Plus récents
yaracroft

A full decompilation and automatic analysis of all contracts on the

contract-library.com/

0
yaracroft

Dozens of hospitals and clinics in West Virginia and Ohio are canceling surgeries and diverting ambulances following a attack that has knocked out staff access to IT systems across virtually all of their operations

arstechnica.com/gadgets/2021/0

0
yaracroft

Museum of Portable Sound - Ecsite 2021 : The Power of SoundThe First Recording of a Human Voice ( Phonautogram by Édouard-Léon Scott de Martinville, Paris, , 1860), Capt'n Crunch (2600 Hz), ..

museumofportablesound.com

0
yaracroft

ssh-audit is a tool for server & client configuration auditing

github.com/jtesta/ssh-audit

0
yaracroft

An , Deluxe Paint and a mouse. From the late 80s to the early 90s, these 3 tools were at the core of numerous graphic designers' workstations in the West. It took years for the Japanese industry to start adopting commercial engines

vgdensetsu.tumblr.com/post/179

0
yaracroft

PrivescCheck now enumerates volume shadow copies and checks whether SAM/SYSTEM/SECURITY files are readable as a low-priv user. This tool help security consultants identify potential weaknesses on machines during penetration tests and Workstation/VDI audits

github.com/itm4n/PrivescCheck

0
yaracroft

targetedKerberoast is a script that can, like many others (e.g. GetUserSPNs.py), print « kerberoast » hashes for user accounts that have a SPN set.

0
yaracroft

- leaking NetNTLM hashes

pwnshift.github.io/2021/08/12/

0
yaracroft

(CVE-2020-9273) PoC - ProFTPd Post-Auth Use-After-Free leading to RCE

github.com/lockedbyte/CVE-Expl

0
yaracroft

Reko is a decompiler for machine code binaries

github.com/uxmal/reko/releases

0
yaracroft

TeamServer.prop is an optional properties file used by the Cobalt Strike teamserver to customize the settings used to validate screenshot and keylog callback data, which allows you to tweak the fix for the « HotCobalt » vulnerability

blog.cobaltstrike.com/2021/08/

0
yaracroft

Charlie Bromberg's mindmap for common attacks operated on Active Directory authentication protocols (NTLM, Kerberos) : Pass-the-hash, Pass-the-key, Pass-the-ticket, Pass-the-cache, Overpass-the-hash, Golden ticket, Silver ticket, ASPREProast, Kerberoast, relayed captured,..

thehacker.recipes/

0
yaracroft

Example of COM hijacking using a proxy DLL

github.com/SolomonSklash/COM-H

0
yaracroft

Certify is a tool to enumerate and abuse misconfigurations in Active Directory Certificate Services

github.com/GhostPack/Certify

0
yaracroft

ForgeCert is a tool to forge certificates for arbitrary users capable of authentication to Active Directory : Forging Certificates with Stolen CA Certificates - DPERSIST1

github.com/GhostPack/ForgeCert

0
yaracroft

Fingerprinting versions, AV, EDR, software agents, cards over the -all without authentication

rumble.run/blog/research-dcerp

0
yaracroft

Spoofing file extensions using Drive and OneDrive

blog.thecybersecuritytutor.com

0
yaracroft

How to Hack APIs in 2021 with Postman API Platform (postman.com)

labs.detectify.com/2021/08/10/

0
yaracroft

ProxyOrcale, which focuses on the Padding Orcale Attack, and ProxyShell, which exploits a Path Confusion vulnerability to achieve arbitrary file write and eventually code execution. This blog assumes readers have read Orange Tsai's slide show and have basic understanding about ProxyLogon

y4y.space/2021/08/12/my-steps-

0
yaracroft

REW-sploit is a tool focused on Metasploit6 x86/x64 payloads/shells + a more generic approach for meterpreter shells. REW-sploit will emulate shellcode, encryption keys will be extracted, parsing the PCAP it will identify the relevant connection, it will decrypt the conversation and it will dump content for further analysis

github.com/REW-sploit/REW-splo

0
Plus anciens

yaracroft recommande :

informatique

2,96K

threats

2,03K

ransomware

1,24K

france

589

vuln

270

europe

125

tools

124

infosec

61

phishing

48
nanao

Comme le soleil, les machines ne se couchent jamais.

Ressources

Développeurs

Qu’est-ce que Mastodon ?

nanao.cybtex.fr

Davantage…