Blog | Ptrace Security GmbH

Blog

IT Security News Bulletin #46

IT Security News Bulletin #46

Latest Infosec News and Articles Advanced MSSQL Injection Tricks https://swarm.ptsecurity.com/advanced-mssql-injection-tricks/ RCE via Server-Side Template Injection https://cyc10n3.medium.com/rce-via-server-side-template-injection-ad46f8e0c2ae XSS Scanner: detects Cross-Site Scripting vulnerabilities in website https://securityonline.info/xss-scanner/ Exploring the Exploitability of “Bad Neighbor”: The Recent

IT Security News Bulletin #44

IT Security News Bulletin #44

Latest Infosec News and Articles PowerShell Commands for Pentesters https://www.infosecmatter.com/powershell-commands-for-pentesters/ Identifying & Escalating HTTP Host Header Injection attacks https://medium.com/bugbountywriteup/identifying-escalating-http-host-header-injection-attacks-7586d0ff2c67Pass-the-hash attacks with mimikatz https://stealthbits.com/blog/passing-the-hash-with-mimikatz/ paradoxiaRAT: Native Windows Remote Access Tool https://securityonline.info/paradoxiarat-native-windows-remote-access-tool/ The Memory Process

IT Security News Bulletin #43

IT Security News Bulletin #43

Latest Infosec News and Articles Interactive Analysis with any.run  https://zero2auto.com/2020/10/14/interactive-analysis-any-run/ Azure Red Team tool for graphing Azure and Azure Active Directory objects https://github.com/Azure/Stormspotter Pass-the-hash WiFi https://sensepost.com/blog/2020/pass-the-hash-wifi/ Apache Struts 2 Remote Code Execution https://cxsecurity.com/issue/WLB-2020100134 Exploiting

Weekly IT Security News Bulletin #42

Weekly IT Security News Bulletin #42

Latest Infosec News and Articles Patrik’s Bug Bounty 🛠️Tools  https://blog.it-securityguard.com/patriks-bug-bounty-tools-%f0%9f%9b%a0%ef%b8%8f/Introducing MIDNIGHTTRAIN - A Covert Stage-3 Persistence Framework weaponizing UEFI variables https://slaeryan.github.io/posts/midnighttrain.html In-Memory shellcode decoding to evade AVs/EDRs https://shells.systems/in-memory-shellcode-decoding-to-evade-avs/  How I Hacked Facebook

IT Security News Bulletin #38

IT Security News Bulletin #38

Latest Infosec News and Articles ARM64 Reversing and Exploitation Part 1 - ARM Instruction Set + Simple Heap Overflow  http://highaltitudehacks.com/2020/09/05/arm64-reversing-and-exploitation-part-1-arm-instruction-set-heap-overflow/ The Current State of Exploit Development, Part 2 https://www.crowdstrike.com/blog/state-of-exploit-development-part-2/ Rampant Kitten –

IT Security News Bulletin #37

IT Security News Bulletin #37

Latest Infosec News and Articles CVE-2020-5902 BIG-IP RCE  https://github.com/jas502n/CVE-2020-5902/ From SSRF to Compromise: Case Study https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/from-ssrf-to-compromise-case-study/ A Hands-On Introduction to Mandiant's Approach to OT Red Teaming https://www.fireeye.com/blog/threat-research/2020/08/hands-on-introduction-to-mandiant-approach-to-ot-red-teaming.htmlFrom Android Static Analysis to RCE

>