Active Directory Exploitation Cheat Sheet – A Comprehensive Guide To Enumeration And Attack Methods
.webp "Active Directory Exploitation Cheat Sheet – A Comprehensive Guide To Enumeration And Attack Methods")
This cheat sheet contains common enumeration and attack methods for Windows Active Directory. This cheat sheet is inspired by the PayloadAllTheThings repo. Summary Active Directory Exploitation Cheat Sheet Summary Tools Domain Enumeration Using PowerView Using AD Module Using BloodHound Remote BloodHound On Site BloodHound Using Adalanche Remote adalanche Useful Enumeration Tools Local Privilege Escalation Useful Local Priv Esc Tools Lateral Movement Powershell Remoting Remote Code Execution with PS Credentials Import a PowerShell Module and Execute its Functions Remotely Executing Remote Stateful commands Mimikatz Remote...
Frameless BITB – A New Approach To Phishing Attacks
.webp "Frameless BITB – A New Approach To Phishing Attacks")
A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft. This POC code is built for using this new BITB with Evilginx, and a Microsoft Enterprise phishlet. Before diving deep into this, I recommend that you first check my talk at BSides 2023, where I...
Chista | Open Source Threat Intelligence Framework – Understanding, Predicting, And Defending Against Cyber Threats
.webp "Chista | Open Source Threat Intelligence Framework – Understanding, Predicting, And Defending Against Cyber Threats")
In the ever-evolving landscape of cybersecurity threats, staying one step ahead of malicious actors is crucial. Introducing Chista, an open-source Cyber Threat Intelligence (CTI) Framework designed to equip users with the tools and insights needed to understand, predict, and defend against cyber threats. In this article, we'll delve into how Chista harnesses data from various sources to provide invaluable...
Cybersecurity Content – Unveiling 2024 And Beyond In Exploitation, Vulnerabilities, And Secure Coding
.webp "Cybersecurity Content – Unveiling 2024 And Beyond In Exploitation, Vulnerabilities, And Secure Coding")
In the ever-evolving landscape of cybersecurity, staying informed about the latest trends and developments is crucial. "Cybersecurity Content: 2024 and Beyond" takes you on a journey through the most recent advancements in exploitation, vulnerabilities, and secure coding practices. Dive into a comprehensive overview of the cybersecurity landscape, featuring in-depth analysis and insights from the year 2024 and beyond. Go back...
ChatGPT Source Watch – Unveiling The Chronicles Of ChatGPT
.webp "ChatGPT Source Watch – Unveiling The Chronicles Of ChatGPT")
This meticulously curated repository offers a treasure trove for tracking the historical webpack chunks, along with automation scripts and a detailed changelog, providing transparency and insights into the development journey of ChatGPT. Analyzing the evolution of ChatGPT's codebase through time with curated archives and scripts. Or, to put it more poetically, in the eloquent words of ChatGPT itself: ChatGPT Source Watch is...
V9.7.5 – Local Privilege Escalation : Nuclei Release With CVE Updates And New Templates
.webp "V9.7.5 – Local Privilege Escalation : Nuclei Release With CVE Updates And New Templates")
In our latest release, we have added a significant number of trending CVEs and are excited to announce the addition of new local privilege escalation templates. These valuable contributions come from our community, with a notable contribution from @daffainfo, and are available at Local Privilege Escalation Templates. These templates utilize the newly introduced code protocol, enhancing their capability to detect vulnerabilities more...
Vulnerability Checklist – Comprehensive Guide For Web Applications And Frameworks
.webp "Vulnerability Checklist – Comprehensive Guide For Web Applications And Frameworks")
The security of web applications and frameworks is of paramount importance. To help ensure the safety of your systems, this article presents a comprehensive 'Vulnerability Checklist.' From common misconfigurations to advanced security threats, this checklist covers a wide range of potential vulnerabilities, providing a valuable resource for developers, security professionals, and anyone interested in safeguarding their web assets. This Repo...
X64dbgbinja – Bridging The Gap Between Binary Ninja And X64dbg With An Official Plugin
.webp "X64dbgbinja – Bridging The Gap Between Binary Ninja And X64dbg With An Official Plugin")
The official plugin designed to enhance the synergy between Binary Ninja and x64dbg. In this article, we'll delve into the seamless integration of these powerful reverse engineering tools, showcasing how x64dbgbinja simplifies importing and exporting data between the two platforms. Explore the installation process and discover how to efficiently transfer comments, labels, and symbols, ultimately streamlining your reverse engineering...
v2024.1 – Unlocking The Future With Locksmith
.webp "v2024.1 – Unlocking The Future With Locksmith")
Locksmith takes a significant step forward, addressing ownership issues with newfound automation. This update, led by contributors like @TrimarcJake, @techspence, and @SamErde, introduces key improvements in remediation, installation processes, and code readability. Join us as we delve into the exciting enhancements and known issues in Locksmith's latest version, promising a brighter future for this essential tool Mode 4 Now Fixes...
Afrog – Empowering Bug Bounty, Pentesting, And Red Teaming With A High-Performance Security Tool
.webp "Afrog – Empowering Bug Bounty, Pentesting, And Red Teaming With A High-Performance Security Tool")
In the ever-evolving landscape of cybersecurity, the need for robust tools that aid Bug Bounty programs, Penetration Testing (Pentest), and Red Teaming has never been greater. Enter "afrog," a high-performance vulnerability scanner designed to empower network security professionals. With its versatility, speed, and customizability, afrog is becoming a go-to solution for identifying and addressing vulnerabilities swiftly, ultimately strengthening the...
