MSF6

MSF6

Reading Time: 4 minutesMSF (Metasploit) version 6. Network possible detection ? OJ ( @TheColonial ) is a clever guy and a main contributor to the open source project of Metasploit. One of MSF6’s goal is to get rid of Strings in order to fly even lower … so close to...

Lsass Minidump file seen as Malicious by McAfee AV

Reading Time: 3 minutesThe other day, I was shadowing a colleague of me who was doing a red team. The client was running McAfee AV. While the reputation of that AV isn’t the best, it got a bit in the way for a few minutes. After doing a lateral movement, my...

Metasploit URL detection with metatool.py

Reading Time: < 1 minuteDidier Stevens created a great little script called metatool.py You can find it here : https://blog.didierstevens.com/2021/04/18/metatool-py/ In my lab, I have a bro/zeek with a span port which catches the entire outgoing traffic to the...

Custom Tenable plugin

Reading Time: < 1 minuteQuick notes to remember Custom Tenable Custom plugins Adding custom NASL plugins to Tenable Nessus vi custom_feed_info.inccontent =PLUGIN_SET = “202109291526”;PLUGIN_FEED = “Custom”; vi toto.nasl script_id(900005);...

Metasploit valid URL checksum8 ?

Reading Time: < 1 minuteFollowing the really interesting article of Tek : https://www.randhome.io/blog/2020/12/20/analyzing-cobalt-strike-for-fun-and-profit/ Where he described how to get a valid URL for CobaltStrike, I tried to check if it was the same for...

IOC Vulnerable Drivers

Reading Time: 2 minutesYou can download this CSV file here <==== SHA256NameSignerDescription—————————04A85E359525D662338CAE86C1E59B1D7AA9BD12B920E8067503723DC1E03162ADV64DRV.sys”FUJITSU LIMITED...

Shodan searches

Reading Time: < 1 minuteLink for all options : https://beta.shodan.io/search/filters Negate searches can be done with ! Searching via the API is even more simpler and more powerfull. Small example of a script to generate IP list + certs of hosts that match...