BLOG
Log4j Detection with XDR
A tiny articles to show that I implemented a Log4J scanner into XDR as a script you can run. XDR is not a vulnerability management tool, even do host-insight offers some kind of list of vulnerabilities. I used the original code created by the CERT/CC :...
Windows emtpy Hash
This will be a very very small note article. When running Responder you might have gotten back hashes or while dumping LSASS memory or doing a DCSync. You might have read about the value : AAD3B435B51404EEAAD3B435B51404EE or from the NTDIS file :...
WEC 1 : no Full EDR logging ? Prepare for the worst and hope for the best. Enable sysmon and windows event collection
Part 1 out of 3 WEC = WEF = Windows event collection are different words but are all refering to the same functionality. If there is one thing I've learned over the last year. Hardly nobody has a full proof cybersecurity system. And I read Forensic reports and what...
AD CS/PKI template exploit via PetitPotam and NTLMRelayx, from 0 to DomainAdmin in 4 steps
All links of articles and tools at the bottom of the page There is nothing new i've discovered, this is just a few printscreens of what other people on Twitter were talking and I tested in my Lab to realise the gravity of this ! Since then, I already fixed a...
Metasploit URL detection with metatool.py
Didier Stevens created a great little script called metatool.py You can find it here : https://blog.didierstevens.com/2021/04/18/metatool-py/ In my lab, I have a bro/zeek with a span port which catches the entire outgoing traffic to the Internet. If you simply output...
Custom Tenable plugin
Quick notes to remember Custom Tenable Custom plugins https://avleonov.com/2018/11/05/adding-custom-nasl-plugins-to-tenable-nessus/ vi custom_feed_info.inccontent =PLUGIN_SET = "202109291526";PLUGIN_FEED = "Custom"; vi toto.nasl script_id(900005); pset=`date...