Carlos Polop
|
f981a6c940
|
a
|
2024-05-02 16:18:32 +02:00 |
|
Carlos Polop
|
b6cfe83fdd
|
f
|
2024-04-18 15:42:29 +02:00 |
|
Carlos Polop
|
fe71d5c6d2
|
f
|
2024-04-18 05:21:24 +02:00 |
|
Carlos Polop
|
e64fdffa7c
|
f
|
2024-04-18 05:13:38 +02:00 |
|
Carlos Polop
|
780b55a21d
|
wi
|
2024-04-18 05:10:20 +02:00 |
|
Mane
|
e8eaf83992
|
Update domain-escalation.md
fix typo
|
2024-04-12 10:15:21 +08:00 |
|
Mane
|
c956226239
|
Add OID Group Link Abuse - ESC13
Reference:
https://posts.specterops.io/adcs-esc13-abuse-technique-fda4272fbd53
https://www.thehacker.recipes/a-d/movement/ad-cs/certificate-templates#issuance-policiy-with-privileged-group-linked-esc13
|
2024-04-09 03:57:01 +08:00 |
|
Mane
|
54632299d1
|
fix typo in domain-escalation.md
|
2024-04-09 03:16:44 +08:00 |
|
Mane
|
f6f017777c
|
Add Shell access to ADCS CA with YubiHSM - ESC12
Reference:
https://pkiblog.knobloch.info/esc12-shell-access-to-adcs-ca-with-yubihsm
https://www.thehacker.recipes/a-d/movement/ad-cs/certificate-authority#shell-access-to-adcs-ca-with-yubihsm-esc12
|
2024-04-09 03:13:19 +08:00 |
|
Mane
|
3f2a13b8f1
|
Add Relaying NTLM to ICPR - ESC11
Reference: https://blog.compass-security.com/2022/11/relaying-to-ad-certificate-services-over-rpc/
|
2024-04-09 02:34:03 +08:00 |
|
Carlos Polop
|
35b3c7ccfe
|
a
|
2024-04-08 00:51:34 +02:00 |
|
Carlos Polop
|
4b64ce2de1
|
w
|
2024-04-08 00:37:55 +02:00 |
|
CPol
|
c55d66804a
|
GITBOOK-4301: No subject
|
2024-04-06 16:25:58 +00:00 |
|
Yassine OUKESSOU
|
1891e8372b
|
small typo
|
2024-04-01 14:25:06 +02:00 |
|
Yassine OUKESSOU
|
2d71374c9f
|
Removing deleted option and adding some clarification to the text
|
2024-04-01 14:03:11 +02:00 |
|
CPol
|
31e7f071f5
|
GITBOOK-4288: change request with no subject merged in GitBook
|
2024-03-29 18:55:33 +00:00 |
|
HackTricks
|
2c57874949
|
Merge pull request #825 from manesec/master
Add more tools and small update mssql
|
2024-03-26 20:16:08 +01:00 |
|
Carlos Polop
|
61e2eb2350
|
a
|
2024-03-26 15:56:40 +01:00 |
|
Yassine OUKESSOU
|
72c787cebb
|
ASREProasting without domain credentials method in asreproast.md
Adding ASrepCatcher tool : ASREProasting without domain credentials method
|
2024-03-24 01:04:09 +01:00 |
|
Mane
|
983b8069c7
|
Update abusing-ad-mssql.md
+ Add `EXEC sp_linkedservers`
Ref: https://database.guide/2-ways-to-return-a-list-of-linked-servers-in-sql-server-using-t-sql/
|
2024-03-18 16:32:25 +08:00 |
|
CPol
|
5b120932f3
|
GITBOOK-4274: change request with no subject merged in GitBook
|
2024-03-17 14:42:04 +00:00 |
|
CPol
|
f3dc05632c
|
GITBOOK-4269: change request with no subject merged in GitBook
|
2024-03-15 21:27:36 +00:00 |
|
Carlos Polop
|
1fcb0ae066
|
a
|
2024-03-15 00:01:13 +01:00 |
|
Carlos Polop
|
944eaa12c9
|
up
|
2024-03-09 14:02:01 +01:00 |
|
CPol
|
8ff32d8f1d
|
GITBOOK-4266: change request with no subject merged in GitBook
|
2024-03-09 12:57:16 +00:00 |
|
cocomelonc
|
d3dda8a77d
|
python for build injectors example: peekaboo
|
2024-02-27 14:00:10 +06:00 |
|
CPol
|
7ae219aa33
|
GITBOOK-4260: change request with no subject merged in GitBook
|
2024-02-26 10:39:43 +00:00 |
|
Carlos Polop
|
0ee2fda1c6
|
Merge pull request #800 from bruno-1337/patch-1
Add another option for SeDebugPrivilege Code Execution
|
2024-02-25 13:21:46 +01:00 |
|
CPol
|
eff83f8dcf
|
GITBOOK-4251: change request with no subject merged in GitBook
|
2024-02-18 14:18:26 +00:00 |
|
Bruno Badaró
|
a48e4a82a5
|
Adding another option for SeDebugPrivilege Code Execution
|
2024-02-16 21:17:30 -03:00 |
|
Mane
|
cd41e781cf
|
Update checklist-windows-privilege-escalation.md
|
2024-02-15 03:15:28 -08:00 |
|
Mane
|
0e796fec20
|
Update checklist-windows-privilege-escalation.md
Upload procdump64.exe to dump firefox's memory from ippsec
https://youtu.be/fmBb6BgLsC8?t=1740
|
2024-02-15 03:12:20 -08:00 |
|
Carlos Polop
|
7aaa08ff92
|
a
|
2024-02-09 01:38:08 +01:00 |
|
Carlos Polop
|
a2ca955cb9
|
a
|
2024-02-09 01:36:13 +01:00 |
|
Carlos Polop
|
10a3b640d6
|
a
|
2024-02-08 04:08:28 +01:00 |
|
Carlos Polop
|
79b80044a8
|
a
|
2024-02-08 04:06:37 +01:00 |
|
Carlos Polop
|
06a639f4af
|
a
|
2024-02-07 05:05:50 +01:00 |
|
Carlos Polop
|
797ab87ac5
|
a
|
2024-02-05 03:29:11 +01:00 |
|
Carlos Polop
|
7cc077db55
|
a
|
2024-02-04 17:10:29 +01:00 |
|
Carlos Polop
|
213f0fc6f6
|
a
|
2024-02-03 17:02:14 +01:00 |
|
Carlos Polop
|
9715b0e8a9
|
Merge pull request #794 from manesec/master
Finding a file in windows and linux base on Creation Time
|
2024-02-02 19:14:41 +01:00 |
|
Carlos Polop
|
8f81059719
|
Merge pull request #792 from wowlolx/master
Fixed netsh command for spaces in SSIDs
|
2024-02-02 19:14:01 +01:00 |
|
Mane
|
d90f632846
|
Update README.md
Finding a newer files with powershell
|
2024-02-01 01:42:07 -08:00 |
|
wowlolx
|
67cb9fdd22
|
Fixed netsh command for spaces in SSIDs
|
2024-01-31 00:15:10 +05:00 |
|
CravateRouge
|
7db7f86212
|
Add asreproast bloodyAD
|
2024-01-18 09:40:35 +00:00 |
|
Carlos Polop
|
f6fafa225b
|
Merge pull request #781 from manesec/master
Update privileged-groups-and-token-privileges.md, fix typo
|
2024-01-13 19:36:57 +01:00 |
|
Paul
|
a7f19cb28b
|
fix certipy command use
|
2024-01-12 17:12:46 +01:00 |
|
Carlos Polop
|
c61eef67c4
|
arte
|
2024-01-12 08:53:44 +01:00 |
|
Mane
|
cb0f65d0ae
|
Update privileged-groups-and-token-privileges.md
- fix typo `dumo` --> `dump`
|
2024-01-11 23:24:52 -08:00 |
|
CPol
|
bdb5a4b010
|
GITBOOK-4230: change request with no subject merged in GitBook
|
2024-01-10 00:59:55 +00:00 |
|