Saturday, March 21, 2020
Exploring C# Reflection via Managed Code.
Tuesday, February 25, 2020
Potatoes are a consistent way to elevate privilege and they can appear often. This post attempts to look at why the work, and how to use them.
Monday, February 24, 2020
Kerberos is one of the more interesting protocols within Windows.This post attempts to discuss several of the most common exploit paths and countlessly references ADSecurity.
Friday, February 21, 2020
This is probably one of my favourite exploit chains. This post will discuss several ways to execute code whilst relaying Net-NTLM hashes. Standard PowerShell execution to storing the sessions in a SOCKS4 Proxy.
Friday, December 20, 2019
The Windows Antimalware Scan Interface (AMSI) is a versatile interface standard that allows your applications and services to integrate with any antimalware product that’s present on a machine. AMSI provides enhanced malware protection for your end-users and their data, applications, and workloads.
#TIFG: NT (New Technology) LAN Manager
Sunday, December 1, 2019
The ever-growing list of things I took for granted in Windows. This time, NTLM. Just basic NTLM, nothing fancy like Net. wtf is it?
Wednesday, November 13, 2019
The french cat is famous for its ability to tear apart lsass.exe and grab all kinds of wonders from memory. This post will attempt to explain the basics of how, and why, it works by looking through some of its most infamous uses.
Linky: Scraping LinkedIn
Monday, July 1, 2019
There are a lot of ways to scraped LinkedIn. But they all had one missing feature that I wanted. User validation. Using some O365 bugs, Linky is capable of scraping, validatin and visualising users.
#TIFG: Server Message Block
Saturday, June 1, 2019
SMB is another one of those things I took for granted in the world of Windows. This post will break down how SMB communicates and what security it supports.
Friday, May 31, 2019
One of the several posts in my series on things I have taken for granted and not given the time to actually understand. This time, NetBIOS. Wtf is it, actually.