-
#PingCastle 2.8.0.0 released !!! https://pingcastle.com/download/ 4 clicks and 2 <enter>, that what's between you and the hard truth of your AD security. Example of report: https://pingcastle.com/PingCastleFiles/ad_hc_test.mysmartlogon.com.html … github: https://github.com/vletoux/pingcastle … Changelog: https://raw.githubusercontent.com/vletoux/pingcastle/2.8.0.0/changelog.txt …pic.twitter.com/1oQXuIJcdi -
-
#pingcastle helps find this pretty quickly, for free -
Adding
#Pingcastle here
-
Following-up the "printer bug" from
@tifkin_@enigma0x3@harmj0y, I published the powershell/c# code to test if the spooler service is remotely accessible. https://github.com/vletoux/SpoolerScanner … Only raw RPC API used - new scanner included in the next release of#PingCastle cc:@PyroTek3https://twitter.com/harmj0y/status/1049416500065366017 … -
If you like to audit the risk level of
#ActiveDirectory and check for vulnerable practices take a look on#PingCastle. It is free, open sourced and works in disconnected environments as well.#ADSecurity https://www.pingcastle.com pic.twitter.com/Y803aV0KAj
-
http://test.mysmartlogon.com PingCastle 2019-01-19 -
#PingCastle https://nzzl.us/RyQffmN -
#PingCastle 2.4.2.0 https://www.pingcastle.com Sample: https://www.pingcastle.com/PingCastleFiles/ad_hc_test.mysmartlogon.com.html … Added risk & maturity model + various improvements (ms17-010,..)pic.twitter.com/GGp7EtvfZu -
Thanks for sharing this amazing technique. Hopefully no need for complex rpc code to test if the spooler is remotely active via OpenPrinter (https://docs.microsoft.com/en-us/windows/desktop/printdocs/openprinter …). I will definitely add a test/scanner in
#PingCastle. -
Watching
@mysmartlogon demonstrating new features of#PingCastle at#BHEU arsenal, looking forward for official version release :)pic.twitter.com/M8dNogRk9K
-
Very brave: at
#BlueHatIL,@mysmartlogon and@gentilkiwi show domain trust discovery and exploitation in live demo!#PingCastle#mimikatz
#krbtgt#welovegoldentickets pic.twitter.com/KMr7sA6RII
-
Just uploaded a small scanner module to
#PingCastle. Might be useful when you stuck without any local administrator and looking for other privilege escalation vectors. https://github.com/B1t0n/pingcastle …pic.twitter.com/kOyF7u9gIN
-
I wasn't aware you can define a driver entry in HKCU to exploit SeLoadDriverPrivilege (note: as a reminder you can use an expired kernel mode signing certificate to load code in the kernel) Next
#PingCastle version will track the presence of SeLoadDriverPrivilege in GPO. https://twitter.com/DirectoryRanger/status/1068054348247285761 … -
Beta of
#PingCastle 2.8 available here: https://github.com/vletoux/pingcastle/releases/download/2.8.0.0_beta1/PingCastle_2.8.0.0.beta.zip … Key new features: -light & fast permission analysis à la Bloodhound -assess audit policy Check it and submit your feedback ASAP before code freeze next week Anyone can participate (and even fix my spelling mistakes!)pic.twitter.com/CfXGwGJcpj
-
#interesting#bat ->#ps1 (/antivirus.ps1) -> 2#PE (#mimkatz 2.1,#coinminer), 2#powershell (#PingCastle#bot heavy#WMI) /info.7h4uk.com /update.7h4uk.com /185.128.40.102 /185.128.43.62 all server + /ver.txt /antivirus.ps1 /antivirus.php referred to@subTee in php filepic.twitter.com/TvBupufAn0
Prikaži ovu nit -
The "Office of the Under Secretary of Defense" is working on a maturity model named
#CMMC whose draft is available below. https://www.acq.osd.mil/cmmc/draft.html https://www.acq.osd.mil/cmmc/docs/cmmc-draft-model-30aug19.pdf … Still no#PingCastle checklist yet, but there is defintely a thing about maturity in cyber. pic.twitter.com/cmFV9s7caz
-
PingCastle – Get Lively Listing Safety At 80% In 20% Of The Time
#listing#lively#pingcastle#safetyhttps://rootraw.com/pingcastle-get-lively-listing-safety-at-80-in-20-of-the-time/ … -
Located in
#Rome and want to now how to impress Jean-Pierre ? Come this Saturday to#RomHack2019 to see my talk entitled "How to impress your management when you are an Active Directory noob?" https://www.romhack.io/program_en-2019.html … cc:@cybersaiyanIT#PingCastle pic.twitter.com/47qwGSl8xy -
Introduced some people to
#PingCastle,#Bloodhound, http://adsecurity.org and#DSInternals. Lots of fun and some serious hardening. Thanks to you Sean,@mysmartlogon,@MGrafnetter and the@SpecterOps guys for great tools! -
Last weekend I rooted forest
@hackthebox_eu - exploiting two weak windows domain settings. Today I scanned our corporate domain with#PingCastle , found these settings, fully understood why it worked and fixed it. It' amazin when things come together - thanks!
#infosec
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.