Blog

Latest Infosec News and Articles Patrik’s Bug Bounty 🛠️Tools  https://blog.it-securityguard.com/patriks-bug-bounty-tools-%f0%9f%9b%a0%ef%b8%8f/Introducing MIDNIGHTTRAIN - A Covert Stage-3 Persistence Framework weaponizing UEFI variables https://slaeryan.github.io/posts/midnighttrain.html In-Memory shellcode decoding to evade AVs/EDRs https://shells.systems/in-memory-shellcode-decoding-to-evade-avs/  How I Hacked Facebook

Latest Infosec News and Articles Using Syscalls to Inject Shellcode on Windows https://www.solomonsklash.io/syscalls-for-shellcode-injection.html Sysmon Internals - From File Delete Event to Kernel Code Execution https://undev.ninja/sysmon-internals-from-file-delete-event-to-kernel-code-execution/ From Zero to main(): How to Write

Latest Infosec News and Articles PoC exploits for CVE-2020-17382  https://github.com/uf0o/CVE-2020-17382 A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet. https://github.com/fatedier/frp I Like

Latest Infosec News and Articles ARM64 Reversing and Exploitation Part 1 - ARM Instruction Set + Simple Heap Overflow  http://highaltitudehacks.com/2020/09/05/arm64-reversing-and-exploitation-part-1-arm-instruction-set-heap-overflow/ The Current State of Exploit Development, Part 2 https://www.crowdstrike.com/blog/state-of-exploit-development-part-2/ Rampant Kitten –

Latest Infosec News and Articles CVE-2020-5902 BIG-IP RCE  https://github.com/jas502n/CVE-2020-5902/ From SSRF to Compromise: Case Study https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/from-ssrf-to-compromise-case-study/ A Hands-On Introduction to Mandiant's Approach to OT Red Teaming https://www.fireeye.com/blog/threat-research/2020/08/hands-on-introduction-to-mandiant-approach-to-ot-red-teaming.htmlFrom Android Static Analysis to RCE

Latest Infosec News and Articles The FLARE team's open-source tool to identify capabilities in executable files.  https://github.com/fireeye/capa/  Shadow Admins – The Stealthy Accounts That You Should Fear The Most https://www.cyberark.com/resources/threat-research-blog/shadow-admins-the-stealthy-accounts-that-you-should-fear-the-most PowerShell Remoting

Latest Infosec News and Articles Linux Kernel Runtime Guard (LKRG) in a nutshell  https://www.openwall.com/presentations/OSTconf2020-LKRG-In-A-Nutshell/ Dynamic Labs: Create your own test lab environment https://www.contextis.com/us/blog/dynamiclabs-introduction-walk-throughActive Directory Database: Structure, Access and Tools http://www.selfadsi.org/adsdb.htmCVE-2020-1380: Analysis

Latest Infosec News and Articles PowerShell: In-Memory Injection Using CertUtil.exe  https://movaxbx.ru/2018/06/01/powershell-in-memory-injection-using-certutil-exe/  Defending Your Malware https://labs.jumpsec.com/2020/08/11/defending-your-malware/ CVE-2020-1571 Windows Setup Elevation of Privileges Bypass 0day https://github.com/klinix5/Windows-Setup-EoPApache Tomcat RCE by deserialization (CVE-2020-9484) – write-up and

Latest Infosec News and Articles Pentest Tips and Tricks #2  https://jivoi.github.io/2015/08/21/pentest-tips-and-tricks-number-2/List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. https://github.com/toniblyx/my-arsenal-of-aws-security-tools#offensiveIntroducing Ninja C2 : the C2 built

Latest Infosec News and Articles Domain Penetration Testing: Using BloodHound, Crackmapexec, & Mimikatz to get Domain Admin https://hausec.com/2017/10/21/domain-penetration-testing-using-bloodhound-crackmapexec-mimikatz-to-get-domain-admin/multithreading module that connects to a remote TCP server, monitors active (opened) Microsoft