Saturday, April 6, 2019
Depending on the type of engagement, user enumeration may be required at some point. The methods discussed within this post will be quite loud and probably not useful for anything sneaky. But, nevertheless, they work and can help move from an unauthenticated position, to an authenticated one.
Tuesday, December 25, 2018
Worawit wrote a powerful PoC for MS17-010 in Python. This blog discusses making it more flexible and usable for exploiting this vulnerability and getting code execution.