by frank | Nov 16, 2020 | AV, Blue Team, Security
Reading Time: 4 minutesMSF (Metasploit) version 6. Network possible detection ? OJ ( @TheColonial ) is a clever guy and a main contributor to the open source project of Metasploit. One of MSF6’s goal is to get rid of Strings in order to fly even lower … so close to...
by frank | Oct 26, 2020 | AV, Security, Windows
Reading Time: 3 minutesThe other day, I was shadowing a colleague of me who was doing a red team. The client was running McAfee AV. While the reputation of that AV isn’t the best, it got a bit in the way for a few minutes. After doing a lateral movement, my...
by frank | Mar 26, 2020 | Blue Team, Palo Alto, Security, Windows
Reading Time: 4 minutesBefore reading note: for practical reasons (time consuming) not all the printscreen shots have been made with same settings (ip addresses mainly i used once 192.168.150.196 and sometimes 192.168.1.71) For tests i created a simple reverse_http...
by frank | Mar 11, 2022 | Blue Team, Red team, Security, Windows
Reading Time: 3 minutesGithub repo for the tool of Antonio Cocomazzi @splinter_code and Andrea Pierini @decoder_it : https://github.com/antonioCoco/RemotePotato0 Potato what ? In the last few years, we saw tools likes RottenPotato, RottenPotatoN, SweetPotato, Juicy...
by frank | Jan 25, 2022 | Security
Reading Time: < 1 minuteFollowing reading an article from @CyberWarship : https://twitter.com/CyberWarship/status/1485623439633362946 The following test was done in my lab. in a share that users are connected on, create a file called...
by frank | Jan 24, 2022 | Blue Team, Red team, Security, Windows
Reading Time: 6 minutesIn this post, I will explore the RBCD WebClient attack which has been described in many tweets and other forums, but I wanted to understand the main intricasis as I was learning it during a pentest engagement I had the chance to work on. I...
by frank | Dec 30, 2021 | Security
Reading Time: < 1 minuteA tiny articles to show that I implemented a Log4J scanner into XDR as a script you can run. XDR is not a vulnerability management tool, even do host-insight offers some kind of list of vulnerabilities. I used the original code created by...
by frank | Oct 26, 2021 | Security
Reading Time: 2 minutesThis will be a very very small note article. When running Responder you might have gotten back hashes or while dumping LSASS memory or doing a DCSync. You might have read about the value : AAD3B435B51404EEAAD3B435B51404EE or from the NTDIS file...
by frank | Sep 16, 2021 | Security
Reading Time: 4 minutesPart 1 out of 3 If there is one thing I’ve learned over the last year. Hardly nobody has a full proof cybersecurity system. And I read Forensic reports and what comes again and again is …. Translated to simple words. No logs, no...
by frank | Jul 23, 2021 | Blue Team, Pwn, Red team, Security, Windows
Reading Time: 4 minutesAll links of articles and tools at the bottom of the page There is nothing new i’ve discovered, this is just a few printscreens of what other people on Twitter were talking and I tested in my Lab to realise the gravity of this ! Since...
by frank | May 4, 2021 | Blue Team, Palo Alto, Security
Reading Time: < 1 minuteDidier Stevens created a great little script called metatool.py You can find it here : https://blog.didierstevens.com/2021/04/18/metatool-py/ In my lab, I have a bro/zeek with a span port which catches the entire outgoing traffic to the...
by frank | Mar 9, 2021 | Misc, Security
Reading Time: < 1 minuteQuick notes to remember Custom Tenable Custom plugins Adding custom NASL plugins to Tenable Nessus vi custom_feed_info.inccontent =PLUGIN_SET = “202109291526”;PLUGIN_FEED = “Custom”; vi toto.nasl script_id(900005);...
by frank | Mar 1, 2021 | AV, Red team, Security, Windows
Reading Time: 2 minutesUpdated on 2 Nov 2021 with new SentinelOne version 21.6.2.272 A very small little post, of a little experiment I did in my lab. I’ve used the nice and interesting code of Ausurusrex (...
Recent Comments