Blog | Ptrace Security GmbH

Blog

IT Security News Bulletin #52

IT Security News Bulletin #52

Latest Infosec News and Articles Analyzing Cobalt Strike for Fun and Profit https://www.randhome.io/blog/2020/12/20/analyzing-cobalt-strike-for-fun-and-profit/ Sub404: A Fast Tool To Check Subdomain Takeover Vulnerability https://securityonline.info/sub404-check-subdomain-takeover-vulnerability/ MouseJack: From Mouse to Shell – Part 1 https://www.wilbursecurity.com/2019/03/mousejack-from-mouse-to-shell-part-1/  CVE-2020-35489:

IT Security News Bulletin #50

IT Security News Bulletin #50

Latest Infosec News and Articles Finding Hidden Files and Folders on IIS using BigQuery  https://blog.assetnote.io/2020/09/18/finding-hidden-files-folders-iis-bigquery/  WordPress Easy WP SMTP zero-day potentially exposes hundreds of thousands of sites to hack  https://securityaffairs.co/wordpress/112218/hacking/easy-wp-smtp-wordpress-plugin-flaw.html  Buffer Overflows

IT Security News Bulletin #49

IT Security News Bulletin #49

Latest Infosec News and Articles 403Bypasser: bypass 403 restricted directory  https://securityonline.info/403bypasser-bypass-403-restricted-directory/  Windows Driver Signing Enforcement bypass https://github.com/theevilbit/workshops/blob/master/DSE%20Bypass%20Workshop/dc26%20-%20Csaba%20Fitzl%20-%20DSE%20Bypass%20Workshop%20-%20Presentation.pdf Command line tool to extract/decrypt the password that was stored in the LSA by SysInternals

IT Security News Bulletin #46

IT Security News Bulletin #46

Latest Infosec News and Articles Advanced MSSQL Injection Tricks https://swarm.ptsecurity.com/advanced-mssql-injection-tricks/ RCE via Server-Side Template Injection https://cyc10n3.medium.com/rce-via-server-side-template-injection-ad46f8e0c2ae XSS Scanner: detects Cross-Site Scripting vulnerabilities in website https://securityonline.info/xss-scanner/ Exploring the Exploitability of “Bad Neighbor”: The Recent

IT Security News Bulletin #44

IT Security News Bulletin #44

Latest Infosec News and Articles PowerShell Commands for Pentesters https://www.infosecmatter.com/powershell-commands-for-pentesters/ Identifying & Escalating HTTP Host Header Injection attacks https://medium.com/bugbountywriteup/identifying-escalating-http-host-header-injection-attacks-7586d0ff2c67Pass-the-hash attacks with mimikatz https://stealthbits.com/blog/passing-the-hash-with-mimikatz/ paradoxiaRAT: Native Windows Remote Access Tool https://securityonline.info/paradoxiarat-native-windows-remote-access-tool/ The Memory Process

>