Yann CAM (ycam)
|
e80702d599
|
More details on NetNTLMv1 + typos
More details on NetNTLMv1 + typos
|
2023-07-25 11:31:35 +02:00 |
|
Yann CAM (ycam)
|
4336cb1fd5
|
Update NetNTLMv1 breaking methodology
Add SHuck.Sh/ShuckNT process and details.
|
2023-07-25 11:11:36 +02:00 |
|
Swissky
|
87e6f55e16
|
Error Based XXE - Local DTD
|
2023-07-18 18:23:34 +02:00 |
|
mpgn
|
35b0d672f0
|
Use new offical CME repository
|
2023-06-28 10:12:15 +02:00 |
|
Swissky
|
113afae290
|
AWS EC2 Metadata + SSSD token deobfuscate
|
2023-06-27 15:45:29 +02:00 |
|
Swissky
|
e9c1ce1c09
|
AWS Key Patterns
|
2023-06-22 19:03:06 +02:00 |
|
Swissky
|
b8c803717a
|
WDAC Policy Removal + SSRF domains
|
2023-05-31 14:18:25 +02:00 |
|
Rdbo
|
83b2d80a56
|
fixed typos
|
2023-05-18 01:58:36 +00:00 |
|
Swissky
|
6adfe5d865
|
GraphQL Batching Attacks
|
2023-05-15 19:23:07 +02:00 |
|
Swissky
|
5af6a23a2e
|
DPAPI LocalMachine + BitLocker
|
2023-05-08 17:08:25 +02:00 |
|
m3dsec
|
8156f495fb
|
Add Kerberos CVE-2022-33679 (RC4 Is Still Considered Harmful)
|
2023-04-30 21:45:33 +01:00 |
|
ZkClown
|
0f4d747913
|
Add injection into AD through ldap signing not required and ldap channel binding disabled
|
2023-04-20 15:38:26 +02:00 |
|
ZkClown
|
8b543c80aa
|
Add network scan with pure bash
|
2023-04-20 15:21:48 +02:00 |
|
ZkClown
|
2a4ce78080
|
Add Office execute WinAPI via VBA
|
2023-04-20 15:00:33 +02:00 |
|
ZkClown
|
47df1695a1
|
Add Powerhsell Reflection through Delegate Type and Basic HTML Smuggling
|
2023-04-19 17:59:10 +02:00 |
|
Swissky
|
86cc53244d
|
LOL Drivers
|
2023-04-07 09:22:07 +02:00 |
|
Swissky
|
30d17b4924
|
Fix markdown typo ESC1-9
|
2023-04-05 12:47:47 +02:00 |
|
Swissky
|
0a70636d28
|
ETW Providers
|
2023-04-03 10:48:53 +02:00 |
|
Swissky
|
fddd094ee1
|
LFI iconv and dechunk + ETW + NTDS Dump Rework
|
2023-03-27 22:38:25 +02:00 |
|
Swissky
|
dd0c23f9a2
|
ImageMagick Typo
|
2023-03-19 22:46:56 +01:00 |
|
Swissky
|
723b3213b2
|
Windows Information Protection
|
2023-03-18 19:55:43 +01:00 |
|
Swissky
|
d5729888c3
|
S4U Extension
|
2023-03-11 17:53:16 +01:00 |
|
Swissky
|
b88457367b
|
Active Directory Integrated DNS
|
2023-03-11 11:52:52 +01:00 |
|
Swissky
|
f379b60ef1
|
Web Theme + Credential Guard + PPL
|
2023-03-10 22:14:22 +01:00 |
|
Swissky
|
e43f1527c0
|
JWT rework 0.2: jwks + kid + cve
|
2023-03-07 11:39:39 +01:00 |
|
Swissky
|
2a3d175620
|
GraphQL and JWT rework v0.1
|
2023-03-05 12:05:43 +01:00 |
|
Swissky
|
c9d0878817
|
Kerberos Tickets Dump, Convert, Replay
|
2023-02-21 23:21:22 +01:00 |
|
Swissky
|
2a65b59c01
|
RODC + PAM Trusts
|
2023-02-20 18:44:44 +01:00 |
|
Swissky
|
a38701a7e2
|
MOTD + SpEL injection
|
2023-02-20 17:21:43 +01:00 |
|
Swissky
|
cedf4aa9f6
|
Office Default Passwords + SMBExec
|
2023-02-17 12:01:52 +01:00 |
|
Swissky
|
8442b304c9
|
SMBExec + Refresh & Access Token Azure
|
2023-02-15 17:03:49 +01:00 |
|
Swissky
|
ae46ac0338
|
WMIExec + SharpSCCM
|
2023-02-15 12:33:20 +01:00 |
|
Swissky
|
36e135776f
|
AD Groups + PowerShell Defenses
|
2023-02-14 15:13:41 +01:00 |
|
Swissky
|
f1a85f22b9
|
Windows Defenses
|
2023-02-12 18:17:09 +01:00 |
|
Swissky
|
9a511046ae
|
GPO update timing
|
2023-02-11 20:29:32 +01:00 |
|
Swissky
|
c08949fdc2
|
Github Pages Trigger
|
2023-02-11 20:22:28 +01:00 |
|
Swissky
|
14cc88371d
|
WSL + RDP Passwords + MSPaint Escape
|
2023-02-11 17:49:55 +01:00 |
|
Swissky
|
ccae5a6e09
|
Credentials Rework
|
2023-02-11 12:07:25 +01:00 |
|
Shantanu Kale
|
b03250a4f6
|
Add Training, AzureGoat
|
2023-02-01 09:48:26 +05:30 |
|
Shantanu Kale
|
ce40e39dcc
|
Add AWSGoat
|
2023-02-01 09:46:13 +05:30 |
|
CravateRouge
|
a8bef1873a
|
Add PrintNightmare exploit using WebDAV
|
2023-01-23 17:06:05 +01:00 |
|
CravateRouge
|
230f8c3688
|
Add SSL MITM using OpenSSL
|
2023-01-19 16:33:11 +01:00 |
|
Swissky
|
1a9bfdd86f
|
Merge pull request #614 from Darktortue/patch-zerologon
Added zerologon authentication relay technique
|
2023-01-10 21:11:43 +01:00 |
|
Darktortue
|
8caba394d5
|
Added zerologon authentication relay technique
|
2023-01-10 11:23:45 +01:00 |
|
Swissky
|
b27ba26af9
|
Merge pull request #609 from m3dsec/patch-1
Update bloodyAD.py when enabling DONT_REQ_PREAUTH for ASREPRoast attack.
|
2023-01-10 11:06:07 +01:00 |
|
Jérémy LARDENOIS
|
3a97ad3f41
|
fix: remove docker metasploit installation
|
2023-01-10 08:51:28 +01:00 |
|
Swissky
|
d4742a9688
|
SOCKS Compatibility Table + CORS
|
2023-01-05 01:50:11 +01:00 |
|
m3dsec
|
834c6bca20
|
Update bloodyAD.py when enabling DONT_REQ_PREAUTH for ASREPRoast attack.
|
2023-01-01 14:24:57 +01:00 |
|
Swissky
|
5190829ab4
|
RustHound Examples
|
2022-12-30 11:01:31 +01:00 |
|
hackprogrammatic
|
749420fdd2
|
Update Cloud - AWS Pentest.md
spelling errors, update allows users to easily copy/paste
|
2022-12-07 22:47:41 -06:00 |
|