0x8hany

Exclusive: Darktrace is one of the hottest cybersecurity startups in the world and claims to have grown to a $2 billion valuation. But, after speaking with more than two dozen current and former staffers, I learned about some darkness inside Darktrace...https://www.forbes.com/sites/thomasbrewster/2020/02/06/skeletons-in-the-closet-2-billion-cybersecurity-firm-darktrace-haunted-by-characters-from-hps-failed-autonomy-deal …

Red Teamer's Cookbook: BYOI (Bring Your Own Interpreter) https://www.blackhillsinfosec.com/red-teamers-cookbook-byoi-bring-your-own-interpreter/ … via @BHInfoSecurity and @byt3bl33d3r

Endpoint Isolation with the #Windows Firewallhttps://medium.com/@cryps1s/endpoint-isolation-with-the-windows-firewall-462a795f4cfb …

New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZurehttps://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a …

New from @0xthirteen - Revisiting Remote Desktop Lateral Movement This post discusses RDP lateral movement by leveraging mstscax.dll. Steven also is releasing SharpRDP with corresponding detection guidance for this attack technique. Post:https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3 …

If you're playing with Kerberos and want to view the encrypted parts in Wireshark you can do so with a keytab file. Since impacket was missing structures for this I added a script to my forest trust tools repo which easily allows adding multiple keys:https://github.com/dirkjanm/forest-trust-tools …

I made a few additions to the PowerUpSQL wiki cheat sheet regarding authentication options for others who might need it:https://github.com/NetSPI/PowerUpSQL/wiki/PowerUpSQL-Cheat-Sheet …

Servers vulnerable to CVE-2019-19781 by country: United States: 9,880 Germany: 2,510 United Kingdom: 2,028 Switzerland: 1,094 Australia: 1,076 Netherlands: 713 Canada: 682 France: 591 Italy: 568 Norway: 446 All others: 5,533https://docs.google.com/spreadsheets/d/1sJ8-cVyG4vFYq6-MGdapM1eAhUkoXIKlsmuzKdfD9Ys/edit?usp=sharing …

azucar. Security auditing tool for #Azure environmentshttps://github.com/nccgroup/azucar/ …

#OWASP API Security Top 10 2019 is out! It is aimed to educate technology professionals, such as software developers, designers, architects & managers to “create awareness about modern API security issues.” #APISecurity #DevSecOps #OWASPAPITop10https://www.securezoo.com/2020/01/owasp-api-security-top-10-2019-is-out/ …

Here’s my interview today on CNBC:https://www.cnbc.com/video/2020/01/06/irans-key-cybersecurity-threat-is-ransomware-former-nsa-hacker.html?__source=iosappshare%7Ccom.apple.UIKit.activity.CopyToPasteboard …