Me at the start of every red team:
* I will report as I go
* I will take the most comprehensive notes ever seen
* I will not rely on C2 logs
* screen cap all the things
.....
Me at the end of every red team:
* well shit
The Protected Users Group is one of the most OP Active Directory security protections I wish I knew about earlier🧵
What does it do? Glad you asked:
- Disables NTLM Authentication
- Disables usage of DES or RC4 encryption for Kerberos tickets
- Restricts delegation
+ Much more!
5head is a pentest automation toolset I wrote to help you speed up those repeatable tasks you might perform on any given network pentest.
We've just made v1.0 public, with lots of plans for future functionality and releases.
Check it out⤵️:
https://t.co/Tb7l4XHfjH
@DavidAlvesWeb @_rybaz I am about to go through the mobile challenges on HTB. Can't say how good it is, but HTB hasn't disappointed me yet. Also, John Hammond recently live streamed a Mobile pentest workshop last week if you want to check that out: https://t.co/pp0VNVSBlh
Ever come across a file running on a Linux box that was deleted from the disk? Did you know you can likely use DD to recover the file without any non-standard tools?
LAPSU$ extortion group, the South American group who recently claimed to exfiltrate 1TB of data from NVIDIA and also claimed to have been "hacked back" by NVIDIA, has addressed the rumors and speculation.
Initially LAPSU$ claimed NVIDIA deployed ransomware, here is the truth
403 Forbidden - Game Over? 🕹
Not today, we are having some extra coins to play with 💰
@hasanakajan is not holding back his secrets for you 🕵️♂️
#bugbounty#bugbountytips 👇
Windows Defender AV allows Everyone to read the configured exclusions on the system 🤦
reg query "HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions" /s
#MalwareAnalysis Tip: Why some windows APIs end in "Ex" and "A" or "W"
i.e. CreateWindowExA
Ex Suffix = Microsoft has updated the function and the new function has the Ex suffix ;)
A / W Suffix = Function takes a str as a parameter (A/W depends on ANSI or unicode)
Detection Lab
Collection of Packer & Vagrant scripts that quickly bring a Windows AD online, complete with a collection of endpoint security tooling & logging best practices 😎
WriteUp
https://t.co/fPFp25cBsx
Code
https://t.co/YzQISuZFfg
#infosec#pentest#blueteam#redteam