Blog | Page 2 of 9 | Ptrace Security GmbH

Blog

IT Security News Bulletin #57

IT Security News Bulletin #57

Latest Infosec News and Articles Learning Linux Kernel Exploitation - Part 1 https://lkmidas.github.io/posts/20210123-linux-kernel-pwn-part-1/#Pentesting laravel debug rce CVE-2021-3129 https://github.com/SNCKER/CVE-2021-3129 How To Attack Kerberos 101 https://m0chan.github.io/2019/07/31/How-To-Attack-Kerberos-101.html A list of cyber-chef recipes and curated links https://github.com/mattnotmax/cyberchef-recipes Windows

IT Security News Bulletin #56

IT Security News Bulletin #56

Latest Infosec News and Articles  Weblogic Remote Code Execution Exploiting CVE-2019-2725  https://blog.cybercastle.io/weblogic-remote-code-execution-exploiting-cve-2019-2725/ Microsoft Teams and Skype Logging Privacy Issue  https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/microsoft-teams-and-skype-logging-privacy-issue/ Bypassing and exploiting Bucket Upload Policies and Signed URLs  https://labs.detectify.com/2018/08/02/bypassing-exploiting-bucket-upload-policies-signed-urls/  Pentesting the ELK

IT Security News Bulletin #54

IT Security News Bulletin #54

Latest Infosec News and Articles Red Team Tactics: Combining Direct System Calls and sRDI to bypass AV/EDR  https://outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/ Building a custom Mimikatz binary https://s3cur3th1ssh1t.github.io/Building-a-custom-Mimikatz-binary/ Code Injection: Windows Taskbar https://x0r19x91.gitlab.io/post/code-injection-mstasklist/ Userland API Monitoring and

IT Security News Bulletin #52

IT Security News Bulletin #52

Latest Infosec News and Articles Analyzing Cobalt Strike for Fun and Profit https://www.randhome.io/blog/2020/12/20/analyzing-cobalt-strike-for-fun-and-profit/ Sub404: A Fast Tool To Check Subdomain Takeover Vulnerability https://securityonline.info/sub404-check-subdomain-takeover-vulnerability/ MouseJack: From Mouse to Shell – Part 1 https://www.wilbursecurity.com/2019/03/mousejack-from-mouse-to-shell-part-1/  CVE-2020-35489:

IT Security News Bulletin #50

IT Security News Bulletin #50

Latest Infosec News and Articles Finding Hidden Files and Folders on IIS using BigQuery  https://blog.assetnote.io/2020/09/18/finding-hidden-files-folders-iis-bigquery/  WordPress Easy WP SMTP zero-day potentially exposes hundreds of thousands of sites to hack  https://securityaffairs.co/wordpress/112218/hacking/easy-wp-smtp-wordpress-plugin-flaw.html  Buffer Overflows

IT Security News Bulletin #49

IT Security News Bulletin #49

Latest Infosec News and Articles 403Bypasser: bypass 403 restricted directory  https://securityonline.info/403bypasser-bypass-403-restricted-directory/  Windows Driver Signing Enforcement bypass https://github.com/theevilbit/workshops/blob/master/DSE%20Bypass%20Workshop/dc26%20-%20Csaba%20Fitzl%20-%20DSE%20Bypass%20Workshop%20-%20Presentation.pdf Command line tool to extract/decrypt the password that was stored in the LSA by SysInternals

>