You might like
Here I bypassed Defender AV by making: .eyb files as .exe .faq files as .dll I'm sure this can work on other security solutions and for many other blacklisted techniques. (1/2)
AD Pentest mindmap upgrade : Full version: github.com/Orange-Cyberde… xmind version (slow, the map is big) : xmind.net/m/5dypm8/ Fell free to tell me what is missing !
Very (very) soon in #mimikatz 🥝 Client RDP passwords/PIN in MSTSC process, decrypted. Without previous injection/hook in process, of course😉 Especially useful on jump servers🤪 ~ Can also be used to debug some internal properties ~
Sharing a partially redacted PEM online is the same as sharing the PEM. In this blog post, we show that with partial exposure of a PEM, private data can be extracted to recover the full private key. blog.cryptohack.org/twitter-secrets
This morning, I began another #pentest for a client. After some google-fu dorking combine with the major search engines, I found the id_rsa key that gave me access to the server and a bunch of others 😬😬 another mistake under their radar...
Quick (and dirty) script to extract locally some useful information from your #bloodhound dump #windows #pentest github.com/kaluche/bloodh…
New Linux SUDO flaw lets local users gain root privileges bleepingcomputer.com/news/security/…
Win Brute Logon - local password brute force #infosec #pentest github.com/DarkCoderSc/wi…
#Podcast #Cybersécurité Épisode #288 consacré à la faille #Zerologon avec @gentilkiwi et @mysmartlogon nolimitsecu.fr/zerologon/
⚠️Alerte CERT-FR⚠️ Samba configuré comme contrôleur de domaine est également vulnérable à CVE-2020-1472 CERTFR-2020-ALE-021 : Vulnérabilité dans Samba (18 septembre 2020) cert.ssi.gouv.fr/alerte/CERTFR-…
⚠️Alerte CERT-FR⚠️ CERTFR-2020-ALE-020 : Vulnérabilité dans Microsoft Netlogon (15 septembre 2020) cert.ssi.gouv.fr/alerte/CERTFR-…
#Podcast #Cybersécurité Épisode #285 : 10 "Quick Wins" pour le RSSI nolimitsecu.fr/10-quick-wins-…
#Podcast #Cybersécurité Épisode #260 consacré à la sécurité du télétravail et des accès distants nolimitsecu.fr/teletravail-et…
If you have played around with Silver Tickets or Kerberoasting in Active Directory, you've probably heard about SPN. But what is it exactly, how is it used? This post is a small reminder to prepare next article about kerberoasting. 🙃 en.hackndo.com/service-princi…
#Podcast #Cybersécurité Épisode #257 consacré à l'état de l'art en matière de réponse aux incidents, avec Serge Lefranc nolimitsecu.fr/etat-de-l-art-…
#BloodHound 3.0 is here! BloodHound: bit.ly/GetBloodHound Blog: bit.ly/3bu3chl Webinar deck: bit.ly/3837gTx Webinar recording coming soon #BloodHound 3.0 shirt: (all profits go to @MDAorg) customink.com/fundraising/th…
#Podcast #Cybersécurité Épisode #253 consacré à la vulnérabilité CVE-2020-0601 #CurveBall nolimitsecu.fr/curveball/
Exploit Tutorial: The Elusive Egghunter #infosec #pentest #exploitDev primalsecurity.net/0x8-exploit-tu…
lsassy 1.0.0 is finally out ! 🔸 Remotely dump #lsass **with built-in Windows tools only**, procdump is no longer necessary 🔸 Remotely parse lsass dumps to extract credentials 🔸 Link to #Bloodhound to detect compromised users with path to Domain Admin github.com/Hackndo/lsassy
United States Trends
- 1. #AEWDynamite 30.1K posts
- 2. Epstein 1.34M posts
- 3. #Survivor49 3,036 posts
- 4. #AEWBloodAndGuts 4,028 posts
- 5. Hobbs 28.6K posts
- 6. Skye Blue 3,282 posts
- 7. #SistasOnBET 1,482 posts
- 8. Paul Skenes 16.5K posts
- 9. Cy Young 22.7K posts
- 10. Hannah Hidalgo 2,685 posts
- 11. Knicks 34.8K posts
- 12. Raising Arizona N/A
- 13. Marina 31.5K posts
- 14. #TheChallenge41 1,007 posts
- 15. Paul Reed 1,523 posts
- 16. Savannah 5,988 posts
- 17. Mikey 57.5K posts
- 18. Thekla 2,333 posts
- 19. Tarik Skubal 8,181 posts
- 20. Starship 16.1K posts
You might like
Something went wrong.
Something went wrong.