.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Maestro – Revolutionizing Remote Operations With Seamless Azure Integratio
In the evolving landscape of cybersecurity, the ability to conduct sophisticated post-exploitation operations discretely and efficiently is paramount. Enter Maestro, a cutting-edge tool designed to seamlessly interact with Microsoft's Intune and EntraID, enabling operators to execute remote actions without the cumbersome steps typically associated with Azure services. Maestro bypasses traditional barriers such as user password retrieval and complex authentication...
CVE-2024-38077 : A Zero-Click RCE Threat In Windows Server 2025
Earlier this year, we conducted an in-depth analysis of the Windows Remote Desktop Services. Multiple vulnerabilities were discovered, and all related vulnerabilities (56 cases) have been reported to Microsoft. Among them were several Preauth RCE vulnerabilities (Unauthenticated non-sandboxed 0-click RCE) in the Remote Desktop Licensing Service. These vulnerabilities can be used to build multiple Preauth RCE exploitations targeting the...
TrickDump – Evading Detection With Advanced Memory Dump Techniques
TrickDump dumps the lsass process without creating a Minidump file, generating instead 3 JSON and 1 ZIP file with the memory region dumps. In three steps: Lock: Get OS information using RtlGetVersion. Shock: Get SeDebugPrivilege privilege with NtOpenProcessToken and NtAdjustPrivilegeToken, open a handle with NtGetNextProcess and NtQueryInformationProcess and then get modules information using NtQueryInformationProcess and NtReadVirtualMemory. Barrel: Get SeDebugPrivilege privilege, open a...
Red-Teaming-TTPs : A Comprehensive Guide o Tools, Techniques, And Resources
This article provides a treasure trove of resources, including cheatsheets, detailed notes, and automation scripts, tailored for cybersecurity professionals and enthusiasts. Whether you're a beginner or an experienced red teamer, these tools will enhance your skills in simulating cyber attacks and strengthening defenses. Dive into our curated collection and join a community dedicated to advancing cybersecurity through practical, hands-on...
100 Red Team Projects – A Comprehensive Guide For Pentesters And Network Managers
Red Teaming is one of the most attractive fields in offensive security or ethical hacking. Every day professionals and students are learning, creating and exploiting all types of systems. The internet is not only the most common means through which people interact and chat, but also a place where they are constantly exposed to a world where anyone can...
DriverJack – Exploiting NTFS Techniques For Covert Driver Loading
DriverJack is a tool designed to load a vulnerable driver by abusing lesser-known NTFS techniques. These method bypass the registration of a Driver Service on the system by hijacking an existing service, and also spoof the image path presented in the Driver Load event. To further masquerade the presence of a vulnerable driver, the attack also abuses an Emulated Filesystem...
SCCM HTTP Looter – A Deep Dive Into Exploiting Microsoft SCCM via HTTP
SCCM distribution points (DPs) are the servers used by Microsoft SCCM to host all the files used in software installs, patches, script deployments, etc. By default, these servers allow access via SMB (TCP/445) and HTTP/S (TCP/80 and/or TCP/443) and require some type of Windows authentication (i.e. NTLM). The current SCCM DP looting tools rely on the ability to browse SMB...
SHIMME – Manipulating Shim And Office For Code Injection
In the ever-evolving landscape of cybersecurity, DEFCON 32 unveiled pioneering tools that challenge traditional security paradigms. The "ShimMe" talk introduced two groundbreaking tools: the Office Injector and the Shim Injector, each designed to manipulate system processes for elevated security access. This article delves into these sophisticated techniques, offering a glimpse into their mechanisms and implications for system security. Tools from...
Nipe – Pioneering Privacy And Anonymity On The Internet With Tor
The Tor project allows users to surf the Internet, chat and send instant messages anonymously through its own mechanism. It is used by a wide variety of people, companies and organizations, both for lawful activities and for other illicit purposes. Tor has been largely used by intelligence agencies, hacking groups, criminal activities and even ordinary users who care about...
Project Apeman : A Comprehensive Guide To Graph-Based AWS Security Analysis
Project Apeman is an advanced tool for security professionals, designed to streamline the analysis of AWS environments using a graph-based approach. This guide offers detailed instructions on setting up and deploying Project Apeman, including system requirements, installation steps, and data ingestion. Get ready to enhance your security posture with this powerful and efficient tool. System Requirements Tested On Windows 11 Ubuntu 22 12 GB...
