Remote NTLM relaying through meterpreter on Windows port 445

The hijacking of port 445 to perform relay attacks or hash capturing attacks has been a recurring topic for a while now. When you infect a target with meterpreter, how do you listen on port 445? A few weeks ago this topic resurfaced again in part due to Dirk-jan (@_dirkjan) that saw this question flying … Continue reading “Remote NTLM relaying through meterpreter on Windows port 445"

Link: http://diablohorn.com/2018/08/25/remote-ntlm-relaying-through-meterpreter-on-windows-port-445/

Black Hat & DEF CON 2018 – Tradecraft Security Weekly #28

This is the Hacker Summer Camp 2018 edition of Tradecraft Security Weekly. In this week’s episode Beau Bullock (@dafthack) talks about some of the more interesting items he saw come out of the Black Hat and DEF CON conferences this year. Links: ZigDiggity – https://github.com/BishopFox/zigdiggity Humble Chameleon – https://github.com/claissg/humble_chameleon WHID Injector – https://github.com/whid-injector/WHID Chiron – https://github.com/aatlasis/Chiron ExchangeRelayX blog – https://blog.quickbreach.io/one-click-to-owa/ […]
The post Black Hat & DEF CON 2018 – Tradecraft Security Weekly #28 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/AbyF-hORexc/

Introducing Reneo

Reneo is a Windows tool to help incident responders, forensics specialists, and security researchers analyze and reverse engineer malicious and obfuscated scripts and other content. This tool can convert from/to various formats, transform, deobfuscate, encode/decode, encrypt/decrypt, and hash strings. The … Continue reading →

Link: http://www.kahusecurity.com/2018/06/introducing-reneo/

Creating a ram disk through meterpreter

The magical ‘in memory execution‘ option of meterpreter is of course one of the better options that we as attackers love to use. However if you want to store ‘random files’ in memory or need to execute more complex applications which contain dependencies on other files, there is no ‘in memory’ option for that as … Continue reading “Creating a ram disk through meterpreter"

Link: http://diablohorn.com/2018/08/06/creating-a-ram-disk-through-meterpreter/

UPDATED VERSION: RouterSploit 3.3.0

PenTestIT RSS Feed
Since my last update, this router exploitation framework have gone through a lot of updates. This post is about RouterSploit 3.3.0 code named I Know You Were Trouble. We will also discuss changes made to and an earlier version 3.2.0 to maintain a chain with the hopes that I keep a watch on these coolRead more about UPDATED VERSION: RouterSploit 3.3.0
The post UPDATED VERSION: RouterSploit 3.3.0 appeared first on PenTestIT.

Link: http://pentestit.com/updated-version-routersploit-3-3-0/

UPDATE: OWASP Dependency-Check 3.3.0

PenTestIT RSS Feed
My first post about this open source OWASP project was about an older version. This post discusses the changes made to the open source software composition analysisutilityin the latest release yesterday. This is theOWASP Dependency-Check 3.3.0, which includes a lot of bug fixes and enhancements. What is OWASP Dependency-Check? OWASP dependency-check is a software compositionRead more about UPDATE: OWASP Dependency-Check 3.3.0
The post UPDATE: OWASP Dependency-Check 3.3.0 appeared first on PenTestIT.

Link: http://pentestit.com/update-owasp-dependency-check-3-3-0/

UPDATED VERSION: AutoSploit 2.2

PenTestIT RSS Feed
It has been some days since there was a lot of hue and cry about AutoSploit and eventually everything subsided. I wrote about it in a post titledAutoSploit = Shodan/Censys/Zoomeye + Metasploit too. Recently, an updated an improved updated version – AutoSploit 2.2 was released. This post will try to describe the changes between theRead more about UPDATED VERSION: AutoSploit 2.2
The post UPDATED VERSION: AutoSploit 2.2 appeared first on PenTestIT.

Link: http://feedproxy.google.com/~r/PenTestIT/~3/1YYxIzm27jk/

UPDATE: OWASP Dependency-Check 3.2.1

PenTestIT RSS Feed
My first post about this open source OWASP project was about an older version. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 3.2.1! Actually, this post is also about an older release – OWASP Dependency-Check 3.2.0 which fixes a security vulnerability. WhatRead more about UPDATE: OWASP Dependency-Check 3.2.1
The post UPDATE: OWASP Dependency-Check 3.2.1 appeared first on PenTestIT.

Link: http://pentestit.com/update-owasp-dependency-check-3-2-1/

Wireshark Tutorial and Cheat Sheet

Installation of Wireshark Wireshark will run on a variety of operating systems and is not difficult to get up and running. We will touch on Ubuntu Linux, Centos and Windows. Install on Ubuntu or Debian #apt-get update #apt-get install wireshark tshark Install on Fedora or CentOS #yum install wireshark-gnome Install on Windows Head over to […]
The post Wireshark Tutorial and Cheat Sheet appeared first on HackerTarget.com.

Link: https://hackertarget.com/wireshark-tutorial-and-cheat-sheet/

UPDATE: Sysdig Falco v0.10.0

PenTestIT RSS Feed
Four weeks ago, I posted about Sysdig Falco v0.9.0. A week ago, the open source behavorial activity monitor which has container support was updated to Sysdig Falco v0.10.0. This release includes a number of improvements focused on making Falco easier to deploy, improvements with rules, and improvements in the system call events Falco supports. This release alsoRead more about UPDATE: Sysdig Falco v0.10.0
The post UPDATE: Sysdig Falco v0.10.0 appeared first on PenTestIT.

Link: http://feedproxy.google.com/~r/PenTestIT/~3/zVH1iDbAhjI/