/red-team-techniques-gaining-access-on-an-external-engagement-through-spear-phishing/
#phishing
#spear_phishing
#msf
@sec_nerd
Bypassing Windows User Account Control: Back For More
https://medium.com/@z3roTrust/bypassing-windows-user-account-control-back-for-more-dd5672c48600
#windows
#pentest
#privesc
@sec_nerd
https://medium.com/@z3roTrust/bypassing-windows-user-account-control-back-for-more-dd5672c48600
#windows
#pentest
#privesc
@sec_nerd
Automating local DTD discovery for XXE exploitation
https://www.gosecure.net/blog/2019/07/16/automating-local-dtd-discovery-for-xxe-exploitation
#xxe
#web
#pentest
@sec_nerd
https://www.gosecure.net/blog/2019/07/16/automating-local-dtd-discovery-for-xxe-exploitation
#xxe
#web
#pentest
@sec_nerd