I recently developed and posted about a technique called "First sequence sync", expanding @albinowax's single packet attack.
This technique allowed me to send 10,000 requests in 166ms, which breaks the packet size limitation of the single packet attack.
https://t.co/puM7hZWIlE
New blog: Lateral movement and on-prem NT hash dumping with Microsoft Entra Temporary Access Passes.
Some tips and tricks on abusing TAPs for Windows Hello persistence and NT hash recovery over Cloud Kerberos Trust. https://t.co/h3XHjBhwtz
@tbbhunter Thanks for sharing my guide 👍
I'll probably add some stuff to this guides in the next weeks
Please let me know if you want me to answer specific questions or add some topics to this guide :)
I know a lot of people are always asking about good OSCP study resources. After stumbling onto this while looking for something else, I figured I’d share it in case others might find it useful.
Shout-out to @sgtdede!
https://t.co/rwo89t1KUy
Here is my personal guide for the current OSCP format. The advices you'll find rewarded me a lot during my training.
En: https://t.co/vx8B3c1AdX
Fr: https://t.co/tHtZh5fwNY
Please let me know if you want me to answer specific questions :)
#oscp#Pentesting#redteam
Congratz to @TEHTRIS team for finding 4 #0days on @Oracle E-Business
product:
• CVE-2018-2991
• CVE-2018-2993
• CVE-2018-2996
• CVE-2018-3012
TEHTRIS experts who made it: @sgtdede@n1nj4sec !
Need advanced pentests against complex infrastructures?
Join https://t.co/fMuM8Pe9aK