Syzik

@SyzikSecu

Pentester | Security enthusiast | CTF player | Archlinux User

Here I am
Vrijeme pridruživanja: svibanj 2016.

Tweetovi

Blokirali ste korisnika/cu @SyzikSecu

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @SyzikSecu

  1. proslijedio/la je Tweet
    24. sij
    Poništi
  2. proslijedio/la je Tweet
    24. sij

    Post-exploitation tip: Do you know how to trivially & remotely hijack an session without prompt nor warning on user's side using signed binary (no patch/multi-session) ? qwinsta+mstsc shadowing is the answer ;) Details:

    Poništi
  3. proslijedio/la je Tweet
    19. sij
    Poništi
  4. proslijedio/la je Tweet
    16. sij
    Poništi
  5. proslijedio/la je Tweet
    22. pro 2019.

    The second part of my Ghidra tutorial series for reversing Windows binaries is up! We look at converting data, function call trees/graphs and the script manager. Along the way, we'll solve CrackMe binaries and a Flare-On 6 CTF challenge:

    Poništi
  6. proslijedio/la je Tweet
    30. stu 2019.

    Benjamin Delpy à Aïe aïe la masterkey 🙃 « vous êtes administrateur du domaine une fois vous récupérez ce secret inchangeable vous récupérez tous les mots de passe des utilisateurs » « compromis 1 fois toutes les forêts à refaire » 👏🏻

    Poništi
  7. proslijedio/la je Tweet
    29. stu 2019.

    Pour le week-end, voici un nouvel article présentant une technique pour lire le contenu d'un dump de lsass **à distance**, évitant ainsi la détection des AV () et le téléchargement de dumps volumineux (80-150Mo). Bon week-end ! 🙃

    Poništi
  8. proslijedio/la je Tweet
    27. stu 2019.

    Check if a server is running any vulnerable services wget https://raw.githubusercontent(.)com/vulnersCom/nmap-vulners/master/vulners.nse -O /usr/share/nmap/scripts/vulners.nse && nmap --script-updatedb All done, now you can do a scan with nmap -sV --script vulners <target>

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    26. stu 2019.

    Simple CrackMapExec module to set targets as "owned" in BloodHound when Pwn3d!

    Poništi
  10. proslijedio/la je Tweet
    22. stu 2019.

    I just published Hacking SAML

    Poništi
  11. proslijedio/la je Tweet
    22. stu 2019.

    Grâce aux gars de , on a une place pour à vous faire gagner Pour participer, RT + Follow et , tirage au sort lundi 25/11 à 12h !

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    2. stu 2019.

    Domain Penetration Testing: Using BloodHound, Crackmapexec, & Mimikatz to get Domain Admin

    Poništi
  13. proslijedio/la je Tweet
    28. lis 2019.

    Did you know: Principals with control of disabled users can re-enable those users. No DA rights or other special rights required. If your attack path includes disabled users, it is STILL valid! In this example, Andrew.Chiles has full control of Chris.Maddalena:

    Poništi
  14. proslijedio/la je Tweet
    27. lis 2019.
    Poništi
  15. proslijedio/la je Tweet
    20. lis 2019.
    Poništi
  16. proslijedio/la je Tweet
    8. lis 2019.

    If you liked the Drop The MIC vulnerability, be sure to check Drop The MIC 2 to see how we bypassed the original fix + an additional vulnerability abusing any client sending LMv2 responses to bypass the MIC, EPA & more.

    Poništi
  17. 8. lis 2019.
    Poništi
  18. 3. lis 2019.
    Poništi
  19. proslijedio/la je Tweet
    17. kol 2019.

    Responder 2.3.4.0 has been released. This version includes a rogue RDP server supporting RDP clients ranging from Windows7 to Windows 10 (tested) and since MSFT recommends enforcing NLA, Responder collects these NLA NTLM hashes :) Enjoy!

    Poništi
  20. proslijedio/la je Tweet
    18. ruj 2019.

    Je viens de finir de bosser sur ça pour les curieux qui se posent des questions sur la sécurité des nouveaux passes Navigo Easy 🙃

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·