Swissky
|
3a4bd97762
|
AD CS - Mimikatz / Rubeus
|
2021-07-25 11:40:19 +02:00 |
|
Swissky
|
44735975a5
|
Active Directory update
|
2021-07-12 20:45:16 +02:00 |
|
Swissky
|
175c676f1e
|
Tmux PrivEsc + PrintNightmare update
|
2021-07-12 14:42:18 +02:00 |
|
Alexandre ZANNI
|
e2ff22b136
|
add CVE-2021-34527 + It Was All A Dream scanner
|
2021-07-08 10:40:01 +02:00 |
|
Swissky
|
2f8fc7bbb9
|
PrintNightmare - Mimikatz
|
2021-07-05 21:57:14 +02:00 |
|
Swissky
|
459f4c03fc
|
Dependency Confusion + LDAP
|
2021-07-04 13:32:32 +02:00 |
|
Swissky
|
80816aee31
|
PrintNightmare - #385
|
2021-07-01 14:40:03 +02:00 |
|
Swissky
|
4e95162dc3
|
BadPwdCount attribute + DNS
|
2021-06-28 22:08:06 +02:00 |
|
Swissky
|
85a7ac8a76
|
Shadow Credentials + AD CS Relay + SSSD KCM
|
2021-06-24 15:26:05 +02:00 |
|
Swissky
|
a723a34449
|
PS Transcript + PPLdump.exe
|
2021-05-06 18:26:00 +02:00 |
|
Swissky
|
08b59f2856
|
AD update CME+DCOM
|
2021-04-21 22:27:07 +02:00 |
|
Micah Van Deusen
|
f23de13d96
|
Added method to read gMSA
|
2021-04-10 10:58:05 -05:00 |
|
Swissky
|
0443babe35
|
Relay + MSSQL Read File
|
2021-03-25 18:25:02 +01:00 |
|
Swissky
|
f6b9d63bf8
|
DCOM exploitation and MSSQL CLR
|
2021-03-24 22:26:23 +01:00 |
|
Swissky
|
bd2166027e
|
GMSA Password + Dart Reverse Shell
|
2021-03-24 12:44:35 +01:00 |
|
c14dd49h
|
ca28c69e67
|
Update Active Directory Attack.md
|
2021-02-26 14:14:10 +01:00 |
|
Swissky
|
8d31b7240b
|
Office Attacks
|
2021-02-21 20:17:57 +01:00 |
|
Swissky
|
092083af5c
|
AD - Printer Bug + Account Lock
|
2021-01-29 22:10:22 +01:00 |
|
Swissky
|
3a6ac550b8
|
DSRM Admin
|
2021-01-08 23:41:50 +01:00 |
|
Tim Gates
|
7846225bfd
|
docs: fix simple typo, accound -> account
There is a small typo in Methodology and Resources/Active Directory Attack.md.
Should read `account` rather than `accound`.
|
2020-12-23 09:16:40 +11:00 |
|
Swissky
|
16b207eb0b
|
LAPS Password
|
2020-12-20 21:45:41 +01:00 |
|
Swissky
|
67752de6e9
|
Bronze Bit Attack
|
2020-12-18 22:38:30 +01:00 |
|
Swissky
|
f7e8f515a5
|
Application Escape and Breakout
|
2020-12-17 08:56:58 +01:00 |
|
Swissky
|
73fdd6e218
|
Mimikatz - Elevate token with LSA protection
|
2020-12-09 23:33:40 +01:00 |
|
Swissky
|
19a2950b8d
|
AMSI + Trust
|
2020-12-08 14:31:01 +01:00 |
|
Swissky
|
e13f152b74
|
AD - Recon
|
2020-12-02 18:43:13 +01:00 |
|
Swissky
|
b918095775
|
AzureHound
|
2020-11-24 12:41:34 +01:00 |
|
Swissky
|
bd184487e5
|
NTLM Hashcat
|
2020-11-06 16:20:03 +01:00 |
|
Vincent Gilles
|
0b90094002
|
Fix(Docs): Correcting typos on the repo
|
2020-10-17 22:52:35 +02:00 |
|
Swissky
|
b32f4754d7
|
Keytab + schtasks
|
2020-10-15 12:35:05 +02:00 |
|
@cnagy
|
ec1f89fbe6
|
Updated Responder link and added InveighZero
|
2020-10-02 04:39:09 +00:00 |
|
Swissky
|
1a0e31a05e
|
Zero Logon - Restore pwd
|
2020-09-18 21:21:55 +02:00 |
|
Swissky
|
f4ef56fca0
|
Mimikatz Zerologon + reset pwd
|
2020-09-17 14:05:54 +02:00 |
|
Swissky
|
62678c26ce
|
.NET Zero Logon
|
2020-09-16 14:31:59 +02:00 |
|
Swissky
|
14586e4d7a
|
ZeroLogon via Mimikatz
|
2020-09-16 14:13:40 +02:00 |
|
Swissky
|
e79918bdc2
|
CVE-2020-1472 Unauthenticated domain controller compromise
|
2020-09-14 23:06:09 +02:00 |
|
Swissky
|
cc95f4e386
|
AD - Forest to Forest compromise
|
2020-08-18 09:33:38 +02:00 |
|
Justin Perdok
|
f11c45650b
|
Update Active Directory Attack.md
|
2020-08-17 13:18:30 +00:00 |
|
Justin Perdok
|
1284715128
|
Update Active Directory Attack.md
|
2020-08-17 13:15:33 +00:00 |
|
Justin Perdok
|
6f3f2239fa
|
GenericWrite and Remote Connection Manager
Added content from https://sensepost.com/blog/2020/ace-to-rce/
|
2020-08-17 13:00:04 +00:00 |
|
Swissky
|
33129f2b4c
|
Silver Ticket with services list
|
2020-08-09 19:25:03 +02:00 |
|
Swissky
|
ca9326b5fc
|
Driver Privilege Escalation
|
2020-07-13 15:00:36 +02:00 |
|
Swissky
|
ecf29c2cbe
|
Active Directory - Mitigations
|
2020-06-18 11:55:48 +02:00 |
|
Swissky
|
5323ceb37c
|
SUDO CVE + Windows Drivers PrivEsc
|
2020-05-28 11:19:16 +02:00 |
|
Swissky
|
4ca5e71c2f
|
Bind shell cheatsheet (Fix #194)
|
2020-05-24 14:09:46 +02:00 |
|
Swissky
|
3ed2b28e59
|
Add user /Y + GPO Powerview
|
2020-05-10 23:16:29 +02:00 |
|
Swissky
|
7f1c150edd
|
Mimikatz Summary
|
2020-05-10 16:17:10 +02:00 |
|
Swissky
|
5163ef902c
|
XSS Google Scholar Payload + Skeleton Key Persistence
|
2020-05-03 16:28:17 +02:00 |
|
Swissky
|
af6760ef7a
|
RoadRecon + JSON None refs
|
2020-04-17 16:34:51 +02:00 |
|
Swissky
|
95ab07b45e
|
CloudTrail disable, GraphQL tool
|
2020-03-28 12:01:56 +01:00 |
|
Swissky
|
71a307a86b
|
AWS - EC2 copy image
|
2020-02-29 12:56:00 +01:00 |
|
Swissky
|
74f2dfccca
|
Kerberos Constrained Delegation
|
2020-02-23 21:20:46 +01:00 |
|
Swissky
|
aba6874517
|
Maps API + secretsdump enabled user/pw last set + certutil mimikatz
|
2020-02-06 21:41:29 +01:00 |
|
Swissky
|
be0397fa68
|
BloodHound ZIP + Zero Width space tip
|
2020-01-19 22:46:45 +01:00 |
|
Swissky
|
71171fa78b
|
SSRF exploiting WSGI
|
2020-01-05 22:11:28 +01:00 |
|
Swissky
|
3a9b9529cb
|
Mimikatz - Credential Manager & DPAPI
|
2020-01-05 17:27:02 +01:00 |
|
Swissky
|
73abdeed71
|
Kerberos AD GPO
|
2020-01-05 16:28:00 +01:00 |
|
Swissky
|
b052f78d95
|
Blacklist3r and Machine Key
|
2020-01-02 23:33:04 +01:00 |
|
Swissky
|
0a6ac284c9
|
AdminSDHolder Abuse
|
2019-12-30 19:55:47 +01:00 |
|
Swissky
|
bcb24c9866
|
Abusing Active Directory ACLs/ACEs
|
2019-12-30 14:22:10 +01:00 |
|
Swissky
|
4b10c5e302
|
AD mitigations
|
2019-12-26 12:09:23 +01:00 |
|
Swissky
|
cf5a4b6e97
|
XSLT injection draft
|
2019-12-17 21:13:59 +01:00 |
|
Swissky
|
c60f264664
|
RDP backdoor + RDP session takeover
|
2019-11-26 23:39:14 +01:00 |
|
Swissky
|
06864b0ff8
|
Password spraying rewrite + Summary fix
|
2019-11-25 23:35:20 +01:00 |
|
Swissky
|
3abaa3e23d
|
Linux AD - Keyring, Keytab, CCACHE
|
2019-11-25 23:12:06 +01:00 |
|
Swissky
|
00684a10cd
|
IIS asp shell with .asa, .cer, .xamlx
|
2019-11-16 14:53:42 +01:00 |
|
Swissky
|
639dc9faec
|
.url file in writeable share
|
2019-11-14 23:54:57 +01:00 |
|
Swissky
|
3a384c34aa
|
Password spray + AD summary re-org
|
2019-11-14 23:37:51 +01:00 |
|
Swissky
|
7f266bfda8
|
mitm ipv6 + macOS kerberoasting
|
2019-11-14 23:26:13 +01:00 |
|
Swissky
|
f6d5221a85
|
SID history break trust + Powershell history + SCF files
|
2019-11-07 23:21:00 +01:00 |
|
Swissky
|
24516ca7a1
|
Kubernetes attacks update + ref to securityboulevard
|
2019-11-05 11:05:59 +01:00 |
|
Swissky
|
60050219b7
|
Impersonating Office 365 Users on Azure AD Connect
|
2019-11-04 21:43:44 +01:00 |
|
Swissky
|
727eb5cabd
|
Drop the MIC
|
2019-10-21 23:00:27 +02:00 |
|
Swissky
|
11fc6e4bc5
|
NTLM relay + MS08-068
|
2019-10-20 22:09:36 +02:00 |
|
Swissky
|
ed252df92e
|
krb5.keytab + credential use summary
|
2019-10-20 13:25:06 +02:00 |
|
Swissky
|
7159a3ded3
|
RODC dcsync note + Dumping AD Domain summary
|
2019-10-18 00:07:09 +02:00 |
|
OOP
|
f0af3b4f4d
|
Update Active Directory Attack.md
|
2019-10-15 23:18:07 +07:00 |
|
Swissky
|
5455c30ec7
|
Juicy Potato + XXE update
|
2019-09-08 19:44:51 +02:00 |
|
Swissky
|
8dffb59ac5
|
Pspy + Silver Ticket + MSSQL connect
|
2019-08-18 22:24:48 +02:00 |
|
Swissky
|
4a176615fe
|
CORS Misconfiguration
|
2019-08-18 12:08:51 +02:00 |
|
Swissky
|
b6697d8595
|
SSRF SVG + Windows Token getsystem
|
2019-08-15 18:21:06 +02:00 |
|
Swissky
|
bd449e9cea
|
XSS PostMessage
|
2019-08-03 23:22:14 +02:00 |
|
Swissky
|
6baa446144
|
Directory Traversal CVE 2018 Spring
|
2019-07-27 13:02:16 +02:00 |
|
Swissky
|
657823a353
|
PTH Mitigation + Linux Smart Enumeration
|
2019-07-26 14:24:58 +02:00 |
|
Swissky
|
f6c0f226af
|
PXE boot attack
|
2019-07-25 14:08:32 +02:00 |
|
Swissky
|
859695e2be
|
Update PrivExchange based on chryzsh blog post
|
2019-07-24 14:10:58 +02:00 |
|
Swissky
|
a14b3af934
|
Active Directory - Resource Based Constrained Delegation
|
2019-07-22 21:45:50 +02:00 |
|
Swissky
|
45af613fd9
|
Active Directory - Unconstrained delegation
|
2019-07-17 23:17:35 +02:00 |
|
Swissky
|
13ba72f124
|
GraphQL + RDP Bruteforce + PostgreSQL RCE
|
2019-07-01 23:29:29 +02:00 |
|
Swissky
|
144b3827ab
|
MS14-068 + /etc/security/opasswd
|
2019-06-29 17:55:13 +02:00 |
|
Swissky
|
9be62677b6
|
Add root user + PHP null byte version
|
2019-06-24 00:21:39 +02:00 |
|
Swissky
|
9745e67465
|
HQL Injection + references update
|
2019-06-16 23:45:52 +02:00 |
|
Swissky
|
f88da43e1c
|
SQL informationschema.processlist + UPNP warning + getcap -ep
|
2019-05-25 18:19:08 +02:00 |
|
Swissky
|
9c2e63818f
|
XSS without parenthesis, semi-colon + Lontara
|
2019-05-15 21:55:17 +02:00 |
|
Swissky
|
b81df17589
|
RFI - Windows SMB allow_url_include = "Off"
|
2019-05-12 22:23:55 +02:00 |
|
Swissky
|
bab04f8587
|
Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp
|
2019-05-12 21:34:09 +02:00 |
|
Swissky
|
765c615efe
|
XSS injection Summary + MSF web delivery
|
2019-05-12 14:22:48 +02:00 |
|
Swissky
|
9dfd7835ea
|
mitm6 + ntlmrelayx
|
2019-04-21 14:08:18 +02:00 |
|
Alex Zeecka
|
4b79b865c9
|
--dc-ip to -dc-ip for psexec cmd
|
2019-04-03 10:45:45 +02:00 |
|
Swissky
|
90b182f10f
|
AD references - Blog Post + SSTI basic config item
|
2019-03-24 16:26:00 +01:00 |
|