Swissky
71171fa78b
SSRF exploiting WSGI
2020-01-05 22:11:28 +01:00
Swissky
3a9b9529cb
Mimikatz - Credential Manager & DPAPI
2020-01-05 17:27:02 +01:00
Swissky
73abdeed71
Kerberos AD GPO
2020-01-05 16:28:00 +01:00
Swissky
b052f78d95
Blacklist3r and Machine Key
2020-01-02 23:33:04 +01:00
György Demarcsek
9c188139ec
Added PHP reverse shell
...
This reverse shell payload for PHP works even if `exec` is disabled and/or the new socket is not on fd 3
2020-01-02 19:27:35 +01:00
Swissky
0a6ac284c9
AdminSDHolder Abuse
2019-12-30 19:55:47 +01:00
Swissky
bcb24c9866
Abusing Active Directory ACLs/ACEs
2019-12-30 14:22:10 +01:00
Swissky
4b10c5e302
AD mitigations
2019-12-26 12:09:23 +01:00
Swissky
1535c5f1b3
Kubernetes - Privileged Service Account Token
2019-12-20 11:33:25 +01:00
Swissky
cf5a4b6e97
XSLT injection draft
2019-12-17 21:13:59 +01:00
Swissky
896e262531
Privilege impersonation and GraphQL SQLi
2019-12-11 16:59:14 +01:00
Swissky
6f4a28ef66
Slim RCE + CAP list
2019-12-05 23:06:53 +01:00
Swissky
c60f264664
RDP backdoor + RDP session takeover
2019-11-26 23:39:14 +01:00
Swissky
06864b0ff8
Password spraying rewrite + Summary fix
2019-11-25 23:35:20 +01:00
Swissky
3abaa3e23d
Linux AD - Keyring, Keytab, CCACHE
2019-11-25 23:12:06 +01:00
Swissky
00684a10cd
IIS asp shell with .asa, .cer, .xamlx
2019-11-16 14:53:42 +01:00
Swissky
639dc9faec
.url file in writeable share
2019-11-14 23:54:57 +01:00
Swissky
3a384c34aa
Password spray + AD summary re-org
2019-11-14 23:37:51 +01:00
Swissky
7f266bfda8
mitm ipv6 + macOS kerberoasting
2019-11-14 23:26:13 +01:00
M4x
221b353030
fix invalid link
2019-11-14 16:59:52 +08:00
Swissky
43f185d289
CVE-2019-1322 UsoSvc
2019-11-11 20:31:07 +01:00
Swissky
f6d5221a85
SID history break trust + Powershell history + SCF files
2019-11-07 23:21:00 +01:00
Swissky
24516ca7a1
Kubernetes attacks update + ref to securityboulevard
2019-11-05 11:05:59 +01:00
Swissky
60050219b7
Impersonating Office 365 Users on Azure AD Connect
2019-11-04 21:43:44 +01:00
Dave
775d10c256
Fix awk snippet
...
A small typo in the awk one-liner prevents successful execution of the command.
```
awk: cmd. line:1: warning: remote host and port information (10.0.0.1>, 4242) invalid: Name or service not known
awk: cmd. line:1: fatal: can't open two way pipe `/inet/tcp/0/10.0.0.1>/4242' for input/output (No such file or directory)
```
This commit fixes this :)
2019-11-03 16:07:16 +00:00
Dave
6b22d53257
Fix lua reverse shell quote issue
...
The single quotes around `io.popen` prevented the one-liner to be executed.
This change should fix that :)
2019-10-29 19:31:07 +00:00
Hi15358
34d8853728
Merge pull request #1 from Hi15358/patch-1
...
Patch 1
2019-10-29 16:30:58 +08:00
Swissky
727eb5cabd
Drop the MIC
2019-10-21 23:00:27 +02:00
Swissky
11fc6e4bc5
NTLM relay + MS08-068
2019-10-20 22:09:36 +02:00
Hi15358
b54142c3a2
Update Reverse Shell Cheatsheet.md
2019-10-21 02:35:13 +08:00
Swissky
ed252df92e
krb5.keytab + credential use summary
2019-10-20 13:25:06 +02:00
Swissky
7159a3ded3
RODC dcsync note + Dumping AD Domain summary
2019-10-18 00:07:09 +02:00
OOP
f0af3b4f4d
Update Active Directory Attack.md
2019-10-15 23:18:07 +07:00
Swissky
357658371f
SSRF URL for Google Cloud
2019-10-06 20:59:58 +02:00
Mark
3fb2a9006f
Add Spyse to network discovery
...
1. spyse itself
2. python wrapper - using only a part of the available functionality of spyse, but will be updated very soon.
2019-09-30 15:26:26 +04:00
Swissky
3221197b1e
RCE vBulletin + findomain
2019-09-26 20:41:01 +02:00
Swissky
742e3204d3
SharpPersist - Windows Persistence
2019-09-13 17:38:23 +02:00
Swissky
5455c30ec7
Juicy Potato + XXE update
2019-09-08 19:44:51 +02:00
Swissky
2b1900e046
PrivEsc - sudoers + Upload PHP
2019-09-02 12:36:40 +02:00
Swissky
3ca07aeb7a
Docker Privesc - Unix socket
2019-08-30 17:25:07 +02:00
Alexandre ZANNI
72c54b5c1b
add missing backtick
2019-08-29 09:49:09 +02:00
Swissky
bb305d0183
Network Discovery - Masscan update
2019-08-29 01:08:26 +02:00
Swissky
6c161f26b2
JWT None alternative + MS15-051
2019-08-22 23:03:48 +02:00
David B
3fd0791c2a
Update Linux - Privilege Escalation.md
...
Adding a tool that helps with privilege escalation on linux through SUDO.
2019-08-19 00:55:30 +02:00
Swissky
8dffb59ac5
Pspy + Silver Ticket + MSSQL connect
2019-08-18 22:24:48 +02:00
Swissky
4a176615fe
CORS Misconfiguration
2019-08-18 12:08:51 +02:00
Swissky
b6697d8595
SSRF SVG + Windows Token getsystem
2019-08-15 18:21:06 +02:00
Swissky
bd449e9cea
XSS PostMessage
2019-08-03 23:22:14 +02:00
Swissky
6baa446144
Directory Traversal CVE 2018 Spring
2019-07-27 13:02:16 +02:00
Swissky
98124178db
EoP - Juicy Potato
2019-07-26 15:29:34 +02:00