Swissky
|
000d1f9260
|
Merge pull request #426 from CravateRouge/patch-2
Add python check for ZeroLogon
|
2021-10-01 00:58:58 +02:00 |
|
CravateRouge
|
52d83bea5f
|
Add python check for ZeroLogon
|
2021-09-30 23:38:48 +02:00 |
|
CravateRouge
|
1cdd284f5b
|
Add Linux alternatives for GenericWrite abuse
|
2021-09-30 22:17:20 +02:00 |
|
Swissky
|
d2f63406cd
|
IIS + Certi + NetNTLMv1
|
2021-09-16 17:45:29 +02:00 |
|
Swissky
|
3af70155e2
|
DCOM Exec Impacket
|
2021-09-07 14:48:57 +02:00 |
|
Swissky
|
23438cc68e
|
Mitigation NTLMv1
|
2021-09-07 10:22:39 +02:00 |
|
Swissky
|
c8076e99c9
|
Net-NTLMv1 + DriverPrinter
|
2021-09-06 20:58:44 +02:00 |
|
Swissky
|
0f94adafe5
|
ESC2 + Windows Search Connectors - Windows Library Files
|
2021-09-01 14:10:53 +02:00 |
|
Swissky
|
69b99826d2
|
AD CS Attacks
|
2021-08-25 22:14:44 +02:00 |
|
Swissky
|
fde99044c5
|
CS NTLM Relay
|
2021-08-22 23:03:02 +02:00 |
|
Swissky
|
87be30d3b2
|
DB2 Injection + ADCS
|
2021-08-10 23:00:19 +02:00 |
|
Swissky
|
d9d4a54d03
|
RemotePotato0 + HiveNightmare
|
2021-07-26 21:25:56 +02:00 |
|
Swissky
|
3a4bd97762
|
AD CS - Mimikatz / Rubeus
|
2021-07-25 11:40:19 +02:00 |
|
Swissky
|
44735975a5
|
Active Directory update
|
2021-07-12 20:45:16 +02:00 |
|
Swissky
|
175c676f1e
|
Tmux PrivEsc + PrintNightmare update
|
2021-07-12 14:42:18 +02:00 |
|
Alexandre ZANNI
|
e2ff22b136
|
add CVE-2021-34527 + It Was All A Dream scanner
|
2021-07-08 10:40:01 +02:00 |
|
Swissky
|
2f8fc7bbb9
|
PrintNightmare - Mimikatz
|
2021-07-05 21:57:14 +02:00 |
|
Swissky
|
459f4c03fc
|
Dependency Confusion + LDAP
|
2021-07-04 13:32:32 +02:00 |
|
Swissky
|
80816aee31
|
PrintNightmare - #385
|
2021-07-01 14:40:03 +02:00 |
|
Swissky
|
4e95162dc3
|
BadPwdCount attribute + DNS
|
2021-06-28 22:08:06 +02:00 |
|
Swissky
|
85a7ac8a76
|
Shadow Credentials + AD CS Relay + SSSD KCM
|
2021-06-24 15:26:05 +02:00 |
|
Swissky
|
a723a34449
|
PS Transcript + PPLdump.exe
|
2021-05-06 18:26:00 +02:00 |
|
Swissky
|
08b59f2856
|
AD update CME+DCOM
|
2021-04-21 22:27:07 +02:00 |
|
Micah Van Deusen
|
f23de13d96
|
Added method to read gMSA
|
2021-04-10 10:58:05 -05:00 |
|
Swissky
|
0443babe35
|
Relay + MSSQL Read File
|
2021-03-25 18:25:02 +01:00 |
|
Swissky
|
f6b9d63bf8
|
DCOM exploitation and MSSQL CLR
|
2021-03-24 22:26:23 +01:00 |
|
Swissky
|
bd2166027e
|
GMSA Password + Dart Reverse Shell
|
2021-03-24 12:44:35 +01:00 |
|
c14dd49h
|
ca28c69e67
|
Update Active Directory Attack.md
|
2021-02-26 14:14:10 +01:00 |
|
Swissky
|
8d31b7240b
|
Office Attacks
|
2021-02-21 20:17:57 +01:00 |
|
Swissky
|
092083af5c
|
AD - Printer Bug + Account Lock
|
2021-01-29 22:10:22 +01:00 |
|
Swissky
|
3a6ac550b8
|
DSRM Admin
|
2021-01-08 23:41:50 +01:00 |
|
Tim Gates
|
7846225bfd
|
docs: fix simple typo, accound -> account
There is a small typo in Methodology and Resources/Active Directory Attack.md.
Should read `account` rather than `accound`.
|
2020-12-23 09:16:40 +11:00 |
|
Swissky
|
16b207eb0b
|
LAPS Password
|
2020-12-20 21:45:41 +01:00 |
|
Swissky
|
67752de6e9
|
Bronze Bit Attack
|
2020-12-18 22:38:30 +01:00 |
|
Swissky
|
f7e8f515a5
|
Application Escape and Breakout
|
2020-12-17 08:56:58 +01:00 |
|
Swissky
|
73fdd6e218
|
Mimikatz - Elevate token with LSA protection
|
2020-12-09 23:33:40 +01:00 |
|
Swissky
|
19a2950b8d
|
AMSI + Trust
|
2020-12-08 14:31:01 +01:00 |
|
Swissky
|
e13f152b74
|
AD - Recon
|
2020-12-02 18:43:13 +01:00 |
|
Swissky
|
b918095775
|
AzureHound
|
2020-11-24 12:41:34 +01:00 |
|
Swissky
|
bd184487e5
|
NTLM Hashcat
|
2020-11-06 16:20:03 +01:00 |
|
Vincent Gilles
|
0b90094002
|
Fix(Docs): Correcting typos on the repo
|
2020-10-17 22:52:35 +02:00 |
|
Swissky
|
b32f4754d7
|
Keytab + schtasks
|
2020-10-15 12:35:05 +02:00 |
|
@cnagy
|
ec1f89fbe6
|
Updated Responder link and added InveighZero
|
2020-10-02 04:39:09 +00:00 |
|
Swissky
|
1a0e31a05e
|
Zero Logon - Restore pwd
|
2020-09-18 21:21:55 +02:00 |
|
Swissky
|
f4ef56fca0
|
Mimikatz Zerologon + reset pwd
|
2020-09-17 14:05:54 +02:00 |
|
Swissky
|
62678c26ce
|
.NET Zero Logon
|
2020-09-16 14:31:59 +02:00 |
|
Swissky
|
14586e4d7a
|
ZeroLogon via Mimikatz
|
2020-09-16 14:13:40 +02:00 |
|
Swissky
|
e79918bdc2
|
CVE-2020-1472 Unauthenticated domain controller compromise
|
2020-09-14 23:06:09 +02:00 |
|
Swissky
|
cc95f4e386
|
AD - Forest to Forest compromise
|
2020-08-18 09:33:38 +02:00 |
|
Justin Perdok
|
f11c45650b
|
Update Active Directory Attack.md
|
2020-08-17 13:18:30 +00:00 |
|
Justin Perdok
|
1284715128
|
Update Active Directory Attack.md
|
2020-08-17 13:15:33 +00:00 |
|
Justin Perdok
|
6f3f2239fa
|
GenericWrite and Remote Connection Manager
Added content from https://sensepost.com/blog/2020/ace-to-rce/
|
2020-08-17 13:00:04 +00:00 |
|
Swissky
|
33129f2b4c
|
Silver Ticket with services list
|
2020-08-09 19:25:03 +02:00 |
|
Swissky
|
ca9326b5fc
|
Driver Privilege Escalation
|
2020-07-13 15:00:36 +02:00 |
|
Swissky
|
ecf29c2cbe
|
Active Directory - Mitigations
|
2020-06-18 11:55:48 +02:00 |
|
Swissky
|
5323ceb37c
|
SUDO CVE + Windows Drivers PrivEsc
|
2020-05-28 11:19:16 +02:00 |
|
Swissky
|
4ca5e71c2f
|
Bind shell cheatsheet (Fix #194)
|
2020-05-24 14:09:46 +02:00 |
|
Swissky
|
3ed2b28e59
|
Add user /Y + GPO Powerview
|
2020-05-10 23:16:29 +02:00 |
|
Swissky
|
7f1c150edd
|
Mimikatz Summary
|
2020-05-10 16:17:10 +02:00 |
|
Swissky
|
5163ef902c
|
XSS Google Scholar Payload + Skeleton Key Persistence
|
2020-05-03 16:28:17 +02:00 |
|
Swissky
|
af6760ef7a
|
RoadRecon + JSON None refs
|
2020-04-17 16:34:51 +02:00 |
|
Swissky
|
95ab07b45e
|
CloudTrail disable, GraphQL tool
|
2020-03-28 12:01:56 +01:00 |
|
Swissky
|
71a307a86b
|
AWS - EC2 copy image
|
2020-02-29 12:56:00 +01:00 |
|
Swissky
|
74f2dfccca
|
Kerberos Constrained Delegation
|
2020-02-23 21:20:46 +01:00 |
|
Swissky
|
aba6874517
|
Maps API + secretsdump enabled user/pw last set + certutil mimikatz
|
2020-02-06 21:41:29 +01:00 |
|
Swissky
|
be0397fa68
|
BloodHound ZIP + Zero Width space tip
|
2020-01-19 22:46:45 +01:00 |
|
Swissky
|
71171fa78b
|
SSRF exploiting WSGI
|
2020-01-05 22:11:28 +01:00 |
|
Swissky
|
3a9b9529cb
|
Mimikatz - Credential Manager & DPAPI
|
2020-01-05 17:27:02 +01:00 |
|
Swissky
|
73abdeed71
|
Kerberos AD GPO
|
2020-01-05 16:28:00 +01:00 |
|
Swissky
|
b052f78d95
|
Blacklist3r and Machine Key
|
2020-01-02 23:33:04 +01:00 |
|
Swissky
|
0a6ac284c9
|
AdminSDHolder Abuse
|
2019-12-30 19:55:47 +01:00 |
|
Swissky
|
bcb24c9866
|
Abusing Active Directory ACLs/ACEs
|
2019-12-30 14:22:10 +01:00 |
|
Swissky
|
4b10c5e302
|
AD mitigations
|
2019-12-26 12:09:23 +01:00 |
|
Swissky
|
cf5a4b6e97
|
XSLT injection draft
|
2019-12-17 21:13:59 +01:00 |
|
Swissky
|
c60f264664
|
RDP backdoor + RDP session takeover
|
2019-11-26 23:39:14 +01:00 |
|
Swissky
|
06864b0ff8
|
Password spraying rewrite + Summary fix
|
2019-11-25 23:35:20 +01:00 |
|
Swissky
|
3abaa3e23d
|
Linux AD - Keyring, Keytab, CCACHE
|
2019-11-25 23:12:06 +01:00 |
|
Swissky
|
00684a10cd
|
IIS asp shell with .asa, .cer, .xamlx
|
2019-11-16 14:53:42 +01:00 |
|
Swissky
|
639dc9faec
|
.url file in writeable share
|
2019-11-14 23:54:57 +01:00 |
|
Swissky
|
3a384c34aa
|
Password spray + AD summary re-org
|
2019-11-14 23:37:51 +01:00 |
|
Swissky
|
7f266bfda8
|
mitm ipv6 + macOS kerberoasting
|
2019-11-14 23:26:13 +01:00 |
|
Swissky
|
f6d5221a85
|
SID history break trust + Powershell history + SCF files
|
2019-11-07 23:21:00 +01:00 |
|
Swissky
|
24516ca7a1
|
Kubernetes attacks update + ref to securityboulevard
|
2019-11-05 11:05:59 +01:00 |
|
Swissky
|
60050219b7
|
Impersonating Office 365 Users on Azure AD Connect
|
2019-11-04 21:43:44 +01:00 |
|
Swissky
|
727eb5cabd
|
Drop the MIC
|
2019-10-21 23:00:27 +02:00 |
|
Swissky
|
11fc6e4bc5
|
NTLM relay + MS08-068
|
2019-10-20 22:09:36 +02:00 |
|
Swissky
|
ed252df92e
|
krb5.keytab + credential use summary
|
2019-10-20 13:25:06 +02:00 |
|
Swissky
|
7159a3ded3
|
RODC dcsync note + Dumping AD Domain summary
|
2019-10-18 00:07:09 +02:00 |
|
OOP
|
f0af3b4f4d
|
Update Active Directory Attack.md
|
2019-10-15 23:18:07 +07:00 |
|
Swissky
|
5455c30ec7
|
Juicy Potato + XXE update
|
2019-09-08 19:44:51 +02:00 |
|
Swissky
|
8dffb59ac5
|
Pspy + Silver Ticket + MSSQL connect
|
2019-08-18 22:24:48 +02:00 |
|
Swissky
|
4a176615fe
|
CORS Misconfiguration
|
2019-08-18 12:08:51 +02:00 |
|
Swissky
|
b6697d8595
|
SSRF SVG + Windows Token getsystem
|
2019-08-15 18:21:06 +02:00 |
|
Swissky
|
bd449e9cea
|
XSS PostMessage
|
2019-08-03 23:22:14 +02:00 |
|
Swissky
|
6baa446144
|
Directory Traversal CVE 2018 Spring
|
2019-07-27 13:02:16 +02:00 |
|
Swissky
|
657823a353
|
PTH Mitigation + Linux Smart Enumeration
|
2019-07-26 14:24:58 +02:00 |
|
Swissky
|
f6c0f226af
|
PXE boot attack
|
2019-07-25 14:08:32 +02:00 |
|
Swissky
|
859695e2be
|
Update PrivExchange based on chryzsh blog post
|
2019-07-24 14:10:58 +02:00 |
|
Swissky
|
a14b3af934
|
Active Directory - Resource Based Constrained Delegation
|
2019-07-22 21:45:50 +02:00 |
|
Swissky
|
45af613fd9
|
Active Directory - Unconstrained delegation
|
2019-07-17 23:17:35 +02:00 |
|