I released EtwSuite: A Windows native ETW inspection suite for listing providers, reading metadata, parsing manifests, creating sessions, consuming events, and opening ETL files from one place for x64 and ARM64. https://t.co/j3k0fnhGPv
[New @originhq blog+POC]
No PPL? No problem!
SecurityTrace, an undocumented ETW feature, restricts some AutoLogger traces to PPL only — yet we found this current design still allows non-PPL processes to consume from Threat-Intelligence as admin only!
https://t.co/iZyILtbJx8
Just successfully owned "Analytics" on HTB and even created a Proof of Concept (POC) during the process to establish that initial foothold. If you're interested in checking it out, feel free to take a look.
You can find the repository here :
https://t.co/Osi2s2vkw6
I finished reading this course on Activre Directory and it was awesome ! It is very detailed and it links to a lot of interesting articles :
https://t.co/OkpKBfbI6z
"𝐓𝐚𝐬𝐭𝐲 𝐂𝐨𝐨𝐤𝐢𝐞𝐬 🍪": Cookies with a Security Lens 🔎
I studied cookies in-depth and documented everything in Detail! Including various Edge Cases of Cookies / Browsers.
Took me almost a Month! to compile all this.
🥷🏻
𝐓𝐚𝐬𝐭𝐲 𝐂𝐨𝐨𝐤𝐢𝐞𝐬: https://t.co/eqLLxBjdE6
#OSINT Tip:
Did you know you can recover scrubbed metadata from a PDF that wasn't scrubbed properly?
The changes are incremental, and the history is stored in the PDF.
This command removes the "updates" to the PDF metadata:
exiftool -PDF-update:all= file.pdf
I am Excited to share that I've passed the @eLearnSecurity eCPPT Certified Professional Penetration Tester exam!
Big thanks to my friends and the community for their invaluable support and resources. #eCPPT#Cybersecurity#infosec
Need a full AD lab with 20 windows servers +Kali+win logging+sysmon+splunk to test attack techniques and review the resulting telemetry ? Attack Range has your covered in ~30m ⌨️python attack_range.py build
Config🔗https://t.co/vu8AaIuY42
Attack Range 🔗 https://t.co/K5L9AVLp5k