Category: ZeroSec – Adventures In Information Security

BYODC or bring your own domain controller is a post-exploitation technique and another option for performing a DCSync in a more opsec safe manner. This article has been indexed from ZeroSec – Adventures In Information Security Read the original article:…

Read more →

Attack paths and compromising systems are something we, as attackers, thrive in. Many areas of system weakness can be attacked and leveraged to gain a foothold or an upper hand within an environment. This article has been indexed from ZeroSec…

Read more →

Attack paths and compromising systems are something we, as attackers, thrive in. Many areas of system weakness can be attacked and leveraged to gain a foothold or an upper hand within an environment. This article has been indexed from ZeroSec…

Read more →

To this date, phishing is one of the most prevalent first stages of entry to an organisation, a lot of threat actors This article has been indexed from ZeroSec – Adventures In Information Security Read the original article: ZTH-CH4: Hook…

Read more →

To this date, phishing is one of the most prevalent first stages of entry to an organisation, a lot of threat actors This article has been indexed from ZeroSec – Adventures In Information Security Read the original article: ZTH-CH4: Hook…

Read more →

This short blog post explains what each tool does and overviews the use/reason for the release. Release of AutoPoC and SandboxSpy. This article has been indexed from ZeroSec – Adventures In Information Security Read the original article: HoneyPoC is Dead…

Read more →

This short blog post explains what each tool does and overviews the use/reason for the release. Release of AutoPoC and SandboxSpy. This article has been indexed from ZeroSec – Adventures In Information Security Read the original article: HoneyPoC is Dead…

Read more →

Update Audi Maps and Speedcams for free; files and steps are included for Maps 2022/2023. All without the need for OBDeleven or VCDS. This article has been indexed from ZeroSec – Adventures In Information Security Read the original article: Free…

Read more →

Deploy your hacklab using Ansible and Vagrant for fast, repeatable results. Building on the work by @myexploit2600, we’re going to use Ansible and Vagrant to automate the manual steps of constructing a domain and vulnerable users. This article has been…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security This post will walk through various services within the Azure catalogue and look at potential attack paths. Read the original article: Azure Attack Paths: Common Findings and Fixes…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security Exploiting Petit Potam in a different way to force some downgrade and protocol attacks. Read the original article: Chasing the Silver Petit Potam to Domain Admin

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security Exploiting Petit Potam in a different way to force some downgrade and protocol attacks. Read the original article: Chasing the Silver Petit Potam

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security Readers of ZSEC and my Twitter feed, A quick message/explanation. I have published my last two blog posts for a while as I am working on my second…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security I have made it somewhat of a tradition to look back at the previous 12 months in a blog post on the last day of the year or…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security One thing that comes up a lot when it comes to red teaming, penetration testing and breaching a network is being able to proxy traffic into multiple environments.…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security HoneyPoC was a project to look at how popular CVE PoCs could be. AutoPoC took that concept and enabled the mass creation of disinformation. Also, Data is beautiful.…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security I started writing LTR102 a while ago but have decided to release a teaser chapter of the new book for free for folks to check out and feedback…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security Working with ADExplorer as a Red Teamer is really useful for seeing the whole domain in a single snapshot that can be looked at offline. There is minimal…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security Thinking about selling my Mk3 Focus RS in Nitrous Blue, the spec sheet and modifications are listed below, get in touch on twitter if you're interested @ZephrFish. Focus…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security A deep dive into specifics around cobalt strike malleable c2 profiles and key information that is new in cobalt strike 4.4. Read the original article: Understanding Cobalt Strike…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security Some of the problems with Security/Infosec/Insert whatever you want to call this industry here and the discussion around skills shortage plus realisation that the expectation vs reality on…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security Thinking about selling my Mk3 Focus RS in Nitrous Blue, the spec sheet and modifications are listed below, get in touch on twitter if you're interested @ZephrFish. Focus…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security A little guide for locking down a VPS or similar to ensure your SSH connection is as secure as can be. Read the original article: Locking Down SSH…

Read more →

This article has been indexed from ZeroSec – Adventures In Information Security One of the areas that I love when it comes to red/purple engagements is profiling organizations on LinkedIn and GitHub, looking for crucial information that can lead to…

Read more →

Read the original article: Old but Gold – Attack and Defend the Sys Admins Older techniques used in a sysadmin space, weaponised for red teaming and how to detect them from a blue team perspective.   Become a supporter of…

Read more →

Read the original article: Old but Gold – Attack and Defend the Sys Admins Older techniques used in a sysadmin space, weaponised for red teaming and how to detect them from a blue team perspective.   Become a supporter of…

Read more →

Read the original article: Reviving and Refactoring DNS Enum I have been using Lepus for a number of years as it is one of the better subdomain enumeration tools. I integrated some of the lessons learned from DNS Queue and…

Read more →

Read the original article: Paving The Way to DA – Complete Post (Pt 1,2 & 3) As this series is a three part and dives into how to get domain admin in a windows estate using different techniques I found…

Read more →

Read the original article: Pass the Way to DA Pass the X attacks originate from having a piece of information, in these examples this will be a hash, a set of credentials or a Kerberos ticket and then leveraging them…

Read more →

Read the original article: Pass the Way to DA Pass the X attacks originate from having a piece of information, in these examples this will be a hash, a set of credentials or a Kerberos ticket and then leveraging them…

Read more →

Read the original article: Certified Red Team Operator (CRTO) – Red Team Ops I Review TL;DR I passed! & The course was great!   Become a supporter of IT Security News and help us remove the ads. Read the original…

Read more →

Read the original article: 2020 – A year of Ups and Downs This year has been interesting to say the least, a lot has happened and it has been full of great moments but equally upsetting and downer moments.  …

Read more →

Read the original article: Learning The [Defence] Ropes 101 – Splunk Setup & Config As an attacker I come across Splunk a lot but I’ve never deployed it. This blog post will deep dive into deploying it and querying the…

Read more →

Read the original article: Learning The [Defence] Ropes 101 – Splunk Setup & Config As an attacker I come across Splunk a lot but I’ve never deployed it. This blog post will deep dive into deploying it and querying the…

Read more →

Read the original article: My First 2020 [NonTroll] CVE – DLL Hijacking in NVIDIA System Management Interface (SMI) NVIDIA System Management Interface is vulnerable to DLL search order hijacking whereby an attacker can leverage execution to establish persistence on a…

Read more →

Read the original article: My First 2020 [NonTroll] CVE – DLL Hijacking in NVIDIA System Management Interface (SMI) NVIDIA System Management Interface is vulnerable to DLL search order hijacking whereby an attacker can leverage execution to establish persistence on a…

Read more →

Read the original article: ZeroLogon(CVE-2020-1472) – Attacking & Defending A handy walkthrough of CVE-2020-1472 from both a red and blue team perspective, how to detect, patch and hack ZeroLogon   Advertise on IT Security News. Read the original article: ZeroLogon(CVE-2020-1472)…

Read more →

Read the original article: Developing An Effective Security Program This post comes off the back of a series of tweets I made one morning, I decided that after a long thread it was probably better to combine into one post.…

Read more →

Read the original article: Developing An Effective Security Program This post comes off the back of a series of tweets I made one morning, I decided that after a long thread it was probably better to combine into one post.…

Read more →

Read the original article: WTF is Rainbow Teaming? Alternative Title: 50 Shades of Teams Red Team, Blue Team, Purple Team, Black Team… Rainbow team? What are all of these things and what do they all mean? Is this a new…

Read more →

Read the original article: WTF is Rainbow Teaming? Alternative Title: 50 Shades of Teams Red Team, Blue Team, Purple Team, Black Team… Rainbow team? What are all of these things and what do they all mean? Is this a new…

Read more →

Read the original article: HoneyPoC: The fallout data after I trolled the Internet… Following on from a pretty funny post, comes some raw data analysis for the data nerds out there. CVE-2020-1350 honeypoc fallout!   Advertise on IT Security News.…

Read more →

Read the original article: HoneyPoC: The fallout data after I trolled the Internet… Following on from a pretty funny post, comes some raw data analysis for the data nerds out there. CVE-2020-1350 honeypoc fallout!   Advertise on IT Security News.…

Read more →

Read the original article: The Day I Trolled The Entire Internet: An Accidental Research Project on CVE-2020-1350 What do you get if you create a binary, a few bash scripts, a README and excellent timing? CVE-2020-1350   Advertise on IT…

Read more →

Read the original article: The Day I Trolled The Entire Internet: An Accidental Research Project on CVE-2020-1350 What do you get if you create a binary, a few bash scripts, a README and excellent timing? CVE-2020-1350   Advertise on IT…

Read more →

Read the original article: WeegieCast is Progressing David Manuel and Andy Gill present WeegieCast 100% NSFW with some episodes. We’ve made it to 12 episodes so far go check them out https://blog.zsec.uk/dave-andys-weegiecast/ We have a few more guests lined up…

Read more →

Read the original article: Hack The Box Struggle Throughs I’ve been streaming on twitch and uploading to YouTube shortly afterward, therefore here are the first two episodes, I’ll update this post as and when I do more machines!   Advertise…

Read more →