Browser exploits don’t always succeed.
In @medioxor's latest blog post, he breaks down Chrome V8 memory corruption exploits and shows how failed attempts can leave detectable artifacts in renderer crash dumps enabling proactive detection.
Check it out ⬇️ https://t.co/DqG3MV5Arg
The biggest problem in #infosec isnt less skilled people or cost of security, its the ego of leadership or top level managers who value their pride so much more over productivity and results, that they are ready to take down the company with them just to bolster their ego.
Howdy!
I am collecting some statistics for a project and wanted to hear from yall.
How many hours does you/your team spend on:
1. Planning/deploying/configuring infrastructure for red team operations
2. creating/configuring payloads for red team operations
Any info helps!
Lol basically bug bounty platform guy that does fuck all is pissed because the customer can get bugs without their platform.
I’ve had many times where I tried to disclose and the company just refers me to their Bugcrowd. We technically should have right to refuse use of any platform to disclose.
🧵Some of my favorite LDAP queries. I let you all infer which tools to use them with. Most of these are from places around the web, nothing new. Just a list.
1. Find all DCs:
(&(objectCategory=Computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))
This was going to be a short post that I wrote up in like an hour yesterday morning, but there seems to be some interest in this so I'll flesh out the idea a bit more after my 40 mile ride today, stay tuned
pretty good collection of exploitation-friendly linux kernel structs: https://t.co/KUfEb9Ks4q
also recommend browsing the kCTF cook book: https://t.co/gWBI0k0OE5
It's crazy how little MFA on an internal network does. I need DUO to RDP to the server.
OK. I'll just use crackmapexec or smbexec and execute everything that way...