Latest Infosec News and Articles Building an Active Directory Lab https://medium.com/@robertscocca/building-an-active-directory-lab-82170dd73fb4 Hacking the World with HTML https://osandamalith.com/2020/07/19/hacking-the-world-with-html/Story of a 2.5k Bounty — SSRF on Zimbra Led to Dump All Credentials in
Latest Infosec News and Articles Exploiting an Elevation of Privilege bug in Windows 10 (CVE-2020-1362) https://github.com/Q4n/CVE-2020-1362The Basics of Exploit Development 1: Win32 Buffer Overflows https://www.coalfire.com/The-Coalfire-Blog/January-2020/The-Basics-of-Exploit-Development-1Reverse Engineering Malware, Part 4: Windows
Latest Infosec News and Articles Reverse engineering of the Anubis malware https://orangecyberdefense.com/uk/blog/uncategorized/reverse-engineering-of-the-anubis-malware/How x86_64 addresses memory https://blog.yossarian.net/2020/06/13/How-x86_64-addresses-memoryLeonidas - Automated Attack Simulation in the Cloud, complete with detection use cases https://github.com/fsecurelabs/leonidasUnderstanding how
Latest Infosec News and Articles Adventures in ATM Hacking https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/adventures-in-atm-hacking/Breaking HTTPS in the IoT: Practical Attacks For Reverse Engineers https://labs.bishopfox.com/tech-blog/breaking-https-in-the-iotDomain Penetration Testing: Using BloodHound, Crackmapexec, & Mimikatz to get Domain
Latest Infosec News and Articles Red Team Techniques - June 2020 https://www.reddit.com/r/purpleteamsec/comments/hbdvz4/red_team_techniques_june_2020/LethalHTA - A new lateral movement technique using DCOM and HTA https://codewhitesec.blogspot.com/2018/07/lethalhta.html?m=1OSS-Fuzz - continuous fuzzing of open source software.
Latest Infosec News and Articles Using Syscalls to Inject Shellcode on Windows https://www.solomonsklash.io/syscalls-for-shellcode-injection.html The secret life of GPS trackers (1/2) https://decoded.avast.io/martinhron/the-secret-life-of-gps-trackers/Abusing windows telemetry for persistence https://www.trustedsec.com/blog/abusing-windows-telemetry-for-persistence/Creating Polymorphic Shellcode https://rastating.github.io/creating-polymorphic-shellcode/The Art of
Latest Infosec News and Articles Car Hacking with Python — Part 1 Data Exfiltration: GPS and OBDII/CAN Bus https://medium.com/bugbountywriteup/car-hacking-with-python-part-1-data-exfiltration-gps-and-obdii-can-bus-69bc6b101fd1Linux Security Hardening and Other Tweaks https://vez.mrsk.me/linux-hardening.html Kerberos (I): How does Kerberos work?
Latest Infosec News and Articles Azure AD Introduction for Red Teamers https://www.synacktiv.com/posts/pentest/azure-ad-introduction-for-red-teamers.html Recon-ng Tutorial – Part 2 Workspaces and Import http://securenetworkmanagement.com/recon-ng-tutorial-part-2/ Mindshare: Hardware Reversing With The TP-LINK TL-WR841N Router - Part 2
Latest Infosec News and Articles Azure Red Team tool for graphing Azure and Azure Active Directory objects https://github.com/Azure/Stormspotter Red Team Tactics: Utilizing Syscalls in C# - Prerequisite Knowledge https://jhalon.github.io/utilizing-syscalls-in-csharp-1/OSCE Exam
Latest Infosec News and Articles Crack any Microsoft Windows users password without any privilege (Guest account included) https://github.com/DarkCoderSc/win-brute-logon Netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell and port