How-To

Hunting for SSRF Bugs in PDF Generators

If you’ve been on a website and noticed one of the following features, there’s a good chance you’ve stumbled upon a hot spot for server-side request forgery (SSRF) bugs: Before […]

Read the entire post here

Blue Team, Blue Team Tools, Guest Author, How-To, Informational art, cdr, cloud, falco, ids, realtime, tests

Better Together: Real Time Threat Detection for Kubernetes with Atomic Red Tests & Falco

| Nigel Douglas As a Developer Advocate working on Project Falco, Nigel Douglas plays a key role in driving education for the Open-Source Detection and Response (D&R) segment of cloud-native […]

Read the entire post here

General InfoSec Tips & Tricks, How-To, Informational, Jordan Drysdale Advice from a Help Desk Tech, Networking

The Simplest and Last Internet-Only ACL You’ll Ever Need

tl;dr Implement this ACL using whatever network gear, cloud ACL config, or uncomplicated firewall you use to protect your networks. Our IOT devices are on 10.99.99.0/24 for this example. Also, […]

Read the entire post here

Alyssa Snow, Blue Team, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Red Team Active Directory, ADCS, exploit

Abusing Active Directory Certificate Services (Part 3)

| Alyssa Snow In PART ONE and PART TWO of this blog series, we discussed common misconfigurations of Active Directory certificate templates. In this post, we will walk through exploitation […]

Read the entire post here

Ethan Robish, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101 Personal Security

Rotating Your Passwords After a Password Manager Breach

| Ethan Robish It’s been nearly a year since Lastpass was breached and users’ encrypted vaults were stolen. I had already migrated to a different password manager for all my […]

Read the entire post here

Beau Bullock, How-To, Red Team, Red Team Tools, Steve Borosh Azure, cloud, microsoft365

Introducing GraphRunner: A Post-Exploitation Toolset for Microsoft 365

By Beau Bullock & Steve Borosh TL;DR We built a post-compromise toolset called GraphRunner for interacting with the Microsoft Graph API. It provides various tools for performing reconnaissance, persistence, and […]

Read the entire post here

Alyssa Snow, Blue Team, External/Internal, How-To, Informational, Red Team, Red Team Tools Active Directory, exploit

Abusing Active Directory Certificate Services (Part 2)

Misconfigurations in Active Directory Certificate Services (ADCS) can introduce critical vulnerabilities into an Enterprise Active Directory environment, such as paths of escalation from low privileged accounts to domain administrator.

Read the entire post here

How Attackers Use SSH.exe as a Backdoor Into Your Network (5)

Alyssa Snow, Blue Team, External/Internal, How-To, Informational, Red Team, Red Team Tools Active Directory, exploit

Abusing Active Directory Certificate Services (Part 1)

Active Directory Certificate Services (ADCS) is used for public key infrastructure in an Active Directory environment. ADCS is widely used in enterprise Active Directory environments for managing certificates for systems, users, applications, and more.

Read the entire post here

How-To, Incident Response, Informational, InfoSec 201, Patterson Cake, Phishing csv data, M365, Microsoft 365, SOF-ELK, UAL, Unified Audit Log

Wrangling the M365 UAL with SOF-ELK and CSV Data (Part 3 of 3)

Patterson Cake // PART 1 PART 2 In part one of “Wrangling the M365 UAL,” we talked about acquiring, parsing, and querying UAL data using PowerShell and SOF-ELK. In part […]

Read the entire post here

«‹ 6 7 8 9 ›»