Cybersecurity News & Threat Intelligence
Exchange Web Service (EWS) Development Guide
Learn to access Exchange resources using EWS Managed API and SOAP XML. Includes open-source ewsManage code, C# and PowerShell examples for email management.
Penetration Techniques - Obtaining Remote Desktop Connection History on Windows Systems
Learn how to export Remote Desktop connection history on Windows systems for penetration testing, including current user, logged-in users, and all users via registry and PowerShell.
Penetration Techniques - Obtaining Local User Hashes via SAM Database
Learn techniques to extract local user hashes from Windows SAM database using online and offline methods, including mimikatz and syskey decryption.
Study Notes of using SilentCleanup to bypass UAC
Learn how to bypass UAC on Windows 10/8 using SilentCleanup scheduled task. Exploit environment variables to hijack cleanmgr.exe for privilege escalation. Includes defense tips.
Penetration Techniques - Remote Access to Exchange PowerShell
Learn how to remotely access Exchange PowerShell using NTLM authentication, bypassing domain restrictions. Includes Python3 implementation details.
Penetration Basics - Hidden Folders in Exchange User Mailboxes
Learn how to create, access, and delete hidden folders in Exchange mailboxes for penetration testing, with code examples and defense strategies.
Setting Up VMware vCenter Server Vulnerability Debugging Environment
Step-by-step guide to set up VMware vCenter Server vulnerability debugging environment, including SSH file download, enabling debug mode, and remote debugging with IDEA.
Penetration Basics - Port Forwarding and Proxying
Learn port forwarding and proxying techniques for penetration testing, covering forward/reverse connections, Windows/Linux methods, and practical application scenarios.
Penetration Techniques - Extracting Passwords from Dump Files Using Mimilib
Learn to extract passwords from kernel-mode dump files using Mimilib as a WinDbg plugin, including setup, exploitation, and defense tips.
Analysis of UAC Bypass Exploitation by Mocking Trusted Directories
Learn how to bypass UAC by mocking trusted directories using Long UNC and DLL hijacking. Exploit analysis with winsat.exe and payload implementation.
Penetration Techniques - Remote Registry in Windows
Learn how to exploit Remote Registry in Windows for penetration testing, including enabling services, ACL modifications, and backdoor techniques in workgroup and domain environments.
Testing the Permission Vulnerability in TeamViewer 13.0.5058
Testing and analysis of TeamViewer 13.0.5058 permission vulnerability. Includes POC verification, exploit methods, and defense recommendations for unauthorized access.
CIA Hive Beacon Infrastructure Replication 1 - Using Apache mod_rewrite for HTTP Traffic Distribution
Learn to replicate CIA Hive's HTTP traffic distribution using Apache mod_rewrite. Step-by-step guide for Windows and Ubuntu setups with .htaccess rules.
Penetration Techniques - Using PHP Scripts to Obtain Net-NTLM Hash from Browsers
Learn how to use PHP scripts to simulate Net-NTLM authentication and extract client Net-NTLM hashes for penetration testing and security analysis.
Domain Penetration - Obtaining DNS Records
Learn how to obtain DNS records in domain penetration after gaining DNS admin privileges using DNS Manager, dnscmd, and remote methods.
Domain Penetration - Remote Execution via Scripts in GPO
Learn how to perform remote script execution via Group Policy Objects (GPO) in domain environments, including methods using GPMC and command-line tools.
Domain Penetration - AS-REPRoasting
Learn AS-REP Roasting: exploit users without Kerberos preauthentication to extract password hashes, crack with hashcat, and defend your domain.
ProxyShell Exploitation Analysis 2 - CVE-2021-34523
Analysis of ProxyShell's second vulnerability (CVE-2021-34523), covering CommonAccessToken generation and Exchange PowerShell Remoting exploitation techniques.
Analysis of Executing Programs Using rundll32
Learn how rundll32 uses DLLs like url.dll to execute programs via OpenURL and ShellExecute. Includes batch scanning for exploitable DLLs and PowerShell scripts.
Sophos XG Firewall Authentication Bypass Vulnerability (CVE-2022-1040) Exploitation Analysis
Technical deep dive into Sophos XG Firewall CVE-2022-1040 authentication bypass exploit, covering local debugging, OpCode analysis, WAN/VPN exploitation, and mitigation via login disclaimer.