https://onedaysec.com/ daily 1.0 https://onedaysec.com/about monthly 0.6 https://onedaysec.com/contact monthly 0.6 https://onedaysec.com/privacy yearly 0.3 https://onedaysec.com/terms yearly 0.3 https://onedaysec.com/qa weekly 0.7 https://onedaysec.com/news/parallel-development-experience-bought-with-thousands-of-dollars-in-tokens-let-a 2026-04-28T14:39:35.467Z weekly 0.8 https://onedaysec.com/news/penetration-basics-active-directory-information-gathering-2-bypass-av 2026-02-02T08:10:55.256Z weekly 0.8 https://onedaysec.com/news/penetration-basics-running-csvde-on-windows-7 2026-02-02T08:11:12.204Z weekly 0.8 https://onedaysec.com/news/vsphere-development-guide-2-vsphere-web-services-api 2026-02-02T08:11:11.325Z weekly 0.8 https://onedaysec.com/news/penetration-basics-zimbra-version-detection1 2026-02-02T08:20:57.879Z weekly 0.8 https://onedaysec.com/news/use-com-object-hijacking-to-maintain-persistence-hijack-outlook 2026-02-02T08:10:54.509Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-backdoor-exploitation-of-junction-folders-and-library-files 2026-02-02T08:11:28.787Z weekly 0.8 https://onedaysec.com/news/domain-penetration-dns-records-and-machineaccount 2026-02-02T08:11:20.828Z weekly 0.8 https://onedaysec.com/news/loading-net-programs-using-js 2026-02-02T08:12:01.791Z weekly 0.8 https://onedaysec.com/news/penetration-basics-optimization-of-exchange-version-detection 2026-02-02T08:11:57.770Z weekly 0.8 https://onedaysec.com/news/atombombing-exploitation-analysis 2026-02-02T08:11:47.848Z weekly 0.8 https://onedaysec.com/news/domain-penetration-remote-dll-loading-on-dns-server-using-dnscmd 2026-02-02T08:11:42.481Z weekly 0.8 https://onedaysec.com/news/zimbra-soap-api-development-guide-5-email-forwarding 2026-02-02T08:11:42.378Z weekly 0.8 https://onedaysec.com/news/pwn2own-2021-microsoft-exchange-server-vulnerability-cve-2021-31196-exploitation-analysis 2026-02-02T08:11:36.715Z weekly 0.8 https://onedaysec.com/news/bypassing-uac-via-com-component-iarpuninstallstringlauncher 2026-02-02T08:12:06.567Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-deleting-single-windows-log-entries 2026-02-02T08:12:02.405Z weekly 0.8 https://onedaysec.com/news/vsphere-development-guide-4-postgresql 2026-02-02T08:12:32.394Z weekly 0.8 https://onedaysec.com/news/penetration-basics-searching-and-exporting-emails-from-exchange-servers 2026-02-02T08:12:29.145Z weekly 0.8 https://onedaysec.com/news/setting-up-vrealize-operations-manager-vulnerability-debugging-environment 2026-02-02T08:12:22.460Z weekly 0.8 https://onedaysec.com/news/netsh-persistence 2026-02-02T08:12:09.987Z weekly 0.8 https://onedaysec.com/news/penetration-basics-usage-of-wmic 2026-02-02T08:12:06.696Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-creating-hidden-registry-entries 2026-02-02T08:12:34.853Z weekly 0.8 https://onedaysec.com/news/exploitation-testing-of-windows-lnk-remote-code-execution-vulnerability-cve-2017-8464 2026-02-02T08:12:33.421Z weekly 0.8 https://onedaysec.com/news/analysis-of-net-assembly-loading-from-memory-execute-assembly-exploitation 2026-02-02T08:12:32.550Z weekly 0.8 https://onedaysec.com/news/antivirus-evasion-tool-avet-testing-and-analysis 2026-02-02T08:12:42.518Z weekly 0.8 https://onedaysec.com/news/cia-hive-testing-guide-source-code-acquisition-and-brief-analysis 2026-02-02T08:12:39.751Z weekly 0.8 https://onedaysec.com/news/bypassing-firewalls-using-iis-module-functionality 2026-02-02T08:12:35.180Z weekly 0.8 https://onedaysec.com/news/penetration-basics-obtaining-domain-user-login-information 2026-02-02T08:12:43.971Z weekly 0.8 https://onedaysec.com/news/penetration-basics-obtaining-domain-user-password-policies 2026-02-02T08:12:58.134Z weekly 0.8 https://onedaysec.com/news/penetration-basics-choosing-a-suitable-c2-domain 2026-02-02T08:12:55.476Z weekly 0.8 https://onedaysec.com/news/windows-communication-foundation-development-guide-1-enabling-metadata-publishing 2026-02-02T08:12:52.378Z weekly 0.8 https://onedaysec.com/news/use-msbuild-to-do-more 2026-02-02T08:12:48.112Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-obtaining-the-masterkey-in-dpapi-on-windows-systems 2026-02-02T08:12:45.910Z weekly 0.8 https://onedaysec.com/news/webmin-1-920-unauthenticated-rce-cve-2019-15107-exploitation-test 2026-02-02T08:12:44.889Z weekly 0.8 https://onedaysec.com/news/windows-xml-event-log-evtx-single-log-deletion-part-3-deleting-a-single-log-record-from-the-current-system-by-releasing-file-handles 2026-02-02T08:13:11.608Z weekly 0.8 https://onedaysec.com/news/intranet-security-using-nsa-smbtouch-for-batch-detection-of-intranet 2026-02-02T08:13:10.815Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-token-theft-and-exploitation 2026-02-02T08:13:07.979Z weekly 0.8 https://onedaysec.com/news/study-notes-of-wmi-persistence-using-wmic-exe 2026-02-02T08:13:07.389Z weekly 0.8 https://onedaysec.com/news/penetration-basics-using-exchange-autodiscover 2026-02-02T08:13:04.312Z weekly 0.8 https://onedaysec.com/news/steganography-techniques-hiding-payloads-using-png-file-format 2026-02-02T08:15:37.314Z weekly 0.8 https://onedaysec.com/news/windows-shellcode-study-notes-extraction-and-testing-of-shellcode 2026-02-02T08:14:16.556Z weekly 0.8 https://onedaysec.com/news/windows-shellcode-study-notes-bypassing-dep-via-virtualprotect 2026-02-02T08:13:54.255Z weekly 0.8 https://onedaysec.com/news/adaudit-plus-analysis-data-encryption-analysis 2026-02-02T08:13:38.385Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-running-masscan-and-nmap-on-windows-platform 2026-02-02T08:13:36.415Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-access-control-list-in-windows 2026-02-02T08:13:34.803Z weekly 0.8 https://onedaysec.com/news/study-notes-weekly-no-1-monitor-wmi-exportstoc-use-diskcleanup-bypass-uac 2026-02-02T08:13:25.772Z weekly 0.8 https://onedaysec.com/news/setting-up-veeam-backup-replication-vulnerability-debugging-environment 2026-02-02T08:13:24.303Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-establishing-tunnels-using-remote-desktop-protocol 2026-02-02T08:13:22.332Z weekly 0.8 https://onedaysec.com/news/exchange-web-service-ews-development-guide-6-requests-ntlm 2026-02-02T08:10:35.991Z weekly 0.8 https://onedaysec.com/news/analysis-and-summary-of-bypassing-applocker-using-assembly-load-loadfile 2026-02-02T08:10:55.498Z weekly 0.8 https://onedaysec.com/news/invoke-psimage-utilization-analysis 2026-02-02T08:11:01.537Z weekly 0.8 https://onedaysec.com/news/penetration-basics-obfuscating-strings-using-unicode-encoding 2026-02-02T07:54:07.995Z weekly 0.8 https://onedaysec.com/news/penetration-basics-reading-emails-using-the-imap-protocol 2026-02-02T07:54:14.201Z weekly 0.8 https://onedaysec.com/news/testing-and-analysis-of-bypassing-applocker-using-lua-scripts 2026-02-02T07:54:23.934Z weekly 0.8 https://onedaysec.com/news/penetration-basics-extension-of-exchange-one-liner-backdoor1 2026-02-02T08:08:21.330Z weekly 0.8 https://onedaysec.com/news/setting-up-goanywhere-managed-file-transfer-vulnerability-debugging-environment 2026-02-02T08:07:54.289Z weekly 0.8 https://onedaysec.com/news/zimbra-soap-api-development-guide-6-pre-authentication1 2026-02-02T08:07:45.479Z weekly 0.8 https://onedaysec.com/news/exchange-web-service-ews-development-guide-5-exchangelib 2026-02-02T07:53:04.350Z weekly 0.8 https://onedaysec.com/news/domain-penetration-method-to-export-all-domain-user-hashes-using-dcsync 2026-02-02T07:53:05.690Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-usn-journal-of-ntfs-files-in-windows 2026-02-02T07:53:19.971Z weekly 0.8 https://onedaysec.com/news/domain-penetration-obtaining-dns-records-with-regular-user-privileges 2026-02-02T07:53:25.101Z weekly 0.8 https://onedaysec.com/news/proxyshell-exploitation-analysis-3-adding-users-and-file-writing 2026-02-02T07:53:37.445Z weekly 0.8 https://onedaysec.com/news/mimilib-usage-analysis 2026-02-02T07:55:17.713Z weekly 0.8 https://onedaysec.com/news/study-notes-weekly-no-4-use-tracker-to-load-dll-use-csi-to-bypass-umci-execute-c-from-xslt-file 2026-02-02T07:55:19.830Z weekly 0.8 https://onedaysec.com/news/advanced-exploitation-techniques-for-hidden-alternative-data-streams 2026-02-02T07:55:24.456Z weekly 0.8 https://onedaysec.com/news/analysis-of-cve-2017-8360-keylogger-in-hp-audio-driver-exploitation 2026-02-02T07:55:26.517Z weekly 0.8 https://onedaysec.com/news/server-backup-manager-vulnerability-debugging-environment-setup 2026-02-02T07:55:32.619Z weekly 0.8 https://onedaysec.com/news/penetration-basics-obtaining-active-directory-information 2026-02-02T07:55:40.769Z weekly 0.8 https://onedaysec.com/news/use-powershell-to-find-a-writable-windows-service 2026-02-02T07:55:44.901Z weekly 0.8 https://onedaysec.com/news/use-waitfor-exe-to-maintain-persistence 2026-02-02T07:55:45.642Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-using-netsh-to-capture-ntlmv2-hash-from-file-server-connections 2026-02-02T07:55:47.739Z weekly 0.8 https://onedaysec.com/news/steganography-techniques-lsb-steganography-in-png-files 2026-02-02T07:55:49.774Z weekly 0.8 https://onedaysec.com/news/zimbra-soap-api-development-guide-3-email-operations 2026-02-02T07:55:01.191Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-extracting-plaintext-credentials-from-remote-desktop-client 2026-02-02T07:55:06.330Z weekly 0.8 https://onedaysec.com/news/penetration-basics-the-password-never-expires-attribute-for-domain-users 2026-02-02T07:55:06.456Z weekly 0.8 https://onedaysec.com/news/implanting-backdoors-into-dll-files-using-bdf 2026-02-02T07:55:11.380Z weekly 0.8 https://onedaysec.com/news/test-analysis-of-privilege-escalation-using-alwaysinstallelevated 2026-02-02T07:55:13.058Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-acquisition-and-clearing-of-windows-system-file-execution-records 2026-02-02T07:54:57.366Z weekly 0.8 https://onedaysec.com/news/application-of-password-filter-dll-in-penetration-testing 2026-02-02T07:54:28.697Z weekly 0.8 https://onedaysec.com/news/proxyoracle-exploitation-analysis-2-cve-2021-31196 2026-02-02T07:54:36.678Z weekly 0.8 https://onedaysec.com/news/domain-penetration-using-machineaccount-to-achieve-dcsync 2026-02-02T07:54:49.316Z weekly 0.8 https://onedaysec.com/news/java-exploitation-techniques-modifying-properties-via-reflection 2026-02-02T07:54:54.131Z weekly 0.8 https://onedaysec.com/news/analysis-of-invoke-wscriptbypassuac-exploitation-in-empire 2026-02-02T07:53:43.470Z weekly 0.8 https://onedaysec.com/news/analysis-of-apt34-leaked-tools-jason 2026-02-02T07:53:33.520Z weekly 0.8 https://onedaysec.com/news/analysis-of-backdoor-exploitation-in-gootkit-banking-trojan 2026-02-02T07:53:38.445Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-pass-the-hash-with-remote-desktop-restricted-admin-mode 2026-02-02T08:05:51.834Z weekly 0.8 https://onedaysec.com/news/analysis-of-exploitation-techniques-for-loading-net-assemblies-from-memory-assembly-load 2026-02-02T07:56:47.950Z weekly 0.8 https://onedaysec.com/news/windows-shellcode-study-notes-exploitation-and-optimization-of-shellcode-in-stack-overflow 2026-02-02T07:56:26.574Z weekly 0.8 https://onedaysec.com/news/exchange-web-service-ews-development-guide-2-soap-xml-message 2026-02-02T07:55:57.295Z weekly 0.8 https://onedaysec.com/news/analysis-introduction-of-war3-map-vulnerability 2026-02-02T07:55:57.123Z weekly 0.8 https://onedaysec.com/news/zimbra-soap-api-development-guide-4-email-export-and-folder-sharing 2026-02-02T07:55:51.242Z weekly 0.8 https://onedaysec.com/news/implanting-backdoors-into-exe-files-using-bdf 2026-02-02T07:34:01.254Z weekly 0.8 https://onedaysec.com/news/domain-penetration-executing-programs-on-remote-systems-using-dcom 2026-02-02T07:33:55.341Z weekly 0.8 https://onedaysec.com/news/domain-penetration-remote-execution-via-scheduled-tasks-in-gpo-command-line-implementation-principles-and-script-details 2026-02-02T07:33:53.526Z weekly 0.8 https://onedaysec.com/news/penetration-basics-command-line-implementation-for-reading-exchange-emails-via-outlook-web-access-owa 2026-02-02T07:33:53.354Z weekly 0.8 https://onedaysec.com/news/use-excel-application-objects-registerxll-method-to-load-dll 2026-02-02T07:33:52.289Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-methods-to-obtain-exchange-globaladdresslist 2026-02-02T07:33:51.243Z weekly 0.8 https://onedaysec.com/news/confluence-usage-guide 2026-02-02T07:33:42.963Z weekly 0.8 https://onedaysec.com/news/pupy-exploitation-analysis-features-on-windows-platform 2026-02-02T07:33:41.497Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-lateral-movement-via-wsus 2026-02-02T07:33:35.351Z weekly 0.8 https://onedaysec.com/news/penetration-basics-brute-forcing-domain-user-passwords-via-ldap-protocol 2026-02-02T07:33:33.260Z weekly 0.8 https://onedaysec.com/news/custom-script-development-in-the-local-password-viewing-tool-lazagne 2026-02-02T07:33:32.491Z weekly 0.8 https://onedaysec.com/news/expansion-of-techniques-for-exploiting-simulated-trusted-directories 2026-02-02T07:33:31.939Z weekly 0.8 https://onedaysec.com/news/cat-file-digital-signature-usage-techniques 2026-02-02T07:33:26.781Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-pass-the-hash-with-exchange-web-service 2026-02-02T07:33:25.357Z weekly 0.8 https://onedaysec.com/news/use-office-to-maintain-persistence 2026-02-02T07:36:37.981Z weekly 0.8 https://onedaysec.com/news/penetration-basics-methods-to-continuously-obtain-exchange-user-inbox-emails 2026-02-02T07:35:25.372Z weekly 0.8 https://onedaysec.com/news/sophos-xg-vulnerability-debugging-environment-setup 2026-02-02T07:34:39.223Z weekly 0.8 https://onedaysec.com/news/authenticode-signature-forgery-pe-file-signature-forgery-and-signature-verification-hijacking 2026-02-02T07:34:21.870Z weekly 0.8 https://onedaysec.com/news/sophos-utm-analysis-clearing-last-webadmin-sessions-records 2026-02-02T07:34:19.954Z weekly 0.8 https://onedaysec.com/news/use-clr-to-bypass-uac 2026-02-02T07:34:17.376Z weekly 0.8 https://onedaysec.com/news/use-com-object-hijacking-to-maintain-persistence-hijack-explorer-exe 2026-02-02T07:40:51.969Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-bypassing-windows-command-line-process-auditing 2026-02-02T07:40:49.836Z weekly 0.8 https://onedaysec.com/news/use-msdtc-to-maintain-persistence 2026-02-02T07:40:48.398Z weekly 0.8 https://onedaysec.com/news/analysis-of-apt34-leaked-tools-poisonfrog-and-glimpse 2026-02-02T07:40:18.371Z weekly 0.8 https://onedaysec.com/news/exchange-web-service-ews-development-guide-4-auto-downloader 2026-02-02T07:40:16.552Z weekly 0.8 https://onedaysec.com/news/pupy-exploitation-analysis-screen-control-on-windows-platform 2026-02-02T07:41:06.445Z weekly 0.8 https://onedaysec.com/news/usage-of-ssp-in-mimikatz 2026-02-02T07:41:02.836Z weekly 0.8 https://onedaysec.com/news/vsphere-development-guide-5-ldap 2026-02-02T07:40:52.588Z weekly 0.8 https://onedaysec.com/news/domain-penetration-obtaining-the-ntds-dit-file-from-domain-controller-servers 2026-02-02T07:41:26.741Z weekly 0.8 https://onedaysec.com/news/implementing-ie-browser-hijacking-using-bho 2026-02-02T07:41:26.478Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-acquisition-and-brute-force-of-pptp-passwords 2026-02-02T07:41:25.232Z weekly 0.8 https://onedaysec.com/news/exploitation-analysis-of-executing-shellcode-via-boolang-language 2026-02-02T07:41:24.206Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-information-retrieval-from-windows-credential-manager 2026-02-02T07:41:23.736Z weekly 0.8 https://onedaysec.com/news/windows-xml-event-log-evtx-single-log-entry-deletion-part-4-deleting-a-single-log-record-from-the-current-system-by-obtaining-log-file-handle-via-injection 2026-02-02T07:41:22.821Z weekly 0.8 https://onedaysec.com/news/study-notes-weekly-no-3-use-odbcconf-to-load-dll-get-exports-etw-usb-keylogger 2026-02-02T07:41:19.176Z weekly 0.8 https://onedaysec.com/news/implementation-of-sekurlsa-wdigest-in-mimikatz 2026-02-02T07:41:11.195Z weekly 0.8 https://onedaysec.com/news/office-backdoor-implemented-using-vsto 2026-02-02T07:41:09.175Z weekly 0.8 https://onedaysec.com/news/dotnet-deserialization-program-implementation-for-generating-viewstate 2026-02-02T07:41:38.971Z weekly 0.8 https://onedaysec.com/news/mailenable-development-guide 2026-02-02T07:41:37.824Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-lateral-movement-from-vmware-esxi-to-windows-virtual-machines 2026-02-02T07:41:30.761Z weekly 0.8 https://onedaysec.com/news/use-msxsl-to-bypass-applocker 2026-02-02T07:41:26.913Z weekly 0.8 https://onedaysec.com/news/study-notes-of-using-bginfo-to-bypass-application-whitelisting 2026-02-02T07:42:26.419Z weekly 0.8 https://onedaysec.com/news/automated-dll-hijacking-vulnerability-identification-tool-rattler-testing 2026-02-02T07:42:24.129Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-accessing-internal-file-shares-via-exchange-activesync 2026-02-02T07:42:10.156Z weekly 0.8 https://onedaysec.com/news/domain-penetration-kerberoasting 2026-02-02T07:42:05.942Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-multiple-methods-for-downloading-files-from-github 2026-02-02T07:41:58.918Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-further-testing-on-hidden-registry 2026-02-02T07:41:58.449Z weekly 0.8 https://onedaysec.com/news/reverse-analysis-using-ida-for-dynamic-debugging-of-tasksche-exe-in-wanacrypt0r 2026-02-02T07:41:42.079Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-account-hiding-in-windows-systems 2026-02-02T07:41:40.935Z weekly 0.8 https://onedaysec.com/news/exchange-web-service-ews-development-guide 2026-02-02T07:42:51.952Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-obtaining-remote-desktop-connection-history-on-windows-systems 2026-02-02T07:32:24.974Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-obtaining-local-user-hashes-via-sam-database 2026-02-02T07:32:21.554Z weekly 0.8 https://onedaysec.com/news/study-notes-of-using-silentcleanup-to-bypass-uac 2026-02-02T07:32:18.000Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-remote-access-to-exchange-powershell 2026-02-02T07:21:58.132Z weekly 0.8 https://onedaysec.com/news/penetration-basics-hidden-folders-in-exchange-user-mailboxes 2026-02-02T07:21:55.645Z weekly 0.8 https://onedaysec.com/news/setting-up-vmware-vcenter-server-vulnerability-debugging-environment 2026-02-02T07:21:40.112Z weekly 0.8 https://onedaysec.com/news/penetration-basics-port-forwarding-and-proxying 2026-02-02T07:21:35.456Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-extracting-passwords-from-dump-files-using-mimilib 2026-02-02T07:32:55.635Z weekly 0.8 https://onedaysec.com/news/analysis-of-uac-bypass-exploitation-by-mocking-trusted-directories 2026-02-02T07:32:54.085Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-remote-registry-in-windows 2026-02-02T07:32:51.682Z weekly 0.8 https://onedaysec.com/news/testing-the-permission-vulnerability-in-teamviewer-13-0-5058 2026-02-02T07:32:48.975Z weekly 0.8 https://onedaysec.com/news/cia-hive-beacon-infrastructure-replication-1-using-apache-mod-rewrite-for-http-traffic-distribution 2026-02-02T07:32:48.049Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-using-php-scripts-to-obtain-net-ntlm-hash-from-browsers 2026-02-02T07:32:47.808Z weekly 0.8 https://onedaysec.com/news/domain-penetration-obtaining-dns-records 2026-02-02T07:32:44.600Z weekly 0.8 https://onedaysec.com/news/domain-penetration-remote-execution-via-scripts-in-gpo 2026-02-02T07:32:41.049Z weekly 0.8 https://onedaysec.com/news/domain-penetration-as-reproasting 2026-02-02T07:32:34.583Z weekly 0.8 https://onedaysec.com/news/proxyshell-exploitation-analysis-2-cve-2021-34523 2026-02-02T07:32:32.993Z weekly 0.8 https://onedaysec.com/news/analysis-of-executing-programs-using-rundll32 2026-02-02T07:32:31.295Z weekly 0.8 https://onedaysec.com/news/sophos-xg-firewall-authentication-bypass-vulnerability-cve-2022-1040-exploitation-analysis 2026-02-02T07:32:30.568Z weekly 0.8 https://onedaysec.com/news/penetration-basics-obtaining-the-list-of-installed-programs-on-the-current-system 2026-02-02T07:32:29.035Z weekly 0.8 https://onedaysec.com/news/outlook-mapi-development-guide 2026-02-02T07:32:26.437Z weekly 0.8 https://onedaysec.com/news/sharpgen-utilization-analysis 2026-02-02T07:32:25.394Z weekly 0.8 https://onedaysec.com/news/use-clr-to-maintain-persistence 2026-02-02T07:33:11.047Z weekly 0.8 https://onedaysec.com/news/vmware-workspace-one-access-vulnerability-debugging-environment-setup 2026-02-02T07:33:10.788Z weekly 0.8 https://onedaysec.com/news/catalog-signature-forgery-long-unc-filename-spoofing 2026-02-02T07:33:10.435Z weekly 0.8 https://onedaysec.com/news/phishing-credentials-via-basic-authentication-phishery-exploitation-test 2026-02-02T07:33:09.503Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-exploitation-of-clipboard-in-windows 2026-02-02T07:33:07.379Z weekly 0.8 https://onedaysec.com/news/use-com-object-hijacking-to-maintain-persistence-hijack-caccpropservicesclass-and-mmdeviceenumerator 2026-02-02T07:33:05.376Z weekly 0.8 https://onedaysec.com/news/penetration-technique-extracting-user-plaintext-passwords-via-credssp 2026-02-02T07:33:02.078Z weekly 0.8 https://onedaysec.com/news/windows-event-viewer-log-evt-single-log-deletion-part-3-deleting-evt-log-records-for-a-specified-time-period-on-the-current-system 2026-02-02T07:28:47.732Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-enabling-anonymous-access-shares-on-windows-systems-via-command-line 2026-02-02T07:28:36.659Z weekly 0.8 https://onedaysec.com/news/analysis-of-windows-backdoor-exploitation-methods-in-cia-vault7-rdb 2026-02-02T07:27:57.403Z weekly 0.8 https://onedaysec.com/news/windows-event-viewer-log-evt-single-log-deletion-part-2-program-implementation-for-deleting-log-records-within-a-specified-time-range-from-evt-files 2026-02-02T07:29:22.906Z weekly 0.8 https://onedaysec.com/news/domain-penetration-adminsdholder 2026-02-02T07:29:22.339Z weekly 0.8 https://onedaysec.com/news/domain-penetration-implementation-of-pass-the-hash 2026-02-02T07:29:14.105Z weekly 0.8 https://onedaysec.com/news/windows-xml-event-log-evtx-single-log-deletion-part-2-program-implementation-for-deleting-single-log-records-in-evtx-files 2026-02-02T07:29:47.969Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-clearing-single-records-in-recentfilecache-bcf-and-amcache-hve 2026-02-02T07:29:46.153Z weekly 0.8 https://onedaysec.com/news/expansion-on-the-exploitation-of-lateral-movement-scm-and-dll-hijacking-primer 2026-02-02T07:29:42.907Z weekly 0.8 https://onedaysec.com/news/gadgettojscript-exploitation-analysis 2026-02-02T07:29:42.141Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-obtaining-powershell-command-history 2026-02-02T07:29:36.625Z weekly 0.8 https://onedaysec.com/news/loading-pe-files-into-memory-via-net 2026-02-02T07:29:35.496Z weekly 0.8 https://onedaysec.com/news/zimbra-deserialization-vulnerability-cve-2019-6980-exploitation-test 2026-02-02T07:29:51.643Z weekly 0.8 https://onedaysec.com/news/windows-xml-event-log-evtx-single-log-entry-deletion-part-5-deleting-a-single-log-entry-from-the-current-system-by-obtaining-log-file-handle-via-duplicatehandle 2026-02-02T07:29:51.120Z weekly 0.8 https://onedaysec.com/news/exchange-web-service-ews-development-guide-3-soap-xml-parser 2026-02-02T07:30:50.857Z weekly 0.8 https://onedaysec.com/news/penetration-tool-development-command-line-implementation-of-xss-platform 2026-02-02T07:30:48.788Z weekly 0.8 https://onedaysec.com/news/java-exploitation-techniques-jetty-servlet-type-memory-shell 2026-02-02T07:30:33.321Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-from-exchange-file-read-write-permissions-to-command-execution 2026-02-02T07:30:26.841Z weekly 0.8 https://onedaysec.com/news/proxyoracle-exploitation-analysis-1-cve-2021-31195 2026-02-02T07:30:10.923Z weekly 0.8 https://onedaysec.com/news/node-js-in-penetration-testing-using-c-addons-to-conceal-actual-code 2026-02-02T07:30:08.948Z weekly 0.8 https://onedaysec.com/news/windows-local-privilege-escalation-tool-juicy-potato-testing-analysis 2026-02-02T07:30:04.740Z weekly 0.8 https://onedaysec.com/news/penetration-basics-extracting-credentials-from-lsass-exe-process 2026-02-02T07:30:04.476Z weekly 0.8 https://onedaysec.com/news/java-exploitation-techniques-loading-dll-via-jni 2026-02-02T07:30:01.349Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-hiding-asp-net-webshells-using-virtual-files 2026-02-02T07:29:55.133Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-simulating-ie-browser-to-download-files 2026-02-02T07:31:02.852Z weekly 0.8 https://onedaysec.com/news/penetration-basics-implementation-of-exchange-one-liner-backdoor 2026-02-02T07:31:00.988Z weekly 0.8 https://onedaysec.com/news/proxyshell-exploitation-analysis-1-cve-2021-34473 2026-02-02T07:30:55.832Z weekly 0.8 https://onedaysec.com/news/penetration-basics-remotely-extracting-credentials-from-the-lsass-exe-process 2026-02-02T07:30:55.308Z weekly 0.8 https://onedaysec.com/news/covenant-utilization-analysis 2026-02-02T07:32:14.395Z weekly 0.8 https://onedaysec.com/news/windows-event-viewer-log-evt-single-log-deletion-part-1-deletion-approach-and-examples 2026-02-02T07:32:08.327Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-file-recovery-and-deletion-in-windows-systems 2026-02-02T07:32:00.930Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-using-transport-agent-as-an-exchange-backdoor 2026-02-02T07:31:49.624Z weekly 0.8 https://onedaysec.com/news/penetration-basics-bypassing-ssh-logs 2026-02-02T07:31:49.115Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-offline-extraction-of-saved-passwords-in-chrome-browser-using-masterkey 2026-02-02T07:31:45.343Z weekly 0.8 https://onedaysec.com/news/linux-password-hashes-technical-overview-of-encryption-methods-and-cracking-techniques 2026-02-02T07:31:41.067Z weekly 0.8 https://onedaysec.com/news/certutil-in-penetration-testing 2026-02-02T07:31:38.903Z weekly 0.8 https://onedaysec.com/news/node-js-in-penetration-testing-implementation-of-a-downloader 2026-02-02T07:31:33.348Z weekly 0.8 https://onedaysec.com/news/exploitation-testing-of-minidumpwritedump-via-com-services-dll 2026-02-02T07:31:28.050Z weekly 0.8 https://onedaysec.com/news/introduction-to-process-doppelganging-exploitation 2026-02-02T07:31:15.293Z weekly 0.8 https://onedaysec.com/news/silenttrinity-usage-analysis 2026-02-02T07:31:13.926Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-using-icon-files-to-obtain-ntlmv2-hash-from-file-server-connections 2026-02-02T07:32:17.368Z weekly 0.8 https://onedaysec.com/news/domain-penetration-using-specific-acls-in-exchange-server-for-domain-privilege-escalation 2026-02-02T07:33:18.012Z weekly 0.8 https://onedaysec.com/news/cia-hive-beacon-infrastructure-replication-2-implementing-https-traffic-distribution-using-apache-mod-rewrite 2026-02-02T07:33:17.513Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-obtaining-net-ntlm-hash-via-http-protocol 2026-02-02T07:33:17.100Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-rid-hijacking-of-windows-accounts 2026-02-02T07:33:16.576Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-multi-user-login-for-windows-remote-desktop 2026-02-02T07:33:15.850Z weekly 0.8 https://onedaysec.com/news/penetration-technique-using-tscon-to-achieve-unauthorized-remote-desktop-login 2026-02-02T07:33:13.916Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-offline-export-of-passwords-saved-in-chrome-browser 2026-02-02T07:33:11.831Z weekly 0.8 https://onedaysec.com/news/shodan-api-usage-guide 2026-02-02T07:33:21.193Z weekly 0.8 https://onedaysec.com/news/sophos-utm-exploitation-analysis-exporting-configuration-files 2026-02-02T07:33:20.439Z weekly 0.8 https://onedaysec.com/news/implementation-of-in-memory-loading-for-seatbelt 2026-02-02T07:33:18.294Z weekly 0.8 https://onedaysec.com/news/goanywhere-managed-file-transfer-vulnerability-debugging-environment 2026-01-26T03:45:53.222Z weekly 0.8 https://onedaysec.com/news/android-penetration-platform-setup-3-two-methods-to-install-kali-on-oneplus-6t 2026-02-02T06:58:26.371Z weekly 0.8 https://onedaysec.com/news/penetration-basics-minio-version-detection-1 2026-02-02T06:58:15.871Z weekly 0.8 https://onedaysec.com/news/application-techniques-of-troubleshooting-platform-in-penetration-testing 2026-02-02T06:58:32.010Z weekly 0.8 https://onedaysec.com/news/vrealize-log-insight-vulnerability-debugging-environment 2026-02-02T06:57:23.032Z weekly 0.8 https://onedaysec.com/news/penetration-basics-extension-of-exchange-one-liner-backdoor 2026-01-25T15:03:19.727Z weekly 0.8 https://onedaysec.com/news/zyxel-firmware-decryption 2026-01-25T15:16:56.258Z weekly 0.8 https://onedaysec.com/news/setting-up-a-vulnerability-debugging-environment-for-admanager-plus 2026-01-25T15:16:51.780Z weekly 0.8 https://onedaysec.com/news/vrealize-log-insight-vulnerability-debugging-environment-setup 2026-01-26T03:48:48.664Z weekly 0.8 https://onedaysec.com/news/penetration-technique-pythonimplementation-of-exchange-powershell 2026-01-26T03:48:33.521Z weekly 0.8 https://onedaysec.com/news/setting-up-adaudit-plus-vulnerability-debugging-environment 2026-01-26T03:48:41.073Z weekly 0.8 https://onedaysec.com/news/nsa-danderspiritz-testing-guide-trojan-generation-and-testing 2026-02-02T07:02:04.053Z weekly 0.8 https://onedaysec.com/news/windows-shellcode-study-notes-bypassing-dep-with-virtualalloc 2026-02-02T07:03:13.978Z weekly 0.8 https://onedaysec.com/news/penetration-basics-backdoor-implementation-using-vmware-tools 2026-02-02T07:10:19.332Z weekly 0.8 https://onedaysec.com/news/exporting-saved-passwords-from-firefox-browser-via-network-security-services 2026-02-02T07:10:36.653Z weekly 0.8 https://onedaysec.com/news/configure-additional-lsa-protection-to-monitor-password-filter-dll 2026-02-02T07:10:39.217Z weekly 0.8 https://onedaysec.com/news/processhider-utilization-analysis 2026-02-02T07:10:48.523Z weekly 0.8 https://onedaysec.com/news/java-exploitation-techniques-self-deletion-of-webshell-compiled-files-via-reflection 2026-02-02T07:10:58.440Z weekly 0.8 https://onedaysec.com/news/zimbra-soap-api-development-guide-2 2026-02-02T07:11:11.918Z weekly 0.8 https://onedaysec.com/news/password-manager-pro-vulnerability-debugging-environment-setup 2026-02-02T07:11:12.641Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-exporting-saved-passwords-from-firefox-browser 2026-02-02T07:11:13.350Z weekly 0.8 https://onedaysec.com/news/domain-penetration-remote-execution-via-scheduled-tasks-in-gpo 2026-02-02T07:11:29.408Z weekly 0.8 https://onedaysec.com/news/zimbra-soap-api-development-guide 2026-02-02T07:14:21.251Z weekly 0.8 https://onedaysec.com/news/joomla-3-4-4-3-6-3-account-creation-privilege-escalation-test-record 2026-02-02T06:49:11.635Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-parameter-hiding-techniques-in-shortcut-files 2026-02-02T06:49:26.769Z weekly 0.8 https://onedaysec.com/news/userland-registry-hijacking 2026-02-02T06:50:03.572Z weekly 0.8 https://onedaysec.com/news/volume-shadow-copy-in-penetration-testing 2026-02-02T06:53:56.243Z weekly 0.8 https://onedaysec.com/news/python-development-tips-disabling-url-encoding-in-the-requests-library 2026-02-02T06:54:03.639Z weekly 0.8 https://onedaysec.com/news/steganography-techniques-hiding-payloads-using-jpeg-file-format 2026-02-02T06:54:07.788Z weekly 0.8 https://onedaysec.com/news/msiexec-in-penetration-testing 2026-02-02T06:54:15.152Z weekly 0.8 https://onedaysec.com/news/study-notes-of-using-sdclt-exe-to-bypass-uac 2026-02-02T07:00:58.978Z weekly 0.8 https://onedaysec.com/news/using-global-api-hooks-to-hide-processes-on-windows-7-systems 2026-02-02T07:01:01.453Z weekly 0.8 https://onedaysec.com/news/use-appdomainmanager-to-maintain-persistence 2026-02-02T07:01:28.227Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-deletion-and-bypass-of-windows-logs 2026-02-02T07:01:29.942Z weekly 0.8 https://onedaysec.com/news/dll-injection-via-apc-bypassing-sysmon-monitoring 2026-02-02T07:01:33.657Z weekly 0.8 https://onedaysec.com/news/an-interesting-way-of-bypassing-windows-attachment-manager 2026-02-02T07:01:39.050Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-program-privilege-reduction-startup 2026-02-02T07:01:39.305Z weekly 0.8 https://onedaysec.com/news/windows-shellcode-study-notes-generating-shellcode-via-visual-studio 2026-02-02T07:01:39.762Z weekly 0.8 https://onedaysec.com/news/penetration-basics-fortigate-identification-and-version-detection 2026-01-26T03:09:05.203Z weekly 0.8 https://onedaysec.com/news/adaudit-plus-exploitation-analysis-data-encryption-analysis 2026-01-26T03:10:32.627Z weekly 0.8 https://onedaysec.com/news/penetration-technique-remote-access-to-exchange-powershell 2026-01-26T03:11:21.089Z weekly 0.8 https://onedaysec.com/news/goanywhere-managed-file-transfer-vulnerability-debugging-environment-setup 2026-01-26T03:11:49.731Z weekly 0.8 https://onedaysec.com/news/adaudit-plus-vulnerability-debugging-environment-setup 2026-01-26T03:11:56.645Z weekly 0.8 https://onedaysec.com/news/penetration-technique-python-implementation-of-exchange-powershell 2026-01-26T03:13:41.564Z weekly 0.8 https://onedaysec.com/news/penetration-basics-zimbra-version-detection 2026-01-26T03:25:25.638Z weekly 0.8 https://onedaysec.com/news/penetration-basics-minio-version-detection 2026-01-26T03:25:52.681Z weekly 0.8 https://onedaysec.com/news/penetration-basics-weblogic-version-detection 2026-01-26T03:28:12.525Z weekly 0.8 https://onedaysec.com/news/veeam-backup-replication-vulnerability-debugging-environment-setup 2026-01-26T03:29:56.452Z weekly 0.8 https://onedaysec.com/news/bypassing-firewall-using-iis-port-sharing-feature 2026-02-02T07:21:29.786Z weekly 0.8 https://onedaysec.com/news/introduction-to-windows-password-hashes-ntlm-hash-and-net-ntlm-hash 2026-02-02T07:21:34.897Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-user-enumeration-and-password-brute-forcing-via-kerberos-pre-authentication 2026-02-02T07:20:48.587Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-exploitation-of-nine-windows-privileges 2026-02-02T07:20:48.662Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-stealth-execution-of-windows-remote-assistance 2026-02-02T07:20:48.950Z weekly 0.8 https://onedaysec.com/news/domain-penetration-recovering-passwords-stored-in-group-policy-via-sysvol 2026-02-02T07:20:59.938Z weekly 0.8 https://onedaysec.com/news/analysis-of-apt34-leaked-tools-highshell-and-hypershell 2026-02-02T07:20:22.060Z weekly 0.8 https://onedaysec.com/news/analysis-of-cobalt-strikes-blockdlls-exploitation 2026-02-02T07:20:22.633Z weekly 0.8 https://onedaysec.com/news/shellcode-generation-tool-donut-testing-and-analysis 2026-02-02T07:20:24.457Z weekly 0.8 https://onedaysec.com/news/analysis-of-sharpsniper-exploitation 2026-02-02T07:20:30.835Z weekly 0.8 https://onedaysec.com/news/analysis-of-backdoor-implementation-using-telemetrycontroller 2026-02-02T07:20:39.585Z weekly 0.8 https://onedaysec.com/news/introduction-to-net-ntlmv1-password-hash-in-windows 2026-02-02T07:20:46.397Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-exploitation-of-net-session-in-windows 2026-02-02T07:20:10.751Z weekly 0.8 https://onedaysec.com/news/penetration-basics-windows-defender 2026-02-02T07:20:10.872Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-switching-from-admin-privileges-to-system-privileges 2026-02-02T07:20:19.554Z weekly 0.8 https://onedaysec.com/news/unauthorized-file-copying-via-com-component-ifileoperation 2026-02-02T07:19:53.176Z weekly 0.8 https://onedaysec.com/news/analysis-of-exploitation-techniques-for-triggering-bsod-by-terminating-processes 2026-02-02T07:20:00.819Z weekly 0.8 https://onedaysec.com/news/f5-big-ip-vulnerability-debugging-environment-setup 2026-02-02T07:20:03.112Z weekly 0.8 https://onedaysec.com/news/use-xwizard-exe-to-load-dll 2026-02-02T07:20:06.234Z weekly 0.8 https://onedaysec.com/news/penetration-basics-implementation-of-webshell-supporting-ntlm-over-http-protocol 2026-02-02T07:20:08.680Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-fileless-implementation-using-virtual-disks 2026-02-02T07:20:09.433Z weekly 0.8 https://onedaysec.com/news/penetration-techniques-time-attributes-of-ntfs-files-in-windows 2026-02-02T07:19:45.657Z weekly 0.8 https://onedaysec.com/news/penetration-basics-exchange-version-detection-and-vulnerability-scanning 2026-02-02T07:19:49.170Z weekly 0.8 https://onedaysec.com/news/setting-up-zimbra-vulnerability-debugging-environment 2026-02-02T07:19:14.938Z weekly 0.8 https://onedaysec.com/news/vsphere-development-guide-6-vcenter-saml-certificates 2026-02-02T07:19:15.735Z weekly 0.8 https://onedaysec.com/news/use-logon-scripts-to-maintain-persistence 2026-02-02T07:19:35.970Z weekly 0.8 https://onedaysec.com/news/domain-penetration-dcsync 2026-02-02T07:19:38.121Z weekly 0.8 https://onedaysec.com/qa/what-role-do-structured-skill-files-play-in-making-parallel-ai-development-work--1777485572159 2026-04-29T17:59:32.181Z weekly 0.7 https://onedaysec.com/qa/why-was-parallel-development-not-meaningful-before-the-2025-capability-leap-even-1777485572056 2026-04-29T17:59:32.106Z weekly 0.7 https://onedaysec.com/qa/how-did-the-2025-front-of-frontier-models-such-as-opus-45-enable-true-parallel-a-1777485571953 2026-04-29T17:59:31.978Z weekly 0.7 https://onedaysec.com/qa/what-are-the-three-main-bottlenecks-that-prevent-parallel-ai-agent-development-a-1777485571858 2026-04-29T17:59:31.868Z weekly 0.7 https://onedaysec.com/qa/how-does-the-lightweight-c-tool-sharpadfinddemo-help-avoid-antivirus-detection-1777485554214 2026-04-29T17:59:14.274Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-differences-between-csvde-and-ldifde-for-ad-information-gatheri-1777485554158 2026-04-29T17:59:14.175Z weekly 0.7 https://onedaysec.com/qa/how-can-csvde-be-used-to-extract-active-directory-information-without-being-bloc-1777485554104 2026-04-29T17:59:14.115Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-goal-of-the-article-penetration-basics-active-directory-informa-1777485554050 2026-04-29T17:59:14.070Z weekly 0.7 https://onedaysec.com/qa/what-python-sdk-is-used-to-implement-the-vsphere-web-services-api-examples-in-th-1777485540113 2026-04-29T17:59:00.127Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-downloading-a-file-in-text-versus-binary-format-u-1777485540015 2026-04-29T17:59:00.036Z weekly 0.7 https://onedaysec.com/qa/what-technique-does-the-sharpsphere-tool-use-to-dump-credentials-from-a-vcenter--1777485539941 2026-04-29T17:58:59.966Z weekly 0.7 https://onedaysec.com/qa/how-do-you-upload-a-file-to-a-virtual-machine-using-the-vsphere-web-services-api-1777485539802 2026-04-29T17:58:59.821Z weekly 0.7 https://onedaysec.com/qa/why-would-you-choose-the-vsphere-web-services-api-over-the-vsphere-automation-ap-1777485539738 2026-04-29T17:58:59.750Z weekly 0.7 https://onedaysec.com/qa/can-i-combine-csvde-with-other-information-gathering-techniques-for-more-compreh-1777485516453 2026-04-29T17:58:36.465Z weekly 0.7 https://onedaysec.com/qa/how-can-i-run-csvde-on-windows-7-without-requiring-administrator-privileges-1777485516392 2026-04-29T17:58:36.408Z weekly 0.7 https://onedaysec.com/qa/what-is-the-migration-approach-to-make-csvde-work-on-windows-7-without-installin-1777485516310 2026-04-29T17:58:36.344Z weekly 0.7 https://onedaysec.com/qa/what-dependencies-does-csvde-require-on-different-windows-versions-and-how-do-i--1777485516202 2026-04-29T17:58:36.234Z weekly 0.7 https://onedaysec.com/qa/what-is-csvde-and-why-would-i-want-to-run-it-on-a-windows-7-system-during-penetr-1777485516107 2026-04-29T17:58:36.122Z weekly 0.7 https://onedaysec.com/qa/how-does-the-open-source-implementation-prioritize-different-detection-methods-a-1777485501760 2026-04-29T17:58:21.792Z weekly 0.7 https://onedaysec.com/qa/what-is-the-limitation-of-using-the-specific-url-jszimbramailsharemodelzmsetting-1777485501684 2026-04-29T17:58:21.703Z weekly 0.7 https://onedaysec.com/qa/why-is-the-version-obtained-from-the-imap-protocol-considered-accurate-and-how-d-1777485501621 2026-04-29T17:58:21.633Z weekly 0.7 https://onedaysec.com/qa/what-are-the-different-methods-to-detect-a-zimbra-version-during-penetration-tes-1777485501557 2026-04-29T17:58:21.569Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-defense-strategies-against-this-com-hijacking-persisten-1777485476491 2026-04-29T17:57:56.520Z weekly 0.7 https://onedaysec.com/qa/what-alternative-com-objects-can-be-used-for-hijacking-outlook-besides-the-defau-1777485476442 2026-04-29T17:57:56.451Z weekly 0.7 https://onedaysec.com/qa/how-does-the-provided-powershell-script-automate-the-com-hijacking-exploitation--1777485476359 2026-04-29T17:57:56.374Z weekly 0.7 https://onedaysec.com/qa/how-does-the-registry-modification-work-for-hijacking-outlooks-com-objects-1777485476296 2026-04-29T17:57:56.310Z weekly 0.7 https://onedaysec.com/qa/what-is-the-com-hijacking-persistence-technique-used-by-apt-group-trula-against--1777485476199 2026-04-29T17:57:56.217Z weekly 0.7 https://onedaysec.com/qa/what-attributes-can-be-modified-on-a-machine-account-created-via-maq-and-why-is--1777485455183 2026-04-29T17:57:35.199Z weekly 0.7 https://onedaysec.com/qa/how-can-a-non-privileged-user-create-a-dns-record-for-a-machine-account-1777485455108 2026-04-29T17:57:35.131Z weekly 0.7 https://onedaysec.com/qa/what-is-the-machineaccountquota-maq-and-how-can-non-privileged-users-exploit-it-1777485455058 2026-04-29T17:57:35.067Z weekly 0.7 https://onedaysec.com/qa/what-is-a-machineaccount-in-active-directory-and-why-is-it-significant-for-penet-1777485454989 2026-04-29T17:57:35.002Z weekly 0.7 https://onedaysec.com/qa/what-methods-can-defenders-use-to-detect-backdoor-exploitation-of-junction-folde-1777485433978 2026-04-29T17:57:14.018Z weekly 0.7 https://onedaysec.com/qa/how-can-the-library-files-backdoor-be-made-more-stealthy-to-avoid-detection-1777485433888 2026-04-29T17:57:13.921Z weekly 0.7 https://onedaysec.com/qa/what-are-library-files-library-ms-and-how-are-they-abused-for-backdoor-persisten-1777485433806 2026-04-29T17:57:13.818Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-use-windows-junction-folders-to-establish-persistence-on-a-s-1777485433723 2026-04-29T17:57:13.740Z weekly 0.7 https://onedaysec.com/qa/why-does-the-cab-file-extraction-in-the-exchange-help-updater-lead-to-arbitrary--1777485420562 2026-04-29T17:57:00.578Z weekly 0.7 https://onedaysec.com/qa/what-registry-key-can-be-modified-to-persist-exploitation-of-cve-2021-31196-with-1777485420501 2026-04-29T17:57:00.522Z weekly 0.7 https://onedaysec.com/qa/how-does-the-man-in-the-middle-mitm-attack-work-for-this-vulnerability-and-what--1777485420434 2026-04-29T17:57:00.447Z weekly 0.7 https://onedaysec.com/qa/what-is-the-core-vulnerability-in-cve-2021-31196-and-what-conditions-must-be-met-1777485420335 2026-04-29T17:57:00.350Z weekly 0.7 https://onedaysec.com/qa/what-new-features-does-the-open-source-code-from-this-article-add-1777485407056 2026-04-29T17:56:47.075Z weekly 0.7 https://onedaysec.com/qa/how-can-i-view-folder-sharing-configurations-using-the-zimbra-soap-api-1777485406969 2026-04-29T17:56:46.995Z weekly 0.7 https://onedaysec.com/qa/how-do-i-view-the-current-email-forwarding-configuration-programmatically-1777485406912 2026-04-29T17:56:46.929Z weekly 0.7 https://onedaysec.com/qa/how-can-i-add-email-forwarding-using-the-zimbra-soap-api-1777485406824 2026-04-29T17:56:46.831Z weekly 0.7 https://onedaysec.com/qa/what-defense-strategies-can-prevent-this-remote-dll-loading-attack-on-dns-server-1777485393699 2026-04-29T17:56:33.727Z weekly 0.7 https://onedaysec.com/qa/how-do-you-execute-the-exploit-using-dnscmd-and-mimikatz-1777485393616 2026-04-29T17:56:33.659Z weekly 0.7 https://onedaysec.com/qa/how-do-you-prepare-a-malicious-dll-that-will-be-loaded-by-the-dns-service-1777485393558 2026-04-29T17:56:33.572Z weekly 0.7 https://onedaysec.com/qa/what-are-the-prerequisites-for-exploiting-remote-dll-loading-on-a-dns-server-usi-1777485393473 2026-04-29T17:56:33.500Z weekly 0.7 https://onedaysec.com/qa/what-are-the-limitations-and-prerequisites-for-a-successful-atombombing-attack-1777485372607 2026-04-29T17:56:12.635Z weekly 0.7 https://onedaysec.com/qa/what-makes-atombombing-difficult-to-patch-compared-to-other-injection-methods-1777485372526 2026-04-29T17:56:12.537Z weekly 0.7 https://onedaysec.com/qa/how-does-atombombing-execute-the-shellcode-after-writing-it-into-the-target-proc-1777485372468 2026-04-29T17:56:12.487Z weekly 0.7 https://onedaysec.com/qa/why-did-the-original-apc-injection-method-fail-for-atombombing-and-how-was-it-ov-1777485372412 2026-04-29T17:56:12.426Z weekly 0.7 https://onedaysec.com/qa/what-is-atombombing-and-how-does-it-achieve-code-injection-1777485372352 2026-04-29T17:56:12.362Z weekly 0.7 https://onedaysec.com/qa/how-does-the-script-handle-scenarios-where-the-internal-network-cannot-access-mi-1777485358560 2026-04-29T17:55:58.599Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-exact-version-matching-and-rough-version-matching-1777485358403 2026-04-29T17:55:58.449Z weekly 0.7 https://onedaysec.com/qa/how-does-beautifulsoup-help-in-extracting-exchange-version-data-from-microsofts--1777485358332 2026-04-29T17:55:58.345Z weekly 0.7 https://onedaysec.com/qa/why-was-the-original-exchange-version-detection-method-from-the-previous-article-1777485358225 2026-04-29T17:55:58.269Z weekly 0.7 https://onedaysec.com/qa/what-payloads-can-be-delivered-using-dotnettojscript-besides-the-example-assembl-1777485346369 2026-04-29T17:55:46.385Z weekly 0.7 https://onedaysec.com/qa/what-defensive-measures-does-the-article-recommend-against-dotnettojscript-attac-1777485346305 2026-04-29T17:55:46.321Z weekly 0.7 https://onedaysec.com/qa/how-can-dotnettojscript-be-used-to-execute-powershell-commands-without-powershel-1777485346220 2026-04-29T17:55:46.238Z weekly 0.7 https://onedaysec.com/qa/what-script-formats-can-dotnettojscript-generate-and-how-would-you-execute-each--1777485346161 2026-04-29T17:55:46.174Z weekly 0.7 https://onedaysec.com/qa/what-is-dotnettojscript-and-how-can-it-be-used-to-load-net-programs-1777485346036 2026-04-29T17:55:46.057Z weekly 0.7 https://onedaysec.com/qa/what-are-the-three-main-methods-to-overwrite-the-original-system-log-file-after--1777485329445 2026-04-29T17:55:29.473Z weekly 0.7 https://onedaysec.com/qa/how-can-i-delete-a-single-windows-event-log-entry-using-the-wevtutil-command-1777485329275 2026-04-29T17:55:29.340Z weekly 0.7 https://onedaysec.com/qa/how-does-the-registry-key-creation-for-the-exploit-work-and-what-is-the-role-of--1777485321142 2026-04-29T17:55:21.155Z weekly 0.7 https://onedaysec.com/qa/why-cant-we-directly-modify-the-hkey_local_machine-registry-key-during-the-uac-b-1777485321078 2026-04-29T17:55:21.091Z weekly 0.7 https://onedaysec.com/qa/what-alternative-methods-can-be-used-to-exploit-the-iarpuninstallstringlauncher--1777485321012 2026-04-29T17:55:21.037Z weekly 0.7 https://onedaysec.com/qa/why-do-we-need-to-modify-the-peb-structure-when-exploiting-this-com-component-1777485320944 2026-04-29T17:55:20.964Z weekly 0.7 https://onedaysec.com/qa/how-does-the-iarpuninstallstringlauncher-com-component-bypass-uac-1777485320822 2026-04-29T17:55:20.837Z weekly 0.7 https://onedaysec.com/qa/what-are-the-challenges-in-detecting-wmi-abuse-and-what-tools-can-help-monitor-w-1777485297548 2026-04-29T17:54:57.564Z weekly 0.7 https://onedaysec.com/qa/how-does-wmic-enable-remote-command-execution-for-lateral-movement-1777485297469 2026-04-29T17:54:57.483Z weekly 0.7 https://onedaysec.com/qa/how-can-wmic-be-used-to-remotely-query-or-modify-the-restricted-admin-mode-regis-1777485297420 2026-04-29T17:54:57.429Z weekly 0.7 https://onedaysec.com/qa/what-is-wbemtest-and-how-does-it-relate-to-wmic-commands-1777485297366 2026-04-29T17:54:57.378Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-and-remove-a-netsh-helper-dll-persistence-1777485281812 2026-04-29T17:54:41.833Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-trigger-the-malicious-dll-without-directly-running-netsh-1777485281704 2026-04-29T17:54:41.726Z weekly 0.7 https://onedaysec.com/qa/what-are-the-requirements-for-writing-a-helper-dll-for-netsh-persistence-1777485281639 2026-04-29T17:54:41.652Z weekly 0.7 https://onedaysec.com/qa/how-does-netsh-persistence-work-using-a-helper-dll-1777485281574 2026-04-29T17:54:41.586Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-connect-to-the-vrealize-operations-manager-databases-for-d-1777485270612 2026-04-29T17:54:30.639Z weekly 0.7 https://onedaysec.com/qa/how-can-i-identify-the-version-of-a-running-vrealize-operations-manager-instance-1777485270540 2026-04-29T17:54:30.568Z weekly 0.7 https://onedaysec.com/qa/where-can-i-find-sensitive-information-like-admin-password-hashes-and-database-c-1777485270382 2026-04-29T17:54:30.422Z weekly 0.7 https://onedaysec.com/qa/how-do-i-set-up-a-vrealize-operations-manager-vulnerability-debugging-environmen-1777485270250 2026-04-29T17:54:30.282Z weekly 0.7 https://onedaysec.com/qa/after-exporting-emails-how-can-i-view-or-remove-pending-export-requests-1777485259658 2026-04-29T17:54:19.678Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-difference-between-exporting-emails-via-a-remote-pssession-and--1777485259242 2026-04-29T17:54:19.392Z weekly 0.7 https://onedaysec.com/qa/how-can-i-export-only-emails-containing-a-specific-keyword-eg-pass-from-a-users--1777485259005 2026-04-29T17:54:19.060Z weekly 0.7 https://onedaysec.com/qa/what-is-the-prerequisite-for-exporting-emails-using-the-new-mailboxexportrequest-1777485258912 2026-04-29T17:54:18.934Z weekly 0.7 https://onedaysec.com/qa/how-can-i-remotely-connect-to-an-exchange-server-using-powershell-to-manage-emai-1777485258824 2026-04-29T17:54:18.847Z weekly 0.7 https://onedaysec.com/qa/what-is-the-vpxuser-account-and-how-is-its-password-stored-in-vcenters-postgresq-1777485232007 2026-04-29T17:53:52.033Z weekly 0.7 https://onedaysec.com/qa/how-do-i-write-a-go-program-to-automatically-connect-to-vcenters-postgresql-and--1777485231917 2026-04-29T17:53:51.940Z weekly 0.7 https://onedaysec.com/qa/what-sql-queries-can-i-run-to-export-virtual-machine-and-esxi-host-configuration-1777485231740 2026-04-29T17:53:51.756Z weekly 0.7 https://onedaysec.com/qa/how-can-i-connect-to-vcenters-postgresql-database-if-the-postgres-user-has-a-def-1777485231644 2026-04-29T17:53:51.664Z weekly 0.7 https://onedaysec.com/qa/what-steps-are-involved-in-a-normal-implementation-of-loading-a-net-assembly-fro-1777485211925 2026-04-29T17:53:31.957Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-main-unmanaged-interfaces-for-hosting-the-clr-and-what-net-vers-1777485211764 2026-04-29T17:53:31.788Z weekly 0.7 https://onedaysec.com/qa/how-does-the-clr-hosting-api-enable-loading-net-assemblies-from-memory-1777485211706 2026-04-29T17:53:31.718Z weekly 0.7 https://onedaysec.com/qa/what-is-cobalt-strikes-execute-assembly-command-and-why-is-it-considered-stealth-1777485211636 2026-04-29T17:53:31.656Z weekly 0.7 https://onedaysec.com/qa/what-are-the-conditions-under-which-the-cve-2017-8464-vulnerability-can-be-trigg-1777485199678 2026-04-29T17:53:19.699Z weekly 0.7 https://onedaysec.com/qa/how-can-users-defend-against-the-cve-2017-8464-lnk-vulnerability-1777485199608 2026-04-29T17:53:19.630Z weekly 0.7 https://onedaysec.com/qa/what-bug-existed-in-the-public-metasploit-exploit-script-for-cve-2017-8464-and-h-1777485199531 2026-04-29T17:53:19.543Z weekly 0.7 https://onedaysec.com/qa/what-is-the-cve-2017-8464-vulnerability-and-how-does-it-work-1777485199451 2026-04-29T17:53:19.465Z weekly 0.7 https://onedaysec.com/qa/what-is-a-practical-tool-or-script-for-creating-hidden-registry-entries-for-pers-1777485183688 2026-04-29T17:53:03.701Z weekly 0.7 https://onedaysec.com/qa/how-can-you-hide-registry-value-names-not-just-keys-and-what-extra-steps-are-nee-1777485183603 2026-04-29T17:53:03.629Z weekly 0.7 https://onedaysec.com/qa/what-is-the-exact-method-to-create-a-hidden-registry-key-using-native-api-1777485183498 2026-04-29T17:53:03.530Z weekly 0.7 https://onedaysec.com/qa/why-cant-hidden-registry-entries-be-seen-or-modified-with-regeditexe-1777485183406 2026-04-29T17:53:03.447Z weekly 0.7 https://onedaysec.com/qa/how-does-the-poweliks-malware-use-hidden-registry-entries-for-persistence-1777485183310 2026-04-29T17:53:03.330Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-methods-to-detect-an-iis-module-backdoor-1777485170621 2026-04-29T17:52:50.638Z weekly 0.7 https://onedaysec.com/qa/how-is-an-iis-module-registered-and-installed-on-a-server-and-what-privileges-ar-1777485170561 2026-04-29T17:52:50.579Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-primary-methods-for-developing-custom-iis-modules-and-what-are--1777485170434 2026-04-29T17:52:50.456Z weekly 0.7 https://onedaysec.com/qa/how-can-iis-module-functionality-be-used-to-bypass-firewalls-and-achieve-remote--1777485170375 2026-04-29T17:52:50.387Z weekly 0.7 https://onedaysec.com/qa/how-does-avet-handle-shellcode-encryption-and-remote-retrieval-1777485134662 2026-04-29T17:52:14.683Z weekly 0.7 https://onedaysec.com/qa/what-are-the-different-shellcode-execution-methods-used-by-avet-1777485134599 2026-04-29T17:52:14.615Z weekly 0.7 https://onedaysec.com/qa/how-does-avet-evade-sandbox-detection-during-execution-1777485134542 2026-04-29T17:52:14.556Z weekly 0.7 https://onedaysec.com/qa/what-is-avet-and-why-is-it-significant-in-cybersecurity-1777485134484 2026-04-29T17:52:14.496Z weekly 0.7 https://onedaysec.com/qa/what-alternative-method-does-the-article-offer-for-querying-security-logs-beside-1777485121605 2026-04-29T17:52:01.629Z weekly 0.7 https://onedaysec.com/qa/how-does-the-article-enable-remote-querying-of-domain-controller-logs-for-user-l-1777485121524 2026-04-29T17:52:01.548Z weekly 0.7 https://onedaysec.com/qa/how-can-you-extract-specific-fields-like-targetusername-or-ipaddress-from-event--1777485121363 2026-04-29T17:52:01.381Z weekly 0.7 https://onedaysec.com/qa/why-is-manually-filtering-domain-user-login-information-from-windows-security-lo-1777485121274 2026-04-29T17:52:01.290Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-defenses-against-cve-2019-15107-1777485107336 2026-04-29T17:51:47.352Z weekly 0.7 https://onedaysec.com/qa/what-considerations-are-needed-when-writing-a-python-poc-for-the-webmin-rce-vuln-1777485107287 2026-04-29T17:51:47.303Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-exploit-the-webmin-rce-vulnerability-using-burp-suite-1777485107206 2026-04-29T17:51:47.235Z weekly 0.7 https://onedaysec.com/qa/what-is-the-cve-2019-15107-vulnerability-in-webmin-and-what-condition-must-be-pr-1777485107142 2026-04-29T17:51:47.156Z weekly 0.7 https://onedaysec.com/qa/how-does-the-preferred-file-indicate-the-active-masterkey-and-its-expiration-and-1777485084507 2026-04-29T17:51:24.526Z weekly 0.7 https://onedaysec.com/qa/what-offline-methods-exist-to-obtain-the-dpapi-masterkey-without-direct-access-t-1777485084435 2026-04-29T17:51:24.453Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-recover-the-dpapi-masterkey-from-a-live-windows-system-using-1777485084362 2026-04-29T17:51:24.390Z weekly 0.7 https://onedaysec.com/qa/what-is-dpapi-and-why-is-the-masterkey-critical-for-decrypting-protected-data-on-1777485084206 2026-04-29T17:51:24.233Z weekly 0.7 https://onedaysec.com/qa/how-can-msbuild-be-used-for-persistence-in-visual-studio-projects-1777485061832 2026-04-29T17:51:01.862Z weekly 0.7 https://onedaysec.com/qa/can-i-execute-arbitrary-shellcode-directly-with-msbuild-and-what-are-the-platfor-1777485061728 2026-04-29T17:51:01.752Z weekly 0.7 https://onedaysec.com/qa/what-steps-are-needed-to-load-a-pe-file-like-mimikatz-from-memory-using-msbuild-1777485061666 2026-04-29T17:51:01.679Z weekly 0.7 https://onedaysec.com/qa/how-can-i-execute-powershell-commands-using-msbuild-1777485061561 2026-04-29T17:51:01.594Z weekly 0.7 https://onedaysec.com/qa/why-might-the-crawler-need-to-simulate-browser-access-and-how-is-it-done-1777485022181 2026-04-29T17:50:22.233Z weekly 0.7 https://onedaysec.com/qa/what-is-the-maximum-number-of-results-returned-by-expireddomainsnet-for-non-logg-1777485022082 2026-04-29T17:50:22.100Z weekly 0.7 https://onedaysec.com/qa/how-does-the-python-crawler-handle-pagination-on-expireddomainsnet-1777485022024 2026-04-29T17:50:22.038Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-using-expired-domains-for-c2-servers-in-penetration-testi-1777485021907 2026-04-29T17:50:21.923Z weekly 0.7 https://onedaysec.com/qa/what-detection-methods-can-defenders-use-to-identify-password-brute-force-attack-1777484999465 2026-04-29T17:49:59.478Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-outside-the-domain-obtain-the-domain-password-policy-using-l-1777484999262 2026-04-29T17:49:59.321Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-password-policy-attributes-obtained-from-active-directory-and-h-1777484999182 2026-04-29T17:49:59.192Z weekly 0.7 https://onedaysec.com/qa/why-is-it-important-to-obtain-the-domain-user-password-policy-before-performing--1777484999112 2026-04-29T17:49:59.127Z weekly 0.7 https://onedaysec.com/qa/what-is-mapi-over-http-and-how-is-it-related-to-autodiscover-in-penetration-test-1777484983876 2026-04-29T17:49:43.893Z weekly 0.7 https://onedaysec.com/qa/how-can-i-access-the-global-address-list-gal-via-autodiscover-and-the-offline-ad-1777484983783 2026-04-29T17:49:43.804Z weekly 0.7 https://onedaysec.com/qa/how-can-i-read-exchange-autodiscover-configuration-information-to-obtain-the-dom-1777484983711 2026-04-29T17:49:43.732Z weekly 0.7 https://onedaysec.com/qa/how-can-i-brute-force-exchange-credentials-using-the-autodiscover-service-1777484983658 2026-04-29T17:49:43.671Z weekly 0.7 https://onedaysec.com/qa/what-is-the-autodiscover-service-in-exchange-and-how-can-it-be-used-in-penetrati-1777484983584 2026-04-29T17:49:43.595Z weekly 0.7 https://onedaysec.com/qa/can-wmicexe-be-used-for-virtual-machine-detection-1777484968638 2026-04-29T17:49:28.651Z weekly 0.7 https://onedaysec.com/qa/what-steps-are-required-to-clean-up-a-wmi-persistence-subscription-created-via-w-1777484968589 2026-04-29T17:49:28.599Z weekly 0.7 https://onedaysec.com/qa/how-do-you-perform-registry-operations-using-wmicexe-1777484968542 2026-04-29T17:49:28.556Z weekly 0.7 https://onedaysec.com/qa/how-can-you-create-a-wmi-persistence-backdoor-using-wmicexe-1777484968495 2026-04-29T17:49:28.503Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-advantage-of-using-wmicexe-over-powershell-for-wmi-operations-1777484968439 2026-04-29T17:49:28.452Z weekly 0.7 https://onedaysec.com/qa/how-can-you-gain-trustedinstaller-privileges-using-token-manipulation-1777484943665 2026-04-29T17:49:03.683Z weekly 0.7 https://onedaysec.com/qa/how-can-you-use-incognito-in-metasploit-to-steal-tokens-and-escalate-privileges-1777484943604 2026-04-29T17:49:03.613Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-types-of-windows-tokens-and-how-do-they-differ-1777484943528 2026-04-29T17:49:03.546Z weekly 0.7 https://onedaysec.com/qa/what-is-the-fuzzbunch-framework-and-how-does-it-relate-to-smbtouch-1777484923895 2026-04-29T17:48:43.910Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-defense-recommendations-against-nsa-smb-and-nbt-exploits-1777484923846 2026-04-29T17:48:43.859Z weekly 0.7 https://onedaysec.com/qa/why-would-you-create-a-python-script-like-smbtouchscannerpy-for-batch-detection-1777484923770 2026-04-29T17:48:43.803Z weekly 0.7 https://onedaysec.com/qa/how-can-you-use-smbtouch-independently-without-the-full-fuzzbunch-framework-1777484923694 2026-04-29T17:48:43.705Z weekly 0.7 https://onedaysec.com/qa/what-is-smbtouch-and-what-vulnerabilities-does-it-detect-1777484923640 2026-04-29T17:48:43.652Z weekly 0.7 https://onedaysec.com/qa/after-stopping-the-eventlog-service-why-must-file-handles-be-released-and-how-is-1777484910691 2026-04-29T17:48:30.702Z weekly 0.7 https://onedaysec.com/qa/what-privileges-are-needed-to-terminate-the-eventlog-service-process-and-how-are-1777484910638 2026-04-29T17:48:30.655Z weekly 0.7 https://onedaysec.com/qa/how-do-you-programmatically-find-the-pid-of-the-svchostexe-process-hosting-the-e-1777484910589 2026-04-29T17:48:30.600Z weekly 0.7 https://onedaysec.com/qa/why-cant-i-directly-open-an-evtx-log-file-for-modification-while-the-eventlog-se-1777484910533 2026-04-29T17:48:30.543Z weekly 0.7 https://onedaysec.com/qa/what-are-some-defense-recommendations-against-rdp-tunneling-attacks-1777484898414 2026-04-29T17:48:18.427Z weekly 0.7 https://onedaysec.com/qa/what-is-universaldvc-and-how-does-it-create-a-tunnel-over-rdp-1777484898362 2026-04-29T17:48:18.381Z weekly 0.7 https://onedaysec.com/qa/what-is-rdp2tcp-and-how-does-it-enable-port-forwarding-over-rdp-1777484898263 2026-04-29T17:48:18.281Z weekly 0.7 https://onedaysec.com/qa/how-does-the-shared-file-method-work-for-establishing-an-rdp-tunnel-1777484898213 2026-04-29T17:48:18.223Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-use-case-for-establishing-tunnels-using-remote-desktop-protocol-1777484898129 2026-04-29T17:48:18.150Z weekly 0.7 https://onedaysec.com/qa/which-tools-and-files-are-essential-for-setting-up-a-veeam-backup-replication-vu-1777484874466 2026-04-29T17:47:54.477Z weekly 0.7 https://onedaysec.com/qa/how-does-cve-2023-27532-allow-credential-leakage-in-veeam-backup-replication-and-1777484874427 2026-04-29T17:47:54.439Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-extract-database-credentials-from-veeam-backup-replication-1777484874304 2026-04-29T17:47:54.355Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-variable-viewing-in-dnspy-when-debugging-veeam-backup-replicatio-1777484874182 2026-04-29T17:47:54.199Z weekly 0.7 https://onedaysec.com/qa/what-are-the-default-ports-used-by-veeam-backup-replication-services-for-debuggi-1777484874108 2026-04-29T17:47:54.123Z weekly 0.7 https://onedaysec.com/qa/how-can-a-domain-user-read-all-user-hashes-by-exploiting-acl-on-ntdsdit-1777484831213 2026-04-29T17:47:11.235Z weekly 0.7 https://onedaysec.com/qa/what-powershell-commands-can-be-used-to-add-full-access-permissions-for-a-user-t-1777484831150 2026-04-29T17:47:11.170Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-use-acl-modification-for-local-privilege-escalation-backdoor-1777484831036 2026-04-29T17:47:11.051Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-components-of-an-access-control-list-acl-in-windows-1777484830963 2026-04-29T17:47:10.980Z weekly 0.7 https://onedaysec.com/qa/what-is-the-nmap-zip-version-for-windows-and-how-is-it-configured-1777484811600 2026-04-29T17:46:51.615Z weekly 0.7 https://onedaysec.com/qa/what-are-the-basic-usage-examples-of-masscan-for-network-scanning-1777484811549 2026-04-29T17:46:51.565Z weekly 0.7 https://onedaysec.com/qa/how-can-you-install-winpcap-silently-via-the-windows-command-line-1777484811492 2026-04-29T17:46:51.505Z weekly 0.7 https://onedaysec.com/qa/how-do-you-compile-masscan-on-windows-using-vs2012-1777484811423 2026-04-29T17:46:51.440Z weekly 0.7 https://onedaysec.com/qa/why-does-adaudit-plus-force-the-password-algorithm-to-bcrypt-even-if-another-alg-1777484792391 2026-04-29T17:46:32.402Z weekly 0.7 https://onedaysec.com/qa/what-happens-when-a-custom-user-is-added-in-adaudit-plus-regarding-password-encr-1777484792322 2026-04-29T17:46:32.339Z weekly 0.7 https://onedaysec.com/qa/where-are-the-encrypted-passwords-stored-in-the-adaudit-plus-database-and-how-ca-1777484792252 2026-04-29T17:46:32.271Z weekly 0.7 https://onedaysec.com/qa/how-is-the-bcrypt-salt-generated-and-what-determines-the-workload-factor-in-adau-1777484792184 2026-04-29T17:46:32.195Z weekly 0.7 https://onedaysec.com/qa/what-encryption-algorithm-is-used-to-store-passwords-in-adaudit-plus-and-where-i-1777484792122 2026-04-29T17:46:32.133Z weekly 0.7 https://onedaysec.com/qa/why-was-memcpy-used-instead-of-strcpy-in-the-test-code-for-shellcode-injection-1777484781650 2026-04-29T17:46:21.693Z weekly 0.7 https://onedaysec.com/qa/what-bug-was-encountered-when-using-the-automatically-generated-rop-chain-from-m-1777484781534 2026-04-29T17:46:21.568Z weekly 0.7 https://onedaysec.com/qa/how-does-the-mona-plugin-in-immunity-debugger-assist-in-generating-a-rop-chain-f-1777484781481 2026-04-29T17:46:21.497Z weekly 0.7 https://onedaysec.com/qa/what-is-the-core-principle-behind-bypassing-dep-using-the-virtualprotect-functio-1777484781422 2026-04-29T17:46:21.434Z weekly 0.7 https://onedaysec.com/qa/what-is-data-execution-prevention-dep-and-how-does-it-prevent-shellcode-executio-1777484781337 2026-04-29T17:46:21.349Z weekly 0.7 https://onedaysec.com/qa/how-is-the-shellcode-extracted-from-the-compiled-executable-and-what-tool-is-use-1777484756040 2026-04-29T17:45:56.058Z weekly 0.7 https://onedaysec.com/qa/what-compilation-settings-are-recommended-for-generating-shellcode-using-visual--1777484755986 2026-04-29T17:45:56.000Z weekly 0.7 https://onedaysec.com/qa/how-does-the-article-ensure-the-shellcodes-entry-function-executes-correctly-aft-1777484755918 2026-04-29T17:45:55.936Z weekly 0.7 https://onedaysec.com/qa/why-should-global-variables-be-avoided-in-shellcode-and-how-does-the-article-add-1777484755858 2026-04-29T17:45:55.867Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-bugs-fixed-in-the-shellcode-extraction-code-from-the-previous-a-1777484755788 2026-04-29T17:45:55.801Z weekly 0.7 https://onedaysec.com/qa/how-can-ancillary-chunks-like-text-be-used-to-hide-payloads-in-png-images-and-wh-1777484735212 2026-04-29T17:45:35.256Z weekly 0.7 https://onedaysec.com/qa/why-is-crc32-verification-important-when-manipulating-png-file-chunks-for-stegan-1777484735120 2026-04-29T17:45:35.136Z weekly 0.7 https://onedaysec.com/qa/what-are-the-critical-and-ancillary-chunks-in-a-png-file-and-which-ones-can-i-sa-1777484735059 2026-04-29T17:45:35.081Z weekly 0.7 https://onedaysec.com/qa/how-can-i-identify-if-a-file-is-a-valid-png-image-by-its-file-signature-1777484735000 2026-04-29T17:45:35.014Z weekly 0.7 https://onedaysec.com/qa/why-is-requests_ntlm-recommended-for-vulnerability-exploitation-in-ews-developme-1777484720073 2026-04-29T17:45:20.091Z weekly 0.7 https://onedaysec.com/qa/what-code-modifications-are-needed-when-switching-from-a-custom-ntlm-authenticat-1777484720003 2026-04-29T17:45:20.028Z weekly 0.7 https://onedaysec.com/qa/how-can-the-session-mechanism-in-requests_ntlm-improve-efficiency-in-ews-interac-1777484719956 2026-04-29T17:45:19.969Z weekly 0.7 https://onedaysec.com/qa/what-authentication-methods-does-requests_ntlm-support-for-exchange-web-service--1777484719903 2026-04-29T17:45:19.912Z weekly 0.7 https://onedaysec.com/qa/can-you-show-the-simplest-powershell-one-liner-to-bypass-applocker-using-this-te-1777484706358 2026-04-29T17:45:06.374Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-requirements-to-successfully-execute-this-applocker-bypass-1777484706264 2026-04-29T17:45:06.298Z weekly 0.7 https://onedaysec.com/qa/how-does-casey-smiths-bypass-method-differ-from-bohops-method-1777484706201 2026-04-29T17:45:06.213Z weekly 0.7 https://onedaysec.com/qa/what-is-the-core-technique-used-by-bohops-to-bypass-applocker-1777484706097 2026-04-29T17:45:06.113Z weekly 0.7 https://onedaysec.com/qa/what-optimization-does-the-article-propose-for-invoke-psimage-to-reduce-visual-i-1777484685403 2026-04-29T17:44:45.419Z weekly 0.7 https://onedaysec.com/qa/what-is-the-payload-size-constraint-when-using-invoke-psimage-and-how-does-the-s-1777484685343 2026-04-29T17:44:45.362Z weekly 0.7 https://onedaysec.com/qa/why-does-invoke-psimage-only-output-png-images-and-what-impact-does-this-have-on-1777484685278 2026-04-29T17:44:45.290Z weekly 0.7 https://onedaysec.com/qa/how-does-invoke-psimage-embed-a-powershell-payload-into-a-png-image-without-affe-1777484685220 2026-04-29T17:44:45.232Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-defense-methods-against-lua-script-based-applocker-bypa-1777484663168 2026-04-29T17:44:23.183Z weekly 0.7 https://onedaysec.com/qa/how-effective-is-the-lua-script-bypass-against-different-applocker-configuration-1777484663096 2026-04-29T17:44:23.115Z weekly 0.7 https://onedaysec.com/qa/what-specific-conditions-must-be-met-for-a-lua-script-applocker-bypass-to-work-1777484663038 2026-04-29T17:44:23.056Z weekly 0.7 https://onedaysec.com/qa/what-is-the-principle-behind-bypassing-applocker-using-lua-scripts-1777484662968 2026-04-29T17:44:22.983Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-email-sequence-numbers-and-uids-in-imap-and-how-c-1777484652235 2026-04-29T17:44:12.252Z weekly 0.7 https://onedaysec.com/qa/how-do-i-extract-and-save-email-attachments-using-pythons-imaplib-and-email-libr-1777484652179 2026-04-29T17:44:12.192Z weekly 0.7 https://onedaysec.com/qa/how-can-i-use-pythons-imaplib-to-list-all-email-folders-and-read-emails-from-the-1777484652118 2026-04-29T17:44:12.136Z weekly 0.7 https://onedaysec.com/qa/how-do-you-enable-imap-functionality-and-protocol-logging-on-an-exchange-server--1777484652062 2026-04-29T17:44:12.076Z weekly 0.7 https://onedaysec.com/qa/what-is-the-imap-protocol-and-which-port-does-its-secure-variant-use-1777484651976 2026-04-29T17:44:12.004Z weekly 0.7 https://onedaysec.com/qa/what-approach-does-the-article-suggest-for-obfuscating-strings-using-other-unico-1777484635680 2026-04-29T17:43:55.691Z weekly 0.7 https://onedaysec.com/qa/how-can-a-pentester-programmatically-encode-and-decode-strings-using-braille-pat-1777484635629 2026-04-29T17:43:55.651Z weekly 0.7 https://onedaysec.com/qa/how-does-braille-pattern-obfuscation-work-according-to-the-article-1777484635497 2026-04-29T17:43:55.510Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-obfuscating-strings-using-unicode-encoding-in-penetration-1777484635441 2026-04-29T17:43:55.458Z weekly 0.7 https://onedaysec.com/qa/what-are-the-default-web-paths-and-why-is-the-tomcat-debug-port-changed-to-8090-1777484611619 2026-04-29T17:43:31.632Z weekly 0.7 https://onedaysec.com/qa/how-do-i-change-an-administrator-password-in-the-goanywhere-mft-database-1777484611559 2026-04-29T17:43:31.577Z weekly 0.7 https://onedaysec.com/qa/what-methods-can-i-use-to-read-and-modify-the-apache-derby-database-used-by-goan-1777484611455 2026-04-29T17:43:31.487Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-remote-debugging-for-goanywhere-managed-file-transfer-on-a-windo-1777484611336 2026-04-29T17:43:31.375Z weekly 0.7 https://onedaysec.com/qa/how-do-i-perform-a-soap-login-using-pre-authentication-and-retrieve-an-auth-toke-1777484586945 2026-04-29T17:43:06.968Z weekly 0.7 https://onedaysec.com/qa/how-can-i-compute-the-pre-authentication-token-using-python-1777484586873 2026-04-29T17:43:06.894Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-pre-authentication-and-generate-a-preauthkey-in-zimbra-1777484586803 2026-04-29T17:43:06.816Z weekly 0.7 https://onedaysec.com/qa/what-is-zimbra-pre-authentication-and-how-does-it-work-1777484586739 2026-04-29T17:43:06.752Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-file-writing-methods-in-proxyshell-and-how-do-they-compare-in-t-1777484573499 2026-04-29T17:42:53.525Z weekly 0.7 https://onedaysec.com/qa/how-does-the-new-exchangecertificate-method-allow-file-writing-in-proxyshell-and-1777484573445 2026-04-29T17:42:53.463Z weekly 0.7 https://onedaysec.com/qa/what-are-the-prerequisites-for-writing-files-via-the-new-mailboxexportrequest-me-1777484573375 2026-04-29T17:42:53.387Z weekly 0.7 https://onedaysec.com/qa/why-cant-i-add-users-directly-via-pypsrp-in-proxyshell-exploitation-and-what-is--1777484573278 2026-04-29T17:42:53.289Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-adfind-in-the-context-of-obtaining-dns-records-1777484557407 2026-04-29T17:42:37.426Z weekly 0.7 https://onedaysec.com/qa/how-does-dns-dumpps1-work-and-what-fix-was-needed-for-newer-windows-systems-1777484557332 2026-04-29T17:42:37.354Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-sharpadidnsdump-and-adidnsdump-1777484557279 2026-04-29T17:42:37.289Z weekly 0.7 https://onedaysec.com/qa/how-can-regular-domain-users-obtain-dns-records-without-dns-admin-privileges-1777484557229 2026-04-29T17:42:37.240Z weekly 0.7 https://onedaysec.com/qa/how-does-the-usn-journal-relate-to-ntfs-file-time-attributes-and-what-additional-1777484541789 2026-04-29T17:42:21.817Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-forensic-methods-to-detect-tampering-with-the-usn-journ-1777484541709 2026-04-29T17:42:21.723Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-clear-or-tamper-with-the-usn-journal-to-hide-their-tracks-1777484541663 2026-04-29T17:42:21.675Z weekly 0.7 https://onedaysec.com/qa/what-is-the-usn-journal-and-what-kind-of-information-does-it-record-1777484541580 2026-04-29T17:42:21.598Z weekly 0.7 https://onedaysec.com/qa/can-dcsync-be-executed-from-a-machine-outside-the-domain-if-so-how-1777484527995 2026-04-29T17:42:08.009Z weekly 0.7 https://onedaysec.com/qa/what-defense-recommendations-are-provided-to-detect-or-prevent-dcsync-attacks-1777484527926 2026-04-29T17:42:07.947Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-execute-dcsync-from-a-domain-joined-host-that-is-not-a-domai-1777484527866 2026-04-29T17:42:07.883Z weekly 0.7 https://onedaysec.com/qa/what-tools-can-be-used-to-execute-a-dcsync-attack-and-how-do-they-differ-1777484527798 2026-04-29T17:42:07.808Z weekly 0.7 https://onedaysec.com/qa/what-permissions-are-required-to-perform-a-dcsync-attack-to-export-all-domain-us-1777484527700 2026-04-29T17:42:07.718Z weekly 0.7 https://onedaysec.com/qa/how-can-i-use-advanced-query-syntax-aqs-to-search-for-emails-within-a-specific-d-1777484493433 2026-04-29T17:41:33.451Z weekly 0.7 https://onedaysec.com/qa/when-compiling-an-exchangelib-based-python-script-into-an-executable-with-pyinst-1777484493340 2026-04-29T17:41:33.356Z weekly 0.7 https://onedaysec.com/qa/how-can-i-log-in-to-an-exchange-server-using-an-ntlm-hash-instead-of-a-plaintext-1777484493283 2026-04-29T17:41:33.298Z weekly 0.7 https://onedaysec.com/qa/what-is-exchangelib-and-how-does-it-simplify-exchange-web-service-development-co-1777484493221 2026-04-29T17:41:33.236Z weekly 0.7 https://onedaysec.com/qa/why-might-a-png-file-size-change-after-lsb-steganography-and-how-can-you-avoid-t-1777484476304 2026-04-29T17:41:16.321Z weekly 0.7 https://onedaysec.com/qa/what-tool-can-visually-analyze-lsb-steganography-in-png-images-and-how-does-it-r-1777484476204 2026-04-29T17:41:16.249Z weekly 0.7 https://onedaysec.com/qa/how-can-you-decrypt-or-extract-hidden-data-from-a-png-file-that-uses-lsb-stegano-1777484476147 2026-04-29T17:41:16.163Z weekly 0.7 https://onedaysec.com/qa/what-is-the-role-of-the-idat-data-chunk-in-png-lsb-steganography-and-how-is-it-c-1777484476066 2026-04-29T17:41:16.077Z weekly 0.7 https://onedaysec.com/qa/how-does-lsb-steganography-hide-data-in-png-images-without-being-noticeable-to-t-1777484475996 2026-04-29T17:41:16.016Z weekly 0.7 https://onedaysec.com/qa/how-do-i-crack-the-extracted-ntlmv2-hash-to-recover-the-plaintext-password-1777484463137 2026-04-29T17:41:03.154Z weekly 0.7 https://onedaysec.com/qa/why-is-a-file-server-a-prime-target-for-capturing-ntlmv2-hashes-from-other-users-1777484463081 2026-04-29T17:41:03.094Z weekly 0.7 https://onedaysec.com/qa/how-can-i-automatically-extract-ntlmv2-hashes-from-captured-packets-using-python-1777484463016 2026-04-29T17:41:03.042Z weekly 0.7 https://onedaysec.com/qa/how-do-i-convert-the-etl-file-from-netsh-trace-into-a-format-that-wireshark-can--1777484462957 2026-04-29T17:41:02.966Z weekly 0.7 https://onedaysec.com/qa/how-can-i-capture-network-packets-on-a-windows-file-server-without-installing-an-1777484462893 2026-04-29T17:41:02.907Z weekly 0.7 https://onedaysec.com/qa/how-can-the-waitforexe-backdoor-be-made-reusable-and-persistent-1777484442542 2026-04-29T17:40:42.560Z weekly 0.7 https://onedaysec.com/qa/what-is-the-wmi-based-persistence-technique-used-in-the-waitforexe-poc-1777484442479 2026-04-29T17:40:42.496Z weekly 0.7 https://onedaysec.com/qa/how-does-the-waitforexe-backdoor-work-and-what-is-its-limitation-1777484442403 2026-04-29T17:40:42.415Z weekly 0.7 https://onedaysec.com/qa/what-is-waitforexe-and-how-can-it-be-used-for-persistence-in-penetration-testing-1777484442349 2026-04-29T17:40:42.357Z weekly 0.7 https://onedaysec.com/qa/how-can-i-replace-a-service-executable-without-stopping-the-service-and-what-pri-1777484427940 2026-04-29T17:40:27.952Z weekly 0.7 https://onedaysec.com/qa/why-cant-i-see-the-gui-of-a-service-started-executable-and-how-can-i-fix-it-with-1777484427871 2026-04-29T17:40:27.889Z weekly 0.7 https://onedaysec.com/qa/how-do-i-write-a-c-program-that-the-windows-service-control-manager-scm-can-run-1777484427831 2026-04-29T17:40:27.841Z weekly 0.7 https://onedaysec.com/qa/how-can-i-find-writable-windows-services-using-powershell-1777484427775 2026-04-29T17:40:27.788Z weekly 0.7 https://onedaysec.com/qa/how-does-the-c-tool-queryadobjectexe-improve-upon-microsofts-sample-code-for-ad--1777484409671 2026-04-29T17:40:09.684Z weekly 0.7 https://onedaysec.com/qa/what-is-the-significance-of-the-ldap-filter-objectcategorycomputerobjectclasscom-1777484409622 2026-04-29T17:40:09.636Z weekly 0.7 https://onedaysec.com/qa/what-tools-can-be-used-to-gather-active-directory-information-from-within-a-comp-1777484409548 2026-04-29T17:40:09.563Z weekly 0.7 https://onedaysec.com/qa/how-can-you-list-all-domain-users-from-outside-the-domain-using-ldapsearch-on-ka-1777484409456 2026-04-29T17:40:09.498Z weekly 0.7 https://onedaysec.com/qa/what-are-the-prerequisites-for-querying-active-directory-information-from-outsid-1777484409290 2026-04-29T17:40:09.329Z weekly 0.7 https://onedaysec.com/qa/what-is-cve-2022-36537-about-and-why-is-the-encryption-weak-in-server-backup-man-1777484386600 2026-04-29T17:39:46.624Z weekly 0.7 https://onedaysec.com/qa/how-are-user-passwords-stored-in-server-backup-manager-and-where-can-i-extract-t-1777484386537 2026-04-29T17:39:46.557Z weekly 0.7 https://onedaysec.com/qa/how-do-i-set-up-remote-debugging-for-server-backup-manager-by-adding-jvm-debug-p-1777484386459 2026-04-29T17:39:46.481Z weekly 0.7 https://onedaysec.com/qa/how-do-i-install-an-older-version-of-server-backup-manager-for-vulnerability-tes-1777484386396 2026-04-29T17:39:46.410Z weekly 0.7 https://onedaysec.com/qa/how-can-you-parse-the-keystroke-logs-generated-by-the-hp-keylogger-1777484372935 2026-04-29T17:39:32.952Z weekly 0.7 https://onedaysec.com/qa/can-an-attacker-modify-the-keyloggers-behavior-through-registry-exploitation-1777484372878 2026-04-29T17:39:32.895Z weekly 0.7 https://onedaysec.com/qa/how-does-the-hp-audio-driver-keylogger-record-keystrokes-1777484372813 2026-04-29T17:39:32.835Z weekly 0.7 https://onedaysec.com/qa/what-is-cve-2017-8360-and-why-is-it-significant-1777484372753 2026-04-29T17:39:32.767Z weekly 0.7 https://onedaysec.com/qa/how-can-special-alternative-data-streams-ads-bypass-conventional-detection-tools-1777484357316 2026-04-29T17:39:17.329Z weekly 0.7 https://onedaysec.com/qa/what-is-an-alternative-data-stream-ads-and-how-can-it-be-exploited-for-stealthy--1777484357263 2026-04-29T17:39:17.276Z weekly 0.7 https://onedaysec.com/qa/what-defenses-exist-against-the-trackerexe-dll-loading-technique-1777484349997 2026-04-29T17:39:10.015Z weekly 0.7 https://onedaysec.com/qa/how-can-i-execute-c-code-during-xslt-transformation-and-use-it-for-shellcode-exe-1777484349943 2026-04-29T17:39:09.959Z weekly 0.7 https://onedaysec.com/qa/how-can-i-use-csiexe-to-execute-arbitrary-net-code-and-bypass-windows-device-gua-1777484349897 2026-04-29T17:39:09.907Z weekly 0.7 https://onedaysec.com/qa/how-can-i-use-trackerexe-to-load-a-dll-and-bypass-application-whitelisting-1777484349836 2026-04-29T17:39:09.850Z weekly 0.7 https://onedaysec.com/qa/how-does-the-subauth-feature-of-mimilib-work-and-what-information-does-it-log-1777484321033 2026-04-29T17:38:41.047Z weekly 0.7 https://onedaysec.com/qa/what-does-the-dnsplugin-feature-of-mimilib-do-and-how-is-it-deployed-1777484320971 2026-04-29T17:38:40.994Z weekly 0.7 https://onedaysec.com/qa/how-can-mimilibdll-be-used-to-capture-password-changes-via-the-passwordchangenot-1777484320906 2026-04-29T17:38:40.918Z weekly 0.7 https://onedaysec.com/qa/what-is-mimilibdll-and-how-is-it-used-for-credential-theft-via-the-security-supp-1777484320814 2026-04-29T17:38:40.842Z weekly 0.7 https://onedaysec.com/qa/can-alwaysinstallelevated-be-exploited-remotely-via-msiexec-and-what-are-the-lim-1777484304698 2026-04-29T17:38:24.713Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-leverage-alwaysinstallelevated-for-privilege-escalation-with-1777484304641 2026-04-29T17:38:24.660Z weekly 0.7 https://onedaysec.com/qa/why-do-msi-files-generated-by-metasploit-fail-to-exploit-alwaysinstallelevated-a-1777484304587 2026-04-29T17:38:24.599Z weekly 0.7 https://onedaysec.com/qa/what-is-alwaysinstallelevated-and-how-does-it-enable-privilege-escalation-1777484304517 2026-04-29T17:38:24.529Z weekly 0.7 https://onedaysec.com/qa/can-the-backdoor-factory-be-used-to-hijack-dll-export-functions-specifically-1777484281609 2026-04-29T17:38:01.631Z weekly 0.7 https://onedaysec.com/qa/how-did-the-author-fix-the-bug-where-the-dll-payload-prevented-normal-program-fl-1777484281533 2026-04-29T17:38:01.555Z weekly 0.7 https://onedaysec.com/qa/what-technique-is-used-to-bypass-autoruns-detection-when-hijacking-system-dlls-f-1777484281466 2026-04-29T17:38:01.480Z weekly 0.7 https://onedaysec.com/qa/how-does-implanting-a-backdoor-into-a-dll-file-differ-from-implanting-one-into-a-1777484281377 2026-04-29T17:38:01.386Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-add-or-remove-the-password-never-expires-attribute-program-1777484268625 2026-04-29T17:37:48.657Z weekly 0.7 https://onedaysec.com/qa/from-a-defensive-perspective-why-is-it-important-to-minimize-users-with-password-1777484268546 2026-04-29T17:37:48.565Z weekly 0.7 https://onedaysec.com/qa/what-external-domain-methods-can-be-used-to-enumerate-users-with-password-never--1777484268496 2026-04-29T17:37:48.514Z weekly 0.7 https://onedaysec.com/qa/how-can-i-enumerate-domain-users-with-password-never-expires-set-from-inside-the-1777484268374 2026-04-29T17:37:48.395Z weekly 0.7 https://onedaysec.com/qa/what-is-the-implementation-principle-behind-the-password-never-expires-attribute-1777484268225 2026-04-29T17:37:48.263Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-main-approaches-to-obtain-remote-desktop-connection-passwords-m-1777484250891 2026-04-29T17:37:30.920Z weekly 0.7 https://onedaysec.com/qa/what-issue-does-rdpthief-encounter-on-windows-7-and-what-are-the-recommended-sol-1777484250810 2026-04-29T17:37:30.827Z weekly 0.7 https://onedaysec.com/qa/how-does-the-detours-library-assist-in-hooking-system-apis-for-credential-extrac-1777484250747 2026-04-29T17:37:30.771Z weekly 0.7 https://onedaysec.com/qa/what-is-rdpthief-and-how-does-it-extract-plaintext-credentials-from-remote-deskt-1777484250666 2026-04-29T17:37:30.676Z weekly 0.7 https://onedaysec.com/qa/how-do-i-send-an-email-with-an-attachment-using-the-zimbra-soap-api-1777484228273 2026-04-29T17:37:08.288Z weekly 0.7 https://onedaysec.com/qa/what-is-the-correct-way-to-upload-an-attachment-before-sending-an-email-via-the--1777484228220 2026-04-29T17:37:08.236Z weekly 0.7 https://onedaysec.com/qa/can-i-view-the-full-content-of-an-email-including-attachments-without-using-a-so-1777484228163 2026-04-29T17:37:08.175Z weekly 0.7 https://onedaysec.com/qa/how-do-i-retrieve-the-item-id-of-an-email-in-the-zimbra-soap-api-for-further-ope-1777484228080 2026-04-29T17:37:08.098Z weekly 0.7 https://onedaysec.com/qa/what-is-the-prefetch-file-and-how-does-it-record-program-execution-on-windows-1777484214898 2026-04-29T17:36:54.912Z weekly 0.7 https://onedaysec.com/qa/how-can-attackers-clear-file-execution-records-from-the-windows-registry-without-1777484214799 2026-04-29T17:36:54.819Z weekly 0.7 https://onedaysec.com/qa/where-are-registry-based-file-execution-records-like-shimcache-and-userassist-st-1777484214722 2026-04-29T17:36:54.747Z weekly 0.7 https://onedaysec.com/qa/how-can-i-obtain-file-execution-records-from-windows-logs-using-the-command-line-1777484214623 2026-04-29T17:36:54.636Z weekly 0.7 https://onedaysec.com/qa/what-are-windows-file-execution-records-and-why-are-they-important-for-penetrati-1777484214543 2026-04-29T17:36:54.564Z weekly 0.7 https://onedaysec.com/qa/how-can-i-invoke-a-specific-method-like-getheaderstring-on-a-request-object-usin-1777484197338 2026-04-29T17:36:37.357Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-enumerating-jspservletwrapper-instances-and-how-is-it-ach-1777484197257 2026-04-29T17:36:37.274Z weekly 0.7 https://onedaysec.com/qa/why-did-the-attempt-to-directly-access-the-rctxt-field-from-a-jettyjspservlet-in-1777484197198 2026-04-29T17:36:37.210Z weekly 0.7 https://onedaysec.com/qa/how-can-i-use-reflection-to-enumerate-all-fields-of-a-request-object-in-a-jsp-pa-1777484197141 2026-04-29T17:36:37.152Z weekly 0.7 https://onedaysec.com/qa/what-defensive-measures-can-prevent-or-detect-the-use-of-machineaccount-hashes-f-1777484183081 2026-04-29T17:36:23.179Z weekly 0.7 https://onedaysec.com/qa/once-an-attacker-has-a-domain-controllers-computer-account-hash-how-can-they-use-1777484182926 2026-04-29T17:36:22.966Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-obtain-the-ntlm-hash-of-a-domain-controllers-computer-accoun-1777484182817 2026-04-29T17:36:22.831Z weekly 0.7 https://onedaysec.com/qa/what-is-a-machineaccount-and-where-is-its-password-stored-1777484182657 2026-04-29T17:36:22.697Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-determine-whether-the-decryption-of-a-modified-ciphertext-su-1777484156902 2026-04-29T17:35:56.935Z weekly 0.7 https://onedaysec.com/qa/after-completing-the-padding-oracle-attack-how-is-the-padded-plaintext-converted-1777484156787 2026-04-29T17:35:56.818Z weekly 0.7 https://onedaysec.com/qa/how-does-the-open-source-python-code-in-the-article-crack-the-8th-byte-of-the-fi-1777484156693 2026-04-29T17:35:56.706Z weekly 0.7 https://onedaysec.com/qa/what-prerequisites-are-needed-to-perform-a-padding-oracle-attack-on-microsoft-ex-1777484156634 2026-04-29T17:35:56.646Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-and-prevent-the-misuse-of-password-filter-dlls-1777484137064 2026-04-29T17:35:37.079Z weekly 0.7 https://onedaysec.com/qa/how-can-a-password-filter-dll-be-applied-on-non-windows-server-systems-that-have-1777484136986 2026-04-29T17:35:37.004Z weekly 0.7 https://onedaysec.com/qa/how-can-a-password-filter-dll-be-used-in-a-domain-environment-for-backdoor-or-cr-1777484136931 2026-04-29T17:35:36.944Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-install-a-malicious-password-filter-dll-on-a-windows-syste-1777484136877 2026-04-29T17:35:36.887Z weekly 0.7 https://onedaysec.com/qa/what-is-a-password-filter-dll-and-how-can-an-attacker-exploit-it-in-penetration--1777484136825 2026-04-29T17:35:36.834Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-or-mitigate-this-uac-bypass-technique-1777484119995 2026-04-29T17:35:20.014Z weekly 0.7 https://onedaysec.com/qa/what-additional-exploitation-techniques-can-be-derived-from-the-invoke-wscriptby-1777484119864 2026-04-29T17:35:19.887Z weekly 0.7 https://onedaysec.com/qa/why-does-invoke-wscriptbypassuac-fail-on-windows-8-and-windows-10-1777484119786 2026-04-29T17:35:19.812Z weekly 0.7 https://onedaysec.com/qa/how-does-invoke-wscriptbypassuac-bypass-uac-on-windows-7-1777484119710 2026-04-29T17:35:19.722Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-detection-and-defense-methods-against-this-inf-based-pe-1777484104616 2026-04-29T17:35:04.638Z weekly 0.7 https://onedaysec.com/qa/how-can-the-gootkit-backdoor-be-used-for-fileless-execution-1777484104558 2026-04-29T17:35:04.577Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-registry-entries-needed-to-trigger-the-gootkit-backdoor-on-star-1777484104492 2026-04-29T17:35:04.511Z weekly 0.7 https://onedaysec.com/qa/how-does-the-gootkit-banking-trojan-achieve-persistence-without-administrator-pr-1777484104438 2026-04-29T17:35:04.448Z weekly 0.7 https://onedaysec.com/qa/what-was-the-authors-overall-conclusion-about-the-jason-tool-after-fixing-and-te-1777484088285 2026-04-29T17:34:48.299Z weekly 0.7 https://onedaysec.com/qa/what-configuration-options-does-jason-offer-when-trying-to-brute-force-exchange--1777484088232 2026-04-29T17:34:48.247Z weekly 0.7 https://onedaysec.com/qa/how-does-jason-compare-with-other-open-source-exchange-brute-force-tools-like-ma-1777484088176 2026-04-29T17:34:48.193Z weekly 0.7 https://onedaysec.com/qa/what-bugs-were-found-in-jasons-source-code-and-how-were-they-fixed-1777484088121 2026-04-29T17:34:48.133Z weekly 0.7 https://onedaysec.com/qa/what-is-the-apt34-leaked-tool-jason-designed-to-do-1777484088069 2026-04-29T17:34:48.077Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-mitigate-pass-the-hash-attacks-that-leverage-restricted-admin--1777484074835 2026-04-29T17:34:34.850Z weekly 0.7 https://onedaysec.com/qa/why-did-the-freerdp-pass-the-hash-feature-fail-in-my-tests-and-what-is-the-worka-1777484074772 2026-04-29T17:34:34.784Z weekly 0.7 https://onedaysec.com/qa/how-can-mimikatz-be-used-to-pass-the-hash-for-remote-desktop-when-restricted-adm-1777484074718 2026-04-29T17:34:34.734Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-restricted-admin-mode-on-a-windows-system-1777484074640 2026-04-29T17:34:34.654Z weekly 0.7 https://onedaysec.com/qa/what-is-restricted-admin-mode-for-remote-desktop-and-why-does-it-matter-for-pene-1777484074560 2026-04-29T17:34:34.574Z weekly 0.7 https://onedaysec.com/qa/why-is-the-zid-important-when-adding-a-folder-share-in-zimbra-1777484047190 2026-04-29T17:34:07.208Z weekly 0.7 https://onedaysec.com/qa/how-does-folder-sharing-work-in-zimbra-and-what-permission-roles-are-available-1777484047132 2026-04-29T17:34:07.147Z weekly 0.7 https://onedaysec.com/qa/what-optional-filters-can-i-apply-when-exporting-emails-with-zimbra-1777484047039 2026-04-29T17:34:07.054Z weekly 0.7 https://onedaysec.com/qa/how-can-i-export-all-emails-from-a-zimbra-mailbox-using-the-soap-api-1777484046958 2026-04-29T17:34:06.980Z weekly 0.7 https://onedaysec.com/qa/what-are-the-special-jass-functions-that-enable-this-file-writing-vulnerability--1777484032164 2026-04-29T17:33:52.204Z weekly 0.7 https://onedaysec.com/qa/what-role-does-the-hkew3mmodifier-tool-play-in-analyzing-this-vulnerability-1777484032043 2026-04-29T17:33:52.083Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-protect-against-this-type-of-warcraft-iii-map-attack-1777484031897 2026-04-29T17:33:51.935Z weekly 0.7 https://onedaysec.com/qa/what-is-the-typical-attack-chain-for-exploiting-this-warcraft-iii-map-vulnerabil-1777484031708 2026-04-29T17:33:51.735Z weekly 0.7 https://onedaysec.com/qa/how-does-the-warcraft-iii-map-vulnerability-allow-an-attacker-to-execute-arbitra-1777484031626 2026-04-29T17:33:51.638Z weekly 0.7 https://onedaysec.com/qa/why-might-a-developer-choose-to-work-with-soap-xml-messages-instead-of-the-ews-m-1777484015390 2026-04-29T17:33:35.427Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-operations-supported-by-the-open-source-ewsmanagepy-script-for--1777484015283 2026-04-29T17:33:35.300Z weekly 0.7 https://onedaysec.com/qa/how-does-ewsmanagepy-support-accessing-exchange-resources-using-an-ntlm-hash-ins-1777484015198 2026-04-29T17:33:35.220Z weekly 0.7 https://onedaysec.com/qa/how-can-i-determine-the-correct-soap-xml-message-format-for-different-exchange-w-1777484015129 2026-04-29T17:33:35.140Z weekly 0.7 https://onedaysec.com/qa/what-is-the-role-of-the-decoder-assembly-code-in-the-optimized-shellcode-1777483998149 2026-04-29T17:33:18.165Z weekly 0.7 https://onedaysec.com/qa/why-does-the-strcpy-function-cause-problems-when-delivering-shellcode-and-what-s-1777483998090 2026-04-29T17:33:18.105Z weekly 0.7 https://onedaysec.com/qa/how-did-the-author-determine-the-exact-offset-to-overwrite-the-return-address-in-1777483998033 2026-04-29T17:33:18.044Z weekly 0.7 https://onedaysec.com/qa/what-is-the-core-principle-behind-exploiting-a-stack-overflow-with-shellcode-1777483997946 2026-04-29T17:33:17.966Z weekly 0.7 https://onedaysec.com/qa/what-open-source-projects-does-the-article-analyze-that-leverage-assemblyload-fo-1777483979604 2026-04-29T17:32:59.625Z weekly 0.7 https://onedaysec.com/qa/why-is-assemblyload-considered-a-stealthy-technique-for-exploitation-1777483979537 2026-04-29T17:32:59.553Z weekly 0.7 https://onedaysec.com/qa/how-can-you-load-a-net-assembly-from-memory-using-assemblyload-without-writing-t-1777483979485 2026-04-29T17:32:59.494Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-differences-between-assemblyload-assemblyloadfrom-and-assemblyl-1777483979428 2026-04-29T17:32:59.443Z weekly 0.7 https://onedaysec.com/qa/how-does-the-ntlm-challenge-fit-into-pass-the-hash-attacks-against-exchange-1777483955724 2026-04-29T17:32:35.739Z weekly 0.7 https://onedaysec.com/qa/what-are-the-advantages-of-the-open-source-python-implementation-for-pass-the-ha-1777483955632 2026-04-29T17:32:35.650Z weekly 0.7 https://onedaysec.com/qa/what-is-the-core-idea-behind-using-a-password-hash-to-authenticate-to-exchange-w-1777483955586 2026-04-29T17:32:35.593Z weekly 0.7 https://onedaysec.com/qa/how-can-i-decrypt-exchange-communication-traffic-to-analyze-ntlm-authentication--1777483955522 2026-04-29T17:32:35.536Z weekly 0.7 https://onedaysec.com/qa/which-tools-can-verify-cat-file-digital-signatures-and-why-might-get-authenticod-1777483931330 2026-04-29T17:32:11.347Z weekly 0.7 https://onedaysec.com/qa/does-moving-a-cat-file-signed-executable-to-a-different-location-invalidate-its--1777483931275 2026-04-29T17:32:11.291Z weekly 0.7 https://onedaysec.com/qa/how-does-a-cat-file-digital-signature-work-and-how-is-it-applied-1777483931222 2026-04-29T17:32:11.233Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-main-methods-for-adding-digital-signatures-to-files-in-windows-1777483931147 2026-04-29T17:32:11.164Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-takeaways-from-the-expansion-of-techniques-for-exploiting-simul-1777483915612 2026-04-29T17:31:55.626Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-forge-a-normal-uac-prompt-by-simulating-a-trusted-directory-1777483915516 2026-04-29T17:31:55.534Z weekly 0.7 https://onedaysec.com/qa/what-is-the-method-for-deceiving-shimcache-using-a-simulated-trusted-directory-1777483915468 2026-04-29T17:31:55.476Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-bypass-autoruns-detection-by-simulating-a-trusted-directory-1777483915384 2026-04-29T17:31:55.406Z weekly 0.7 https://onedaysec.com/qa/how-did-the-author-fix-the-no-module-named-memorpy-error-in-lazagne-1777483896111 2026-04-29T17:31:36.132Z weekly 0.7 https://onedaysec.com/qa/what-steps-are-required-to-compile-a-custom-lazagne-script-into-a-standalone-win-1777483896021 2026-04-29T17:31:36.045Z weekly 0.7 https://onedaysec.com/qa/how-does-360-speed-browser-store-saved-passwords-compared-to-google-chrome-1777483895956 2026-04-29T17:31:35.969Z weekly 0.7 https://onedaysec.com/qa/what-is-lazagne-and-how-can-it-be-extended-to-support-additional-browsers-like-3-1777483895876 2026-04-29T17:31:35.892Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-ldap-based-brute-force-attempts-against-domain-user-pas-1777483879565 2026-04-29T17:31:19.590Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-brute-forcing-domain-passwords-inside-vs-outside--1777483879468 2026-04-29T17:31:19.486Z weekly 0.7 https://onedaysec.com/qa/how-can-you-identify-disabled-and-locked-domain-users-before-launching-a-passwor-1777483879407 2026-04-29T17:31:19.423Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-considerations-to-avoid-account-lockouts-when-brute-forcing-dom-1777483879277 2026-04-29T17:31:19.326Z weekly 0.7 https://onedaysec.com/qa/how-does-the-net_oneliner-payload-load-assemblies-from-memory-in-pupy-1777483838331 2026-04-29T17:30:38.346Z weekly 0.7 https://onedaysec.com/qa/which-communication-protocols-can-be-used-with-pupys-transports-1777483838278 2026-04-29T17:30:38.295Z weekly 0.7 https://onedaysec.com/qa/what-connection-methods-does-pupy-support-on-windows-1777483838205 2026-04-29T17:30:38.228Z weekly 0.7 https://onedaysec.com/qa/how-does-the-py_oneliner-payload-work-and-what-is-its-advantage-1777483838161 2026-04-29T17:30:38.168Z weekly 0.7 https://onedaysec.com/qa/what-are-the-supported-payload-file-types-generated-by-pupy-on-windows-1777483838106 2026-04-29T17:30:38.120Z weekly 0.7 https://onedaysec.com/qa/how-can-personal-access-tokens-pats-be-exploited-in-confluence-and-what-sql-comm-1777483816528 2026-04-29T17:30:16.560Z weekly 0.7 https://onedaysec.com/qa/where-are-confluence-user-credentials-stored-and-how-can-an-attacker-modify-them-1777483816341 2026-04-29T17:30:16.411Z weekly 0.7 https://onedaysec.com/qa/how-do-you-set-up-a-confluence-environment-on-linux-and-what-are-the-key-databas-1777483816172 2026-04-29T17:30:16.243Z weekly 0.7 https://onedaysec.com/qa/what-is-confluence-and-why-is-it-significant-from-a-cybersecurity-perspective-1777483815941 2026-04-29T17:30:16.022Z weekly 0.7 https://onedaysec.com/qa/what-are-some-methods-to-disable-or-restrict-access-to-the-exchange-globaladdres-1777483799563 2026-04-29T17:29:59.601Z weekly 0.7 https://onedaysec.com/qa/why-is-iterating-through-search-criteria-necessary-when-using-the-resolvename-op-1777483799156 2026-04-29T17:29:59.298Z weekly 0.7 https://onedaysec.com/qa/how-can-you-extract-the-globaladdresslist-using-the-offline-address-book-oab-met-1777483799026 2026-04-29T17:29:59.068Z weekly 0.7 https://onedaysec.com/qa/what-are-the-main-methods-to-extract-the-exchange-globaladdresslist-during-penet-1777483798862 2026-04-29T17:29:58.919Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-the-jscript-code-that-checks-for-the-existence-of-the-mic-1777483785641 2026-04-29T17:29:45.759Z weekly 0.7 https://onedaysec.com/qa/how-does-this-technique-relate-to-other-exploitation-methods-for-loading-dlls-or-1777483785556 2026-04-29T17:29:45.579Z weekly 0.7 https://onedaysec.com/qa/what-specific-challenges-arise-when-using-rundll32-with-registerxll-to-load-a-re-1777483785469 2026-04-29T17:29:45.493Z weekly 0.7 https://onedaysec.com/qa/can-you-explain-how-to-combine-remote-dll-download-with-registerxll-using-jscrip-1777483785418 2026-04-29T17:29:45.430Z weekly 0.7 https://onedaysec.com/qa/how-does-the-registerxll-method-of-the-excelapplication-object-work-for-loading--1777483785327 2026-04-29T17:29:45.358Z weekly 0.7 https://onedaysec.com/qa/how-can-i-read-the-full-content-of-an-email-and-download-its-attachments-via-the-1777483764164 2026-04-29T17:29:24.179Z weekly 0.7 https://onedaysec.com/qa/how-do-i-list-all-emails-in-an-owa-folder-and-obtain-their-conversationid-1777483764108 2026-04-29T17:29:24.127Z weekly 0.7 https://onedaysec.com/qa/what-authentication-method-does-owa-use-and-why-is-it-important-for-penetration--1777483764021 2026-04-29T17:29:24.035Z weekly 0.7 https://onedaysec.com/qa/how-can-i-read-exchange-emails-via-owa-from-the-command-line-for-penetration-tes-1777483763927 2026-04-29T17:29:23.941Z weekly 0.7 https://onedaysec.com/qa/how-does-this-article-build-upon-the-previous-one-on-remote-execution-via-schedu-1777483741214 2026-04-29T17:29:01.240Z weekly 0.7 https://onedaysec.com/qa/what-are-some-key-considerations-when-implementing-a-powershell-script-for-this--1777483741127 2026-04-29T17:29:01.156Z weekly 0.7 https://onedaysec.com/qa/what-specific-files-were-modified-during-the-backuprestore-process-to-add-regist-1777483740983 2026-04-29T17:29:01.000Z weekly 0.7 https://onedaysec.com/qa/what-workaround-did-the-author-discover-to-register-a-scheduled-task-in-a-gpo-us-1777483740888 2026-04-29T17:29:00.899Z weekly 0.7 https://onedaysec.com/qa/why-cant-remote-execution-be-achieved-by-simply-creating-a-scheduledtasksxml-fil-1777483740820 2026-04-29T17:29:00.837Z weekly 0.7 https://onedaysec.com/qa/what-defensive-strategies-can-organizations-implement-to-prevent-dcom-lateral-mo-1777483722000 2026-04-29T17:28:42.020Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-bypass-the-windows-firewall-to-enable-dcom-remote-execution-1777483721919 2026-04-29T17:28:41.942Z weekly 0.7 https://onedaysec.com/qa/what-are-the-different-clsids-used-for-dcom-lateral-movement-and-which-windows-v-1777483721839 2026-04-29T17:28:41.857Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-execute-a-program-on-a-remote-system-using-the-mmc20applicat-1777483721773 2026-04-29T17:28:41.786Z weekly 0.7 https://onedaysec.com/qa/what-is-dcom-and-how-can-it-be-used-for-lateral-movement-in-a-domain-environment-1777483721711 2026-04-29T17:28:41.725Z weekly 0.7 https://onedaysec.com/qa/why-does-bdf-offer-payloads-like-iat_reverse_tcp_inline-and-what-is-the-purpose--1777483703157 2026-04-29T17:28:23.173Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-adding-a-new-section-and-using-existing-code-cave-1777483703092 2026-04-29T17:28:23.115Z weekly 0.7 https://onedaysec.com/qa/what-are-code-caves-and-why-are-they-important-for-backdooring-exe-files-with-bd-1777483703035 2026-04-29T17:28:23.043Z weekly 0.7 https://onedaysec.com/qa/what-is-the-backdoor-factory-and-how-does-it-implant-backdoors-into-exe-files-1777483702969 2026-04-29T17:28:22.984Z weekly 0.7 https://onedaysec.com/qa/what-are-the-important-compilation-details-for-the-managed-dll-used-in-clsid-hij-1777483685799 2026-04-29T17:28:05.817Z weekly 0.7 https://onedaysec.com/qa/which-system-clsids-can-be-hijacked-to-bypass-uac-when-launching-specific-micros-1777483685741 2026-04-29T17:28:05.759Z weekly 0.7 https://onedaysec.com/qa/what-registry-keys-are-modified-for-the-clr-uac-bypass-via-environment-variables-1777483685679 2026-04-29T17:28:05.694Z weekly 0.7 https://onedaysec.com/qa/how-does-the-clr-based-uac-bypass-technique-work-by-setting-environment-variable-1777483685574 2026-04-29T17:28:05.587Z weekly 0.7 https://onedaysec.com/qa/what-role-does-the-userlog_read-function-play-in-displaying-last-webadmin-sessio-1777483657865 2026-04-29T17:27:37.880Z weekly 0.7 https://onedaysec.com/qa/where-are-the-last-webadmin-sessions-records-actually-stored-and-how-can-they-be-1777483657807 2026-04-29T17:27:37.825Z weekly 0.7 https://onedaysec.com/qa/why-does-modifying-the-varconfdvarstoragecfg-file-fail-to-clear-last-webadmin-se-1777483657751 2026-04-29T17:27:37.765Z weekly 0.7 https://onedaysec.com/qa/what-is-the-last-webadmin-sessions-feature-in-sophos-utm-and-how-is-it-accessed-1777483657653 2026-04-29T17:27:37.675Z weekly 0.7 https://onedaysec.com/qa/how-can-attackers-bypass-signature-verification-without-leaving-a-custom-dll-on--1777483628472 2026-04-29T17:27:08.536Z weekly 0.7 https://onedaysec.com/qa/what-is-the-role-of-sip-subject-interface-package-in-signature-verification-and--1777483628408 2026-04-29T17:27:08.426Z weekly 0.7 https://onedaysec.com/qa/how-does-the-signature-verification-hijacking-technique-work-1777483628351 2026-04-29T17:27:08.366Z weekly 0.7 https://onedaysec.com/qa/what-is-authenticode-signature-forgery-and-how-is-it-performed-1777483628263 2026-04-29T17:27:08.283Z weekly 0.7 https://onedaysec.com/qa/why-cant-i-query-postgresql-database-tables-in-sophos-xg-and-how-do-i-resolve-it-1777483611207 2026-04-29T17:26:51.241Z weekly 0.7 https://onedaysec.com/qa/what-is-the-csc-configuration-file-and-how-can-i-decrypt-it-for-reverse-engineer-1777483611150 2026-04-29T17:26:51.168Z weekly 0.7 https://onedaysec.com/qa/how-can-i-enable-remote-debugging-for-the-jetty-web-server-in-sophos-xg-1777483611096 2026-04-29T17:26:51.107Z weekly 0.7 https://onedaysec.com/qa/how-do-i-set-up-a-sophos-xg-virtual-appliance-for-vulnerability-debugging-in-vmw-1777483611029 2026-04-29T17:26:51.042Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-and-prevent-an-attacker-from-maintaining-persistent-acc-1777483596068 2026-04-29T17:26:36.092Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-adding-a-forwarding-rule-via-ecp-and-setting-up-m-1777483595963 2026-04-29T17:26:35.985Z weekly 0.7 https://onedaysec.com/qa/how-can-an-exchange-administrator-use-powershell-to-add-persistent-email-access--1777483595894 2026-04-29T17:26:35.915Z weekly 0.7 https://onedaysec.com/qa/what-is-a-less-detectable-method-to-continuously-read-a-target-users-exchange-em-1777483595835 2026-04-29T17:26:35.848Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-persistently-access-an-exchange-users-emails-after-obtaining-1777483595762 2026-04-29T17:26:35.783Z weekly 0.7 https://onedaysec.com/qa/how-does-the-wll-persistence-technique-compare-to-other-office-persistence-metho-1777483568288 2026-04-29T17:26:08.302Z weekly 0.7 https://onedaysec.com/qa/what-considerations-should-be-taken-when-creating-a-wll-backdoor-dll-to-avoid-cr-1777483568204 2026-04-29T17:26:08.234Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-automate-the-deployment-of-a-wll-backdoor-using-powershell-1777483568122 2026-04-29T17:26:08.141Z weekly 0.7 https://onedaysec.com/qa/what-is-a-wll-file-and-how-can-it-be-used-for-persistence-in-microsoft-word-1777483568055 2026-04-29T17:26:08.062Z weekly 0.7 https://onedaysec.com/qa/how-does-the-ewsmanage_downloader-organize-downloaded-emails-and-handle-special--1777483545505 2026-04-29T17:25:45.518Z weekly 0.7 https://onedaysec.com/qa/why-is-it-necessary-to-redesign-the-code-structure-for-the-downloader-compared-t-1777483545463 2026-04-29T17:25:45.475Z weekly 0.7 https://onedaysec.com/qa/what-is-the-correct-syntax-for-filtering-emails-by-date-and-size-in-ews-soap-que-1777483545423 2026-04-29T17:25:45.436Z weekly 0.7 https://onedaysec.com/qa/how-did-the-article-fix-the-bug-related-to-the-domain-parameter-for-ntlm-authent-1777483545372 2026-04-29T17:25:45.384Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-purpose-of-the-ewsmanage_downloader-tool-described-in-this-arti-1777483545318 2026-04-29T17:25:45.330Z weekly 0.7 https://onedaysec.com/qa/how-does-glimpse-prevent-multiple-instances-of-its-agent-from-running-simultaneo-1777483527557 2026-04-29T17:25:27.574Z weekly 0.7 https://onedaysec.com/qa/what-specific-files-does-the-poisonfrog-agent-release-in-the-publicpublic-folder-1777483527493 2026-04-29T17:25:27.514Z weekly 0.7 https://onedaysec.com/qa/why-do-the-analysts-believe-that-the-leaked-poisonfrog-and-glimpse-tools-are-unl-1777483527398 2026-04-29T17:25:27.420Z weekly 0.7 https://onedaysec.com/qa/what-are-the-main-differences-in-c2-communication-between-poisonfrog-and-glimpse-1777483527347 2026-04-29T17:25:27.358Z weekly 0.7 https://onedaysec.com/qa/how-does-poisonfrog-achieve-persistence-on-the-victim-machine-1777483527292 2026-04-29T17:25:27.305Z weekly 0.7 https://onedaysec.com/qa/does-the-msdtc-backdoor-work-on-64-bit-systems-with-a-32-bit-dll-1777483503398 2026-04-29T17:25:03.436Z weekly 0.7 https://onedaysec.com/qa/what-detection-and-defense-measures-are-recommended-against-the-msdtc-backdoor-1777483503319 2026-04-29T17:25:03.340Z weekly 0.7 https://onedaysec.com/qa/how-can-an-administrator-use-msdtc-to-launch-a-program-with-reduced-privileges-1777483503247 2026-04-29T17:25:03.266Z weekly 0.7 https://onedaysec.com/qa/can-the-msdtc-backdoor-be-exploited-in-a-workgroup-environment-or-only-in-a-doma-1777483503173 2026-04-29T17:25:03.187Z weekly 0.7 https://onedaysec.com/qa/how-does-the-msdtc-service-backdoor-work-for-persistence-1777483503076 2026-04-29T17:25:03.092Z weekly 0.7 https://onedaysec.com/qa/what-are-some-exploitation-approaches-and-defense-recommendations-for-this-bypas-1777483470838 2026-04-29T17:24:30.853Z weekly 0.7 https://onedaysec.com/qa/how-does-the-c-implementation-of-swampthing-differ-and-what-advantage-does-it-of-1777483470783 2026-04-29T17:24:30.801Z weekly 0.7 https://onedaysec.com/qa/what-is-swampthing-and-how-do-you-use-it-to-bypass-command-line-auditing-1777483470717 2026-04-29T17:24:30.744Z weekly 0.7 https://onedaysec.com/qa/how-does-the-technique-to-bypass-windows-command-line-process-auditing-work-1777483470627 2026-04-29T17:24:30.637Z weekly 0.7 https://onedaysec.com/qa/how-does-the-explorerexe-hijacking-technique-compare-to-other-com-hijacking-meth-1777483446261 2026-04-29T17:24:06.274Z weekly 0.7 https://onedaysec.com/qa/what-defense-strategies-does-the-article-recommend-against-com-object-hijacking-1777483446219 2026-04-29T17:24:06.229Z weekly 0.7 https://onedaysec.com/qa/which-known-malware-families-have-exploited-com-hijacking-via-mrupidllist-or-sim-1777483446165 2026-04-29T17:24:06.182Z weekly 0.7 https://onedaysec.com/qa/what-registry-keys-are-commonly-used-for-com-hijacking-targeting-explorerexe-and-1777483446048 2026-04-29T17:24:06.059Z weekly 0.7 https://onedaysec.com/qa/how-does-hijacking-the-mrupidllist-com-object-allow-an-attacker-to-maintain-pers-1777483445980 2026-04-29T17:24:05.995Z weekly 0.7 https://onedaysec.com/qa/after-adding-an-administrator-user-via-ldap-how-can-the-new-account-be-used-to-i-1777483414758 2026-04-29T17:23:34.769Z weekly 0.7 https://onedaysec.com/qa/what-ldap-commands-are-used-to-add-a-user-set-their-password-and-assign-them-to--1777483414680 2026-04-29T17:23:34.722Z weekly 0.7 https://onedaysec.com/qa/how-do-you-export-ldap-credential-information-from-a-vcenter-appliance-using-the-1777483414595 2026-04-29T17:23:34.626Z weekly 0.7 https://onedaysec.com/qa/what-is-the-prerequisite-for-exploiting-vcenters-ldap-database-to-add-an-adminis-1777483414538 2026-04-29T17:23:34.550Z weekly 0.7 https://onedaysec.com/qa/can-ssps-be-deleted-or-enumerated-and-what-are-the-limitations-1777483393357 2026-04-29T17:23:13.370Z weekly 0.7 https://onedaysec.com/qa/how-does-miscmemssp-differ-from-ssp-registration-for-credential-extraction-1777483393297 2026-04-29T17:23:13.317Z weekly 0.7 https://onedaysec.com/qa/what-are-the-three-methods-to-add-an-ssp-like-mimilibdll-in-mimikatz-1777483393249 2026-04-29T17:23:13.259Z weekly 0.7 https://onedaysec.com/qa/what-is-ssp-and-how-does-mimikatz-use-it-to-extract-credentials-1777483393179 2026-04-29T17:23:13.193Z weekly 0.7 https://onedaysec.com/qa/why-does-pupy-use-a-separate-transfer-component-for-screen-control-and-what-adva-1777483375319 2026-04-29T17:22:55.350Z weekly 0.7 https://onedaysec.com/qa/what-should-developers-consider-when-customizing-the-http-remote-desktop-server--1777483375246 2026-04-29T17:22:55.266Z weekly 0.7 https://onedaysec.com/qa/what-is-an-alternative-approach-to-implement-screen-control-similar-to-pupy-and--1777483375175 2026-04-29T17:22:55.197Z weekly 0.7 https://onedaysec.com/qa/what-uac-related-issue-occurs-when-using-pupys-screen-control-and-how-can-it-be--1777483375113 2026-04-29T17:22:55.128Z weekly 0.7 https://onedaysec.com/qa/how-does-pupys-rdesktop-module-enable-screen-control-on-windows-1777483375047 2026-04-29T17:22:55.064Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-a-vsto-based-backdoor-on-a-system-1777483356515 2026-04-29T17:22:36.528Z weekly 0.7 https://onedaysec.com/qa/how-can-a-vsto-backdoor-be-deployed-silently-and-remotely-1777483356454 2026-04-29T17:22:36.471Z weekly 0.7 https://onedaysec.com/qa/how-do-attackers-bypass-the-publisher-verification-prompt-when-installing-a-mali-1777483356403 2026-04-29T17:22:36.414Z weekly 0.7 https://onedaysec.com/qa/what-is-vsto-and-how-can-it-be-used-to-implement-an-office-backdoor-1777483356344 2026-04-29T17:22:36.359Z weekly 0.7 https://onedaysec.com/qa/how-does-the-decryption-algorithm-selection-work-when-extracting-credentials-in--1777483339206 2026-04-29T17:22:19.261Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-differences-in-data-structures-and-offsets-when-implementing-se-1777483339149 2026-04-29T17:22:19.165Z weekly 0.7 https://onedaysec.com/qa/why-cant-sekurlsawdigest-extract-plaintext-passwords-on-windows-server-2008-r2-a-1777483339090 2026-04-29T17:22:19.108Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-the-sekurlsawdigest-module-in-mimikatz-and-how-does-it-wo-1777483339029 2026-04-29T17:22:19.045Z weekly 0.7 https://onedaysec.com/qa/why-does-the-etw-usb-keylogger-poc-require-windows-8-for-usb-30-support-and-admi-1777483315739 2026-04-29T17:21:55.755Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-using-odbcconfexe-with-a-response-file-to-load-a-dll-that-1777483315686 2026-04-29T17:21:55.703Z weekly 0.7 https://onedaysec.com/qa/how-does-the-etw-based-usb-keylogger-poc-work-and-what-are-its-limitations-1777483315630 2026-04-29T17:21:55.649Z weekly 0.7 https://onedaysec.com/qa/what-advantages-does-the-get-exports-powershell-script-offer-over-exportstoc-for-1777483315541 2026-04-29T17:21:55.551Z weekly 0.7 https://onedaysec.com/qa/how-can-odbcconfexe-be-used-to-bypass-command-line-monitoring-of-regsvr32-when-l-1777483315486 2026-04-29T17:21:55.494Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-methods-for-actually-deleting-the-log-record-once-the-handle-an-1777483292184 2026-04-29T17:21:32.201Z weekly 0.7 https://onedaysec.com/qa/how-does-the-technique-achieve-inter-process-message-passing-between-the-loader--1777483292087 2026-04-29T17:21:32.107Z weekly 0.7 https://onedaysec.com/qa/how-does-the-technique-enumerate-the-handle-for-a-specific-evtx-log-file-in-the--1777483292023 2026-04-29T17:21:32.038Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-approach-described-in-part-4-for-deleting-a-single-evtx-log-rec-1777483291938 2026-04-29T17:21:31.959Z weekly 0.7 https://onedaysec.com/qa/how-does-the-credential-manager-differ-between-windows-7-and-windows-8-from-a-pe-1777483275208 2026-04-29T17:21:15.229Z weekly 0.7 https://onedaysec.com/qa/why-might-a-penetration-tester-need-to-use-a-powershell-script-like-invoke-wcmdu-1777483275144 2026-04-29T17:21:15.159Z weekly 0.7 https://onedaysec.com/qa/what-built-in-windows-command-line-tools-can-be-used-to-list-credential-informat-1777483275094 2026-04-29T17:21:15.109Z weekly 0.7 https://onedaysec.com/qa/how-can-penetration-testers-extract-plaintext-passwords-from-domain-credentials--1777483275045 2026-04-29T17:21:15.055Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-main-categories-of-credentials-stored-in-windows-credential-man-1777483274920 2026-04-29T17:21:14.954Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-boolang-based-shellcode-execution-in-their-environment-1777483245383 2026-04-29T17:20:45.408Z weekly 0.7 https://onedaysec.com/qa/what-are-the-advantages-of-using-boolang-for-shellcode-execution-compared-to-tra-1777483245319 2026-04-29T17:20:45.338Z weekly 0.7 https://onedaysec.com/qa/how-does-the-boolang-based-shellcode-execution-technique-work-in-practice-1777483245255 2026-04-29T17:20:45.266Z weekly 0.7 https://onedaysec.com/qa/what-is-the-boolang-language-and-why-is-it-useful-for-executing-shellcode-1777483245176 2026-04-29T17:20:45.196Z weekly 0.7 https://onedaysec.com/qa/what-is-the-significance-of-obtaining-pptp-passwords-in-penetration-testing-1777483229533 2026-04-29T17:20:29.551Z weekly 0.7 https://onedaysec.com/qa/how-can-i-brute-force-pptp-passwords-what-tools-are-available-1777483229454 2026-04-29T17:20:29.474Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-connect-to-a-pptp-vpn-on-kali-linux-1777483229398 2026-04-29T17:20:29.410Z weekly 0.7 https://onedaysec.com/qa/how-can-i-export-pptp-configuration-and-password-from-a-windows-system-during-pe-1777483229344 2026-04-29T17:20:29.354Z weekly 0.7 https://onedaysec.com/qa/how-can-you-detect-and-defend-against-bho-based-attacks-1777483202472 2026-04-29T17:20:02.492Z weekly 0.7 https://onedaysec.com/qa/what-are-some-exploitation-techniques-using-bho-after-gaining-system-administrat-1777483202387 2026-04-29T17:20:02.412Z weekly 0.7 https://onedaysec.com/qa/how-do-you-register-a-bho-dll-in-windows-and-where-is-it-stored-in-the-registry-1777483202309 2026-04-29T17:20:02.321Z weekly 0.7 https://onedaysec.com/qa/what-is-a-browser-helper-object-bho-and-how-does-it-work-in-internet-explorer-1777483202119 2026-04-29T17:20:02.142Z weekly 0.7 https://onedaysec.com/qa/what-are-the-typical-steps-to-extract-the-ntdsdit-file-from-a-domain-controller--1777483176454 2026-04-29T17:19:36.477Z weekly 0.7 https://onedaysec.com/qa/how-can-vshadowexe-be-abused-for-both-persistence-and-evasion-in-a-penetration-t-1777483176365 2026-04-29T17:19:36.383Z weekly 0.7 https://onedaysec.com/qa/what-advantage-does-ninjacopy-offer-over-volume-shadow-copy-methods-when-extract-1777483176298 2026-04-29T17:19:36.317Z weekly 0.7 https://onedaysec.com/qa/how-can-you-access-files-inside-a-volume-shadow-copy-snapshot-without-mounting-i-1777483176238 2026-04-29T17:19:36.250Z weekly 0.7 https://onedaysec.com/qa/what-are-the-main-built-in-windows-tools-for-obtaining-the-ntdsdit-file-via-volu-1777483176150 2026-04-29T17:19:36.177Z weekly 0.7 https://onedaysec.com/qa/what-is-the-recommended-defense-against-using-msxslexe-to-bypass-applocker-1777483151876 2026-04-29T17:19:11.894Z weekly 0.7 https://onedaysec.com/qa/can-msxslexe-load-scripts-remotely-if-so-how-1777483151769 2026-04-29T17:19:11.797Z weekly 0.7 https://onedaysec.com/qa/what-additional-capabilities-does-combining-msxsl-with-net-script-loading-provid-1777483151712 2026-04-29T17:19:11.722Z weekly 0.7 https://onedaysec.com/qa/how-can-msxslexe-be-used-to-bypass-applocker-restrictions-on-script-execution-1777483151601 2026-04-29T17:19:11.622Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-extract-all-domain-user-hashes-from-a-snapshot-of-a-domain-c-1777483134874 2026-04-29T17:18:54.887Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-enabling-the-dcui-user-and-remote-ssh-on-vmware-esxi-when-1777483134798 2026-04-29T17:18:54.826Z weekly 0.7 https://onedaysec.com/qa/how-can-volatility-be-used-to-extract-local-user-hashes-and-lsa-secrets-from-a-s-1777483134722 2026-04-29T17:18:54.738Z weekly 0.7 https://onedaysec.com/qa/what-commands-are-needed-to-create-a-snapshot-that-includes-the-virtual-machines-1777483134666 2026-04-29T17:18:54.676Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-use-vmware-esxi-snapshot-files-to-extract-credentials-from-a-1777483134596 2026-04-29T17:18:54.609Z weekly 0.7 https://onedaysec.com/qa/how-can-i-download-attachments-from-a-mailenable-email-via-the-api-1777483110596 2026-04-29T17:18:30.610Z weekly 0.7 https://onedaysec.com/qa/how-do-i-list-email-folders-and-view-emails-using-the-mailenable-api-1777483110537 2026-04-29T17:18:30.557Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-log-in-to-mailenable-programmatically-using-python-1777483110484 2026-04-29T17:18:30.495Z weekly 0.7 https://onedaysec.com/qa/how-can-i-determine-the-mailenable-version-from-the-web-interface-1777483110415 2026-04-29T17:18:30.429Z weekly 0.7 https://onedaysec.com/qa/what-types-of-malicious-actions-can-be-achieved-through-xaml-data-in-viewstate-g-1777483081289 2026-04-29T17:18:01.307Z weekly 0.7 https://onedaysec.com/qa/what-is-the-signature-generation-process-for-a-viewstate-1777483081226 2026-04-29T17:18:01.244Z weekly 0.7 https://onedaysec.com/qa/what-advantage-does-using-ysoserialnet-provide-for-generating-viewstate-1777483081156 2026-04-29T17:18:01.176Z weekly 0.7 https://onedaysec.com/qa/how-is-a-viewstate-generated-from-xaml-data-in-the-first-method-described-1777483081085 2026-04-29T17:18:01.100Z weekly 0.7 https://onedaysec.com/qa/what-is-the-role-of-viewstate-deserialization-in-exploiting-exchange-file-readwr-1777483080956 2026-04-29T17:18:00.985Z weekly 0.7 https://onedaysec.com/qa/how-can-a-hidden-account-remain-persistent-even-after-the-original-cloned-accoun-1777483055006 2026-04-29T17:17:35.024Z weekly 0.7 https://onedaysec.com/qa/what-exploitation-issues-arise-when-combining-hidden-accounts-with-remote-deskto-1777483054944 2026-04-29T17:17:34.962Z weekly 0.7 https://onedaysec.com/qa/how-can-i-automate-hidden-account-creation-using-powershell-scripts-and-what-per-1777483054843 2026-04-29T17:17:34.853Z weekly 0.7 https://onedaysec.com/qa/what-is-the-basic-method-to-create-a-hidden-account-in-windows-by-cloning-an-exi-1777483054775 2026-04-29T17:17:34.792Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-defense-and-detection-strategies-mentioned-in-the-artic-1777483025971 2026-04-29T17:17:05.993Z weekly 0.7 https://onedaysec.com/qa/can-the-same-native-api-technique-be-applied-to-file-creation-using-ntcreatefile-1777483025913 2026-04-29T17:17:05.931Z weekly 0.7 https://onedaysec.com/qa/why-does-the-win32-api-fail-to-read-a-registry-value-whose-name-contains-a-null--1777483025811 2026-04-29T17:17:05.834Z weekly 0.7 https://onedaysec.com/qa/what-is-the-more-stealthy-method-introduced-in-this-article-and-how-does-it-dece-1777483025749 2026-04-29T17:17:05.765Z weekly 0.7 https://onedaysec.com/qa/how-does-placing-a-null-byte-0-at-the-beginning-of-a-registry-value-name-help-hi-1777483025676 2026-04-29T17:17:05.697Z weekly 0.7 https://onedaysec.com/qa/why-does-mshta-fail-to-execute-hta-scripts-from-raw-github-links-and-how-can-thi-1777483007748 2026-04-29T17:16:47.763Z weekly 0.7 https://onedaysec.com/qa/how-can-regsvr32-be-abused-to-download-and-execute-files-from-github-1777483007700 2026-04-29T17:16:47.715Z weekly 0.7 https://onedaysec.com/qa/what-is-the-shortest-command-to-download-and-execute-an-exe-from-github-using-cm-1777483007650 2026-04-29T17:16:47.663Z weekly 0.7 https://onedaysec.com/qa/why-cant-i-simply-use-the-http-protocol-to-download-files-from-github-via-the-co-1777483007575 2026-04-29T17:16:47.592Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-machine-account-spns-and-user-account-spns-in-ker-1777482976808 2026-04-29T17:16:16.828Z weekly 0.7 https://onedaysec.com/qa/how-can-organizations-defend-against-kerberoasting-attacks-1777482976761 2026-04-29T17:16:16.775Z weekly 0.7 https://onedaysec.com/qa/what-are-the-common-methods-to-enumerate-spns-and-request-tgs-tickets-for-kerber-1777482976696 2026-04-29T17:16:16.718Z weekly 0.7 https://onedaysec.com/qa/why-are-service-principal-names-spns-critical-to-a-kerberoasting-attack-1777482976629 2026-04-29T17:16:16.649Z weekly 0.7 https://onedaysec.com/qa/what-is-kerberoasting-and-how-does-it-work-1777482976440 2026-04-29T17:16:16.489Z weekly 0.7 https://onedaysec.com/qa/how-does-an-attacker-send-the-search-request-to-access-internal-file-shares-via--1777482960341 2026-04-29T17:16:00.365Z weekly 0.7 https://onedaysec.com/qa/what-is-the-peas-tool-and-what-capabilities-does-it-offer-for-penetration-testin-1777482960259 2026-04-29T17:16:00.285Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-verify-a-users-mailbox-password-through-exchange-activesync-1777482960195 2026-04-29T17:16:00.205Z weekly 0.7 https://onedaysec.com/qa/what-is-exchange-activesync-and-how-can-it-be-used-to-access-internal-file-share-1777482960126 2026-04-29T17:16:00.140Z weekly 0.7 https://onedaysec.com/qa/can-you-walk-through-the-exploitation-of-the-ndp461-kb3102438-webexe-dll-hijacki-1777482946683 2026-04-29T17:15:46.701Z weekly 0.7 https://onedaysec.com/qa/what-is-rattler-and-how-does-it-automate-the-discovery-of-dll-preloading-vulnera-1777482946604 2026-04-29T17:15:46.621Z weekly 0.7 https://onedaysec.com/qa/why-are-some-dlls-like-kernel32dll-immune-to-hijacking-while-others-like-cryptsp-1777482946550 2026-04-29T17:15:46.567Z weekly 0.7 https://onedaysec.com/qa/how-can-process-monitor-be-used-to-identify-dll-hijacking-vulnerabilities-in-an--1777482946477 2026-04-29T17:15:46.505Z weekly 0.7 https://onedaysec.com/qa/what-is-the-root-cause-of-dll-hijacking-vulnerabilities-and-how-does-safedllsear-1777482946405 2026-04-29T17:15:46.420Z weekly 0.7 https://onedaysec.com/qa/can-the-bginfo-whitelist-bypass-be-executed-from-a-network-share-1777482923707 2026-04-29T17:15:23.722Z weekly 0.7 https://onedaysec.com/qa/how-can-you-automatically-generate-a-malicious-bgi-file-using-powershell-1777482923650 2026-04-29T17:15:23.667Z weekly 0.7 https://onedaysec.com/qa/how-can-you-manually-create-a-malicious-bgi-file-to-launch-a-vbs-script-1777482923602 2026-04-29T17:15:23.613Z weekly 0.7 https://onedaysec.com/qa/what-is-bginfo-and-how-can-it-be-abused-to-bypass-application-whitelisting-1777482923551 2026-04-29T17:15:23.563Z weekly 0.7 https://onedaysec.com/qa/how-do-you-read-the-body-of-an-email-in-plain-text-using-the-ews-managed-api-1777482906023 2026-04-29T17:15:06.042Z weekly 0.7 https://onedaysec.com/qa/why-is-the-ewsmanage-open-source-project-important-for-ews-development-1777482905962 2026-04-29T17:15:05.977Z weekly 0.7 https://onedaysec.com/qa/what-is-the-autodiscover-service-in-ews-and-how-does-it-simplify-exchange-resour-1777482905906 2026-04-29T17:15:05.922Z weekly 0.7 https://onedaysec.com/qa/how-do-you-handle-untrusted-ssl-certificates-when-using-the-ews-managed-api-in-c-1777482905814 2026-04-29T17:15:05.829Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-main-methods-to-access-exchange-resources-using-exchange-web-se-1777482905736 2026-04-29T17:15:05.762Z weekly 0.7 https://onedaysec.com/qa/how-does-using-a-proxy-improve-efficiency-over-manual-port-forwarding-1777482876537 2026-04-29T17:14:36.568Z weekly 0.7 https://onedaysec.com/qa/what-is-a-reverse-connection-in-port-forwarding-and-when-is-it-used-1777482876469 2026-04-29T17:14:36.495Z weekly 0.7 https://onedaysec.com/qa/what-tools-are-commonly-used-for-port-forwarding-on-linux-systems-1777482876401 2026-04-29T17:14:36.421Z weekly 0.7 https://onedaysec.com/qa/how-can-i-set-up-a-forward-port-forwarding-rule-on-windows-using-netsh-1777482876357 2026-04-29T17:14:36.366Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-port-forwarding-and-proxying-in-penetration-testi-1777482876295 2026-04-29T17:14:36.308Z weekly 0.7 https://onedaysec.com/qa/what-defenses-can-organizations-implement-to-detect-or-prevent-hidden-folder-abu-1777482843762 2026-04-29T17:14:03.776Z weekly 0.7 https://onedaysec.com/qa/how-can-i-programmatically-interact-with-hidden-folders-using-ews-1777482843693 2026-04-29T17:14:03.714Z weekly 0.7 https://onedaysec.com/qa/how-can-hidden-folders-be-abused-in-penetration-testing-1777482843622 2026-04-29T17:14:03.634Z weekly 0.7 https://onedaysec.com/qa/what-are-hidden-folders-in-exchange-user-mailboxes-and-how-are-they-created-1777482843559 2026-04-29T17:14:03.568Z weekly 0.7 https://onedaysec.com/qa/which-tools-or-libraries-does-the-article-mention-for-executing-exchange-powersh-1777482824582 2026-04-29T17:13:44.622Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-the-xml-file-format-in-the-exchange-powershell-implementa-1777482824503 2026-04-29T17:13:44.520Z weekly 0.7 https://onedaysec.com/qa/how-does-the-python-code-need-to-be-adapted-from-python2-to-python3-for-this-exc-1777482824358 2026-04-29T17:13:44.437Z weekly 0.7 https://onedaysec.com/qa/what-is-the-conventional-restriction-for-accessing-exchange-powershell-and-how-d-1777482824145 2026-04-29T17:13:44.156Z weekly 0.7 https://onedaysec.com/qa/is-the-silentcleanup-uac-bypass-technique-applicable-to-windows-7-or-windows-8-1777482810865 2026-04-29T17:13:30.885Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-mitigate-or-detect-the-silentcleanup-uac-bypass-1777482810800 2026-04-29T17:13:30.821Z weekly 0.7 https://onedaysec.com/qa/what-makes-silentcleanup-a-good-target-for-uac-bypass-1777482810744 2026-04-29T17:13:30.756Z weekly 0.7 https://onedaysec.com/qa/how-does-the-silentcleanup-uac-bypass-exploit-work-1777482810680 2026-04-29T17:13:30.694Z weekly 0.7 https://onedaysec.com/qa/what-is-the-underlying-principle-behind-extracting-hashes-from-the-sam-database-1777482783526 2026-04-29T17:13:03.547Z weekly 0.7 https://onedaysec.com/qa/why-do-both-the-system-and-sam-registry-hives-need-to-be-obtained-to-decrypt-use-1777482783466 2026-04-29T17:13:03.483Z weekly 0.7 https://onedaysec.com/qa/which-tools-can-be-used-to-read-the-sam-database-online-and-what-privilege-level-1777482783399 2026-04-29T17:13:03.422Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-perform-an-offline-extraction-of-local-user-hashes-from-a--1777482783344 2026-04-29T17:13:03.356Z weekly 0.7 https://onedaysec.com/qa/why-is-it-necessary-to-extract-hashes-from-the-sam-database-during-a-penetration-1777482783259 2026-04-29T17:13:03.272Z weekly 0.7 https://onedaysec.com/qa/how-can-a-penetration-tester-enumerate-rdp-connection-history-for-users-currentl-1777482763996 2026-04-29T17:12:44.012Z weekly 0.7 https://onedaysec.com/qa/which-registry-path-stores-the-remote-desktop-connection-history-and-what-inform-1777482763936 2026-04-29T17:12:43.948Z weekly 0.7 https://onedaysec.com/qa/why-cant-i-directly-read-the-rdp-connection-history-for-users-who-are-not-logged-1777482763891 2026-04-29T17:12:43.905Z weekly 0.7 https://onedaysec.com/qa/what-is-the-best-method-to-obtain-rdp-connection-history-for-all-users-including-1777482763823 2026-04-29T17:12:43.835Z weekly 0.7 https://onedaysec.com/qa/how-can-i-retrieve-the-remote-desktop-connection-history-of-only-the-currently-l-1777482763765 2026-04-29T17:12:43.773Z weekly 0.7 https://onedaysec.com/qa/why-does-sharpgen-generate-a-different-hash-every-time-it-compiles-the-same-sour-1777482745552 2026-04-29T17:12:25.566Z weekly 0.7 https://onedaysec.com/qa/how-can-i-reduce-the-generated-executable-size-and-apply-protection-with-sharpge-1777482745484 2026-04-29T17:12:25.504Z weekly 0.7 https://onedaysec.com/qa/how-do-i-integrate-a-third-party-open-source-library-like-sharpwmi-into-sharpgen-1777482745421 2026-04-29T17:12:25.440Z weekly 0.7 https://onedaysec.com/qa/how-can-i-compile-a-single-command-or-a-source-file-with-sharpgen-1777482745340 2026-04-29T17:12:25.353Z weekly 0.7 https://onedaysec.com/qa/what-is-sharpgen-and-how-does-it-integrate-with-other-net-assemblies-1777482745262 2026-04-29T17:12:25.291Z weekly 0.7 https://onedaysec.com/qa/how-do-i-compile-the-mapi_tool-code-for-different-net-versions-1777482724961 2026-04-29T17:12:04.989Z weekly 0.7 https://onedaysec.com/qa/what-features-are-available-in-the-open-source-mapi_tool-without-triggering-secu-1777482724897 2026-04-29T17:12:04.913Z weekly 0.7 https://onedaysec.com/qa/why-does-outlook-show-a-security-warning-when-my-mapi-program-runs-and-how-can-i-1777482724823 2026-04-29T17:12:04.844Z weekly 0.7 https://onedaysec.com/qa/how-can-i-use-outlook-mapi-to-read-inbox-emails-in-c-1777482724752 2026-04-29T17:12:04.767Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-outlook-mapi-and-exchange-web-services-ews-1777482724645 2026-04-29T17:12:04.659Z weekly 0.7 https://onedaysec.com/qa/besides-registry-enumeration-what-other-method-can-list-installed-programs-on-a--1777482708807 2026-04-29T17:11:48.847Z weekly 0.7 https://onedaysec.com/qa/what-registry-keys-should-i-check-to-get-both-32-bit-and-64-bit-installed-progra-1777482708730 2026-04-29T17:11:48.748Z weekly 0.7 https://onedaysec.com/qa/how-can-i-obtain-a-complete-list-of-installed-programs-on-a-windows-system-using-1777482708634 2026-04-29T17:11:48.657Z weekly 0.7 https://onedaysec.com/qa/why-cant-i-get-a-complete-list-of-installed-programs-on-windows-using-wmis-win32-1777482708571 2026-04-29T17:11:48.583Z weekly 0.7 https://onedaysec.com/qa/how-can-i-use-log-debugging-to-analyze-the-exploitation-process-for-cve-2022-104-1777482688098 2026-04-29T17:11:28.119Z weekly 0.7 https://onedaysec.com/qa/what-additional-security-measure-was-added-for-wan-and-vpn-zone-logins-and-how-d-1777482688046 2026-04-29T17:11:28.063Z weekly 0.7 https://onedaysec.com/qa/how-do-i-find-opcodes-with-a-response-type-of-2-in-the-sophos-xg-firewall-databa-1777482687992 2026-04-29T17:11:28.003Z weekly 0.7 https://onedaysec.com/qa/what-is-cve-2022-1040-and-how-can-i-restore-a-vulnerable-debugging-environment-f-1777482687940 2026-04-29T17:11:27.950Z weekly 0.7 https://onedaysec.com/qa/how-can-security-researchers-systematically-find-exploitable-dlls-for-rundll32-1777482672581 2026-04-29T17:11:12.597Z weekly 0.7 https://onedaysec.com/qa/what-types-of-files-can-be-executed-via-rundll32s-shellexecute-call-1777482672517 2026-04-29T17:11:12.537Z weekly 0.7 https://onedaysec.com/qa/which-other-dlls-contain-exploitable-exported-functions-similar-to-openurl-1777482672463 2026-04-29T17:11:12.474Z weekly 0.7 https://onedaysec.com/qa/how-can-rundll32exe-be-abused-to-execute-arbitrary-programs-1777482672360 2026-04-29T17:11:12.375Z weekly 0.7 https://onedaysec.com/qa/what-defenses-can-prevent-as-reproasting-attacks-1777482628516 2026-04-29T17:10:28.528Z weekly 0.7 https://onedaysec.com/qa/how-do-you-crack-an-as-rep-hash-with-hashcat-1777482628475 2026-04-29T17:10:28.486Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-identify-vulnerable-users-and-perform-as-reproasting-1777482628387 2026-04-29T17:10:28.413Z weekly 0.7 https://onedaysec.com/qa/what-conditions-must-be-met-for-as-reproasting-to-succeed-1777482628337 2026-04-29T17:10:28.347Z weekly 0.7 https://onedaysec.com/qa/what-is-as-reproasting-and-how-does-it-work-1777482628264 2026-04-29T17:10:28.282Z weekly 0.7 https://onedaysec.com/qa/why-cant-a-script-placed-directly-in-the-gpos-sysvol-folder-be-executed-and-how--1777482609876 2026-04-29T17:10:09.888Z weekly 0.7 https://onedaysec.com/qa/what-is-the-manual-method-of-modifying-the-default-domain-policy-gpo-to-execute--1777482609817 2026-04-29T17:10:09.834Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-use-the-sharpgpoabuse-tool-to-remotely-execute-a-script-via--1777482609749 2026-04-29T17:10:09.761Z weekly 0.7 https://onedaysec.com/qa/what-are-the-four-types-of-script-execution-events-in-a-group-policy-object-gpo--1777482609246 2026-04-29T17:10:09.294Z weekly 0.7 https://onedaysec.com/qa/what-is-the-role-of-overpass-the-hash-in-remotely-reading-dns-records-with-dnscm-1777482586605 2026-04-29T17:09:46.617Z weekly 0.7 https://onedaysec.com/qa/how-can-i-remotely-read-dns-records-from-a-windows-7-machine-that-lacks-rsat-1777482586551 2026-04-29T17:09:46.568Z weekly 0.7 https://onedaysec.com/qa/how-can-i-enumerate-dns-records-using-the-dnscmd-command-line-tool-1777482586464 2026-04-29T17:09:46.493Z weekly 0.7 https://onedaysec.com/qa/why-is-obtaining-dns-records-important-in-domain-penetration-1777482586387 2026-04-29T17:09:46.415Z weekly 0.7 https://onedaysec.com/qa/what-are-some-common-filtering-conditions-usable-with-rewritecond-in-mod_rewrite-1777482560305 2026-04-29T17:09:20.322Z weekly 0.7 https://onedaysec.com/qa/how-can-you-use-mod_rewrite-to-redirect-traffic-based-on-user-agent-1777482560236 2026-04-29T17:09:20.252Z weekly 0.7 https://onedaysec.com/qa/how-do-you-enable-apache-mod_rewrite-and-htaccess-support-on-a-windows-system-1777482560141 2026-04-29T17:09:20.156Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-the-http-traffic-distribution-technique-described-in-this-1777482560076 2026-04-29T17:09:20.096Z weekly 0.7 https://onedaysec.com/qa/how-can-users-defend-against-the-teamviewer-permission-vulnerability-1777482542715 2026-04-29T17:09:02.734Z weekly 0.7 https://onedaysec.com/qa/what-are-the-exploitation-ideas-for-the-teamviewer-vulnerability-1777482542593 2026-04-29T17:09:02.617Z weekly 0.7 https://onedaysec.com/qa/how-does-the-poc-exploit-the-permission-vulnerability-in-teamviewer-1777482542496 2026-04-29T17:09:02.523Z weekly 0.7 https://onedaysec.com/qa/what-is-the-permission-vulnerability-in-teamviewer-1305058-1777482542410 2026-04-29T17:09:02.422Z weekly 0.7 https://onedaysec.com/qa/what-detection-opportunities-exist-for-defenders-against-remote-registry-abuse-1777482528713 2026-04-29T17:08:48.738Z weekly 0.7 https://onedaysec.com/qa/how-does-exploitation-via-remote-registry-differ-between-a-workgroup-and-a-domai-1777482528654 2026-04-29T17:08:48.675Z weekly 0.7 https://onedaysec.com/qa/what-steps-are-required-to-extract-local-user-password-hashes-from-a-remote-syst-1777482528586 2026-04-29T17:08:48.602Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-use-image-file-execution-options-ifeo-via-remote-registry-to-1777482528488 2026-04-29T17:08:48.520Z weekly 0.7 https://onedaysec.com/qa/what-is-the-windows-remote-registry-service-and-how-can-an-attacker-enable-it-fo-1777482528420 2026-04-29T17:08:48.429Z weekly 0.7 https://onedaysec.com/qa/what-are-some-limitations-or-variations-of-the-long-unc-folder-creation-for-uac--1777482502902 2026-04-29T17:08:22.946Z weekly 0.7 https://onedaysec.com/qa/what-tools-and-steps-are-used-to-identify-exploitable-executables-and-dlls-for-t-1777482502796 2026-04-29T17:08:22.811Z weekly 0.7 https://onedaysec.com/qa/how-does-dll-hijacking-factor-into-this-uac-bypass-technique-1777482502731 2026-04-29T17:08:22.747Z weekly 0.7 https://onedaysec.com/qa/what-are-the-three-conditions-a-program-must-meet-to-bypass-uac-by-default-and-h-1777482502666 2026-04-29T17:08:22.679Z weekly 0.7 https://onedaysec.com/qa/how-does-the-long-unc-path-technique-help-in-bypassing-uac-by-mocking-trusted-di-1777482502589 2026-04-29T17:08:22.608Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-defenses-against-password-extraction-from-kernel-mode-d-1777482486253 2026-04-29T17:08:06.268Z weekly 0.7 https://onedaysec.com/qa/why-are-symbol-files-necessary-when-using-windbg-to-analyze-kernel-dumps-and-how-1777482486170 2026-04-29T17:08:06.190Z weekly 0.7 https://onedaysec.com/qa/what-registry-setting-is-needed-to-enable-complete-memory-dumps-and-how-can-a-bl-1777482486080 2026-04-29T17:08:06.100Z weekly 0.7 https://onedaysec.com/qa/what-are-the-differences-between-user-mode-and-kernel-mode-dump-files-in-passwor-1777482486013 2026-04-29T17:08:06.024Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-extract-passwords-from-a-kernel-mode-dump-file-using-mimilib-1777482485924 2026-04-29T17:08:05.946Z weekly 0.7 https://onedaysec.com/qa/what-defenses-can-be-implemented-to-prevent-credssp-based-credential-theft-1777482464926 2026-04-29T17:07:44.943Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-remotely-capture-plaintext-passwords-from-another-host-in-a--1777482464869 2026-04-29T17:07:44.886Z weekly 0.7 https://onedaysec.com/qa/what-are-the-advantages-of-using-credssp-based-password-extraction-over-traditio-1777482464702 2026-04-29T17:07:44.734Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-implement-this-credssp-attack-in-a-workgroup-environment-1777482464650 2026-04-29T17:07:44.660Z weekly 0.7 https://onedaysec.com/qa/what-is-the-credssp-protocol-and-how-can-it-be-abused-to-extract-plaintext-passw-1777482464523 2026-04-29T17:07:44.544Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-this-com-hijacking-persistence-technique-1777482447233 2026-04-29T17:07:27.249Z weekly 0.7 https://onedaysec.com/qa/what-are-the-specific-registry-paths-and-file-naming-conventions-used-for-this-6-1777482447125 2026-04-29T17:07:27.167Z weekly 0.7 https://onedaysec.com/qa/why-did-the-initial-poc-cause-multiple-calcexe-launches-and-system-crash-and-how-1777482447075 2026-04-29T17:07:27.084Z weekly 0.7 https://onedaysec.com/qa/how-does-com-object-hijacking-with-caccpropservicesclass-provide-persistence-wit-1777482447005 2026-04-29T17:07:27.020Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-modify-ie-browser-settings-to-allow-automatic-clipboard-acce-1777482417301 2026-04-29T17:06:57.319Z weekly 0.7 https://onedaysec.com/qa/how-does-pastejacking-work-in-clipboard-attacks-1777482417187 2026-04-29T17:06:57.230Z weekly 0.7 https://onedaysec.com/qa/what-methods-exist-for-reading-clipboard-content-programmatically-during-a-penet-1777482417125 2026-04-29T17:06:57.139Z weekly 0.7 https://onedaysec.com/qa/what-is-the-windows-clipboard-and-how-can-it-be-viewed-1777482417023 2026-04-29T17:06:57.037Z weekly 0.7 https://onedaysec.com/qa/what-role-does-basic-authentication-play-in-this-phishing-attack-and-how-can-def-1777482394383 2026-04-29T17:06:34.464Z weekly 0.7 https://onedaysec.com/qa/how-does-the-word-document-template-trigger-the-authentication-prompt-in-phisher-1777482394176 2026-04-29T17:06:34.241Z weekly 0.7 https://onedaysec.com/qa/what-conditions-must-be-met-for-a-phishery-attack-to-succeed-1777482394004 2026-04-29T17:06:34.038Z weekly 0.7 https://onedaysec.com/qa/what-is-phishery-and-how-does-it-work-to-steal-credentials-1777482393909 2026-04-29T17:06:33.923Z weekly 0.7 https://onedaysec.com/qa/what-are-the-limitations-of-using-long-unc-filenames-for-catalog-signature-forge-1777482376747 2026-04-29T17:06:16.771Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-indicators-to-detect-or-defend-against-long-unc-filename-spoofi-1777482376682 2026-04-29T17:06:16.699Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-execute-a-file-that-has-been-spoofed-using-a-long-unc-filena-1777482376603 2026-04-29T17:06:16.619Z weekly 0.7 https://onedaysec.com/qa/what-is-long-unc-filename-spoofing-and-how-does-it-enable-catalog-signature-forg-1777482376519 2026-04-29T17:06:16.547Z weekly 0.7 https://onedaysec.com/qa/where-are-the-database-connection-passwords-stored-in-vmware-workspace-one-acces-1777482359699 2026-04-29T17:05:59.716Z weekly 0.7 https://onedaysec.com/qa/how-can-i-check-the-system-version-of-vmware-workspace-one-access-and-where-are--1777482359627 2026-04-29T17:05:59.647Z weekly 0.7 https://onedaysec.com/qa/what-steps-are-needed-to-enable-remote-debugging-for-vulnerability-research-in-v-1777482359526 2026-04-29T17:05:59.570Z weekly 0.7 https://onedaysec.com/qa/how-do-i-set-up-a-static-ip-and-access-the-vmware-workspace-one-access-configura-1777482359446 2026-04-29T17:05:59.465Z weekly 0.7 https://onedaysec.com/qa/can-the-clr-backdoor-be-triggered-automatically-without-user-interaction-and-how-1777482334586 2026-04-29T17:05:34.607Z weekly 0.7 https://onedaysec.com/qa/why-does-the-clr-persistence-technique-require-separate-dlls-for-32-bit-and-64-b-1777482334524 2026-04-29T17:05:34.543Z weekly 0.7 https://onedaysec.com/qa/what-are-the-registry-and-environment-variable-artifacts-to-check-for-clr-based--1777482334462 2026-04-29T17:05:34.484Z weekly 0.7 https://onedaysec.com/qa/how-does-the-clr-backdoor-technique-hijack-net-programs-without-requiring-admini-1777482334333 2026-04-29T17:05:34.369Z weekly 0.7 https://onedaysec.com/qa/what-is-the-windows-fax-dll-injection-technique-and-how-does-it-exploit-fxsstdll-1777482317942 2026-04-29T17:05:17.970Z weekly 0.7 https://onedaysec.com/qa/how-does-the-shell-extension-persistence-method-hijack-explorerexe-startup-via-c-1777482317861 2026-04-29T17:05:17.882Z weekly 0.7 https://onedaysec.com/qa/what-is-ocidll-service-persistence-and-how-does-it-achieve-auto-start-via-msdtc-1777482317792 2026-04-29T17:05:17.819Z weekly 0.7 https://onedaysec.com/qa/how-does-the-image-file-execution-options-technique-redirect-executable-programs-1777482317732 2026-04-29T17:05:17.742Z weekly 0.7 https://onedaysec.com/qa/what-is-vbr-persistence-and-how-is-it-used-to-execute-backdoors-during-windows-s-1777482317640 2026-04-29T17:05:17.675Z weekly 0.7 https://onedaysec.com/qa/what-role-does-the-guest-account-and-the-everyone-group-play-in-enabling-anonymo-1777482291578 2026-04-29T17:04:51.602Z weekly 0.7 https://onedaysec.com/qa/how-does-the-open-source-powershell-script-provided-in-the-article-handle-both-e-1777482291512 2026-04-29T17:04:51.536Z weekly 0.7 https://onedaysec.com/qa/what-are-the-essential-command-line-steps-to-configure-an-anonymous-smb-share-on-1777482291409 2026-04-29T17:04:51.431Z weekly 0.7 https://onedaysec.com/qa/why-would-a-penetration-tester-need-to-set-up-an-anonymous-smb-share-on-a-window-1777482291340 2026-04-29T17:04:51.357Z weekly 0.7 https://onedaysec.com/qa/what-testing-confirmed-that-evt-log-deletion-via-handle-manipulation-can-work-wi-1777482263523 2026-04-29T17:04:23.540Z weekly 0.7 https://onedaysec.com/qa/what-is-the-dll-injection-method-for-deleting-evt-logs-on-windows-xp-and-how-doe-1777482263441 2026-04-29T17:04:23.478Z weekly 0.7 https://onedaysec.com/qa/how-does-handle-enumeration-for-evt-logs-differ-between-windows-xp-and-windows-8-1777482263376 2026-04-29T17:04:23.392Z weekly 0.7 https://onedaysec.com/qa/why-cant-i-change-the-total-number-of-log-entries-by-directly-editing-the-evt-fi-1777482263311 2026-04-29T17:04:23.326Z weekly 0.7 https://onedaysec.com/qa/how-can-i-delete-evt-log-records-for-a-specific-time-period-on-a-windows-xp-syst-1777482263213 2026-04-29T17:04:23.250Z weekly 0.7 https://onedaysec.com/qa/what-role-does-the-ntlm-hash-play-in-pass-the-hash-attacks-1777482230716 2026-04-29T17:03:50.737Z weekly 0.7 https://onedaysec.com/qa/how-does-mimikatzs-pass-the-hash-differ-from-its-pass-the-ticket-approach-1777482230652 2026-04-29T17:03:50.675Z weekly 0.7 https://onedaysec.com/qa/what-tools-are-commonly-used-for-pass-the-hash-on-windows-systems-1777482230589 2026-04-29T17:03:50.604Z weekly 0.7 https://onedaysec.com/qa/what-is-the-core-principle-behind-pass-the-hash-attacks-1777482230522 2026-04-29T17:03:50.539Z weekly 0.7 https://onedaysec.com/qa/why-is-it-important-to-understand-the-adminsdholder-propagation-mechanism-when-a-1777482210262 2026-04-29T17:03:30.303Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-and-remove-malicious-acl-modifications-on-the-adminsdho-1777482210141 2026-04-29T17:03:30.164Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-add-an-acl-for-a-user-to-the-adminsdholder-object-to-gain--1777482210083 2026-04-29T17:03:30.101Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-enumerate-protected-ad-accounts-and-groups-to-identify-targe-1777482209997 2026-04-29T17:03:30.024Z weekly 0.7 https://onedaysec.com/qa/what-is-the-adminsdholder-object-and-why-is-it-a-target-for-privilege-persistenc-1777482209901 2026-04-29T17:03:29.917Z weekly 0.7 https://onedaysec.com/qa/why-is-the-timegenerated-field-value-0x33333333-significant-in-evt-file-parsing-1777482183434 2026-04-29T17:03:03.478Z weekly 0.7 https://onedaysec.com/qa/how-does-the-deletion-process-for-evt-files-differ-from-that-for-evtx-files-and--1777482183343 2026-04-29T17:03:03.361Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-steps-in-the-program-implementation-for-deleting-evt-logs-withi-1777482183276 2026-04-29T17:03:03.295Z weekly 0.7 https://onedaysec.com/qa/how-is-the-time-parameter-handled-when-deleting-evt-log-records-within-a-time-ra-1777482183223 2026-04-29T17:03:03.232Z weekly 0.7 https://onedaysec.com/qa/why-cant-the-same-single-log-deletion-method-used-for-evtx-files-be-applied-to-e-1777482183145 2026-04-29T17:03:03.171Z weekly 0.7 https://onedaysec.com/qa/what-is-sharppeloadergenerater-and-how-does-it-automate-pe-loader-generation-1777482156988 2026-04-29T17:02:37.024Z weekly 0.7 https://onedaysec.com/qa/what-modifications-were-made-to-peloadercs-to-support-32-bit-executables-and-old-1777482156823 2026-04-29T17:02:36.860Z weekly 0.7 https://onedaysec.com/qa/how-does-casey-smiths-peloadercs-work-and-what-limitations-did-the-article-addre-1777482156706 2026-04-29T17:02:36.730Z weekly 0.7 https://onedaysec.com/qa/what-are-the-main-steps-to-load-a-pe-file-into-memory-from-a-net-application-1777482156642 2026-04-29T17:02:36.655Z weekly 0.7 https://onedaysec.com/qa/how-can-administrators-defend-against-the-exposure-of-sensitive-information-in-p-1777482137697 2026-04-29T17:02:17.715Z weekly 0.7 https://onedaysec.com/qa/what-method-does-the-article-describe-for-exporting-powershell-command-history-f-1777482137610 2026-04-29T17:02:17.629Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-obtain-powershell-command-history-from-a-background-process--1777482137556 2026-04-29T17:02:17.568Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-types-of-powershell-command-history-and-how-do-they-differ-1777482137481 2026-04-29T17:02:17.505Z weekly 0.7 https://onedaysec.com/qa/what-is-the-exploitation-chain-used-by-gadgettojscript-to-execute-net-assemblies-1777482112410 2026-04-29T17:01:52.428Z weekly 0.7 https://onedaysec.com/qa/how-can-gadgettojscript-be-integrated-with-silenttrinity-for-c2-operations-1777482112349 2026-04-29T17:01:52.364Z weekly 0.7 https://onedaysec.com/qa/what-modification-did-the-author-make-to-gadgettojscript-to-simplify-payload-tes-1777482112260 2026-04-29T17:01:52.279Z weekly 0.7 https://onedaysec.com/qa/how-does-gadgettojscript-bypass-the-net-48-blocking-of-assemblyload-1777482112177 2026-04-29T17:01:52.210Z weekly 0.7 https://onedaysec.com/qa/what-is-gadgettojscript-and-how-does-it-improve-upon-dotnettojscript-1777482112093 2026-04-29T17:01:52.109Z weekly 0.7 https://onedaysec.com/qa/why-is-the-wlbsctrldll-privilege-escalation-considered-an-old-vulnerability-and--1777482093994 2026-04-29T17:01:34.014Z weekly 0.7 https://onedaysec.com/qa/what-role-does-mfdll-play-in-remote-desktop-attacks-and-when-is-it-particularly--1777482093930 2026-04-29T17:01:33.957Z weekly 0.7 https://onedaysec.com/qa/how-can-tsmsisrvdll-and-tsvipsrvdll-be-used-to-establish-a-backdoor-on-a-domain--1777482093871 2026-04-29T17:01:33.895Z weekly 0.7 https://onedaysec.com/qa/what-is-the-key-difference-between-the-original-usage-of-wlbsctrldll-in-the-prim-1777482093802 2026-04-29T17:01:33.818Z weekly 0.7 https://onedaysec.com/qa/why-cant-forensic-investigators-blindly-trust-recentfilecachebcf-and-amcachehve--1777482072351 2026-04-29T17:01:12.365Z weekly 0.7 https://onedaysec.com/qa/what-privileges-are-required-to-modify-amcachehve-and-what-methods-can-be-used-t-1777482072302 2026-04-29T17:01:12.315Z weekly 0.7 https://onedaysec.com/qa/how-can-i-programmatically-clear-a-single-record-from-recentfilecachebcf-without-1777482072257 2026-04-29T17:01:12.266Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-recentfilecachebcf-and-amcachehve-and-on-which-windows-ve-1777482072177 2026-04-29T17:01:12.206Z weekly 0.7 https://onedaysec.com/qa/what-key-steps-are-involved-in-recalculating-the-crc-checksum-after-deleting-a-l-1777482041499 2026-04-29T17:00:41.520Z weekly 0.7 https://onedaysec.com/qa/why-is-deleting-the-first-log-entry-in-an-evtx-file-more-complex-and-what-altern-1777482041451 2026-04-29T17:00:41.468Z weekly 0.7 https://onedaysec.com/qa/how-does-deleting-the-last-log-entry-in-an-evtx-file-differ-from-deleting-an-int-1777482041385 2026-04-29T17:00:41.396Z weekly 0.7 https://onedaysec.com/qa/what-is-the-core-approach-for-deleting-a-single-log-entry-from-an-evtx-file-as-d-1777482041323 2026-04-29T17:00:41.335Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-open-source-implementation-methods-mentioned-for-deleting-logs--1777482023176 2026-04-29T17:00:23.199Z weekly 0.7 https://onedaysec.com/qa/why-is-there-a-risk-of-race-conditions-when-deleting-systemevtx-or-securityevtx--1777482023120 2026-04-29T17:00:23.135Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-different-dwoptions-values-used-in-duplicatehandle-in-this-tech-1777482023015 2026-04-29T17:00:23.041Z weekly 0.7 https://onedaysec.com/qa/how-does-the-article-propose-to-obtain-the-handle-to-the-specified-log-file-with-1777482022942 2026-04-29T17:00:22.958Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-advantage-of-using-duplicatehandle-over-process-injection-for-d-1777482022817 2026-04-29T17:00:22.845Z weekly 0.7 https://onedaysec.com/qa/how-can-organizations-defend-against-cve-2019-6980-1777482002140 2026-04-29T17:00:02.170Z weekly 0.7 https://onedaysec.com/qa/what-is-the-role-of-ysoserial-and-the-mozillarhino2-gadget-in-this-attack-1777482002029 2026-04-29T17:00:02.048Z weekly 0.7 https://onedaysec.com/qa/how-does-the-exploitation-chain-ssrf-and-memcached-to-achieve-code-execution-1777482001940 2026-04-29T17:00:01.962Z weekly 0.7 https://onedaysec.com/qa/what-are-the-prerequisites-for-exploiting-cve-2019-6980-1777482001735 2026-04-29T17:00:01.781Z weekly 0.7 https://onedaysec.com/qa/what-is-cve-2019-6980-and-which-zimbra-versions-are-affected-1777482001236 2026-04-29T17:00:01.275Z weekly 0.7 https://onedaysec.com/qa/how-can-the-hidden-webshell-be-accessed-and-controlled-and-what-defensive-measur-1777481981539 2026-04-29T16:59:41.556Z weekly 0.7 https://onedaysec.com/qa/what-role-does-the-machinekey-play-in-exploiting-deserialization-for-virtual-fil-1777481981428 2026-04-29T16:59:41.475Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-combine-deserialization-with-virtual-files-in-an-exchange-en-1777481981199 2026-04-29T16:59:41.305Z weekly 0.7 https://onedaysec.com/qa/how-does-ghostwebshell-from-ysoserialnet-improve-upon-the-basic-virtual-file-web-1777481981092 2026-04-29T16:59:41.101Z weekly 0.7 https://onedaysec.com/qa/what-are-virtual-files-in-aspnet-and-how-can-they-be-used-to-hide-a-webshell-1777481980997 2026-04-29T16:59:41.040Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-execute-system-commands-by-loading-a-malicious-dll-via-jni-i-1777481960528 2026-04-29T16:59:20.545Z weekly 0.7 https://onedaysec.com/qa/what-are-the-naming-constraints-for-jsp-and-java-files-when-using-jni-in-a-tomca-1777481960463 2026-04-29T16:59:20.482Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-load-a-dll-via-a-jsp-page-in-a-tomcat-environment-1777481960375 2026-04-29T16:59:20.391Z weekly 0.7 https://onedaysec.com/qa/what-is-jni-and-why-is-it-relevant-to-java-exploitation-1777481960298 2026-04-29T16:59:20.314Z weekly 0.7 https://onedaysec.com/qa/how-can-security-products-that-hook-the-minidumpwritedump-api-be-bypassed-1777481935557 2026-04-29T16:58:55.576Z weekly 0.7 https://onedaysec.com/qa/how-can-credentials-be-extracted-when-download-file-size-is-restricted-1777481935493 2026-04-29T16:58:55.515Z weekly 0.7 https://onedaysec.com/qa/how-can-credentials-be-extracted-when-file-upload-size-is-restricted-in-a-penetr-1777481935417 2026-04-29T16:58:55.431Z weekly 0.7 https://onedaysec.com/qa/what-are-the-common-methods-to-extract-credentials-from-the-lsassexe-process-1777481935337 2026-04-29T16:58:55.353Z weekly 0.7 https://onedaysec.com/qa/what-are-the-main-constraints-and-limitations-of-juicy-potato-exploitation-1777481915052 2026-04-29T16:58:35.065Z weekly 0.7 https://onedaysec.com/qa/what-is-the-typical-command-line-syntax-for-executing-juicy-potato-and-what-do-t-1777481914953 2026-04-29T16:58:34.990Z weekly 0.7 https://onedaysec.com/qa/how-do-you-enumerate-and-verify-usable-com-objects-for-juicy-potato-1777481914891 2026-04-29T16:58:34.913Z weekly 0.7 https://onedaysec.com/qa/what-are-the-prerequisites-for-using-juicy-potato-on-a-target-system-1777481914822 2026-04-29T16:58:34.842Z weekly 0.7 https://onedaysec.com/qa/what-is-juicy-potato-and-how-does-it-differ-from-rottenpotatong-1777481914730 2026-04-29T16:58:34.748Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-defenses-against-attacks-that-use-c-addons-in-nodejs-1777481884845 2026-04-29T16:58:04.860Z weekly 0.7 https://onedaysec.com/qa/what-are-some-examples-of-malicious-operations-that-can-be-performed-using-c-add-1777481884777 2026-04-29T16:58:04.800Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-exploit-a-third-party-trusted-program-to-load-a-malicious-c--1777481884714 2026-04-29T16:58:04.725Z weekly 0.7 https://onedaysec.com/qa/what-is-a-nodejs-c-addon-and-how-can-it-be-used-in-penetration-testing-1777481884583 2026-04-29T16:58:04.600Z weekly 0.7 https://onedaysec.com/qa/why-are-conventional-methods-like-writing-a-webshell-or-pe-file-insufficient-for-1777481853885 2026-04-29T16:57:33.897Z weekly 0.7 https://onedaysec.com/qa/what-are-the-three-exploitation-methods-mentioned-for-command-execution-via-modi-1777481853821 2026-04-29T16:57:33.840Z weekly 0.7 https://onedaysec.com/qa/what-is-viewstategenerator-and-how-is-it-calculated-for-exchange-net-deserializa-1777481853752 2026-04-29T16:57:33.773Z weekly 0.7 https://onedaysec.com/qa/how-can-we-bypass-the-need-for-valid-user-credentials-when-exploiting-cve-2020-0-1777481853694 2026-04-29T16:57:33.707Z weekly 0.7 https://onedaysec.com/qa/what-is-the-effective-solution-approach-to-achieve-command-execution-when-only-f-1777481853625 2026-04-29T16:57:33.643Z weekly 0.7 https://onedaysec.com/qa/how-does-the-jetty-servlet-memory-shell-compare-to-the-filter-type-memory-shell--1777481829533 2026-04-29T16:57:09.552Z weekly 0.7 https://onedaysec.com/qa/what-special-considerations-are-needed-when-implementing-a-servlet-type-memory-s-1777481829467 2026-04-29T16:57:09.498Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-main-methods-to-enumerate-existing-servlets-in-a-jetty-server-f-1777481829418 2026-04-29T16:57:09.431Z weekly 0.7 https://onedaysec.com/qa/how-do-you-add-a-jetty-servlet-type-memory-shell-using-reflection-1777481829304 2026-04-29T16:57:09.366Z weekly 0.7 https://onedaysec.com/qa/what-modular-functions-does-the-custom-xss-platforms-indexjs-script-provide-besi-1777481813692 2026-04-29T16:56:53.726Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-methods-described-in-the-article-for-forwarding-http-requests-v-1777481813633 2026-04-29T16:56:53.650Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-retrieve-a-victims-cookies-using-the-javascript-payload-from-1777481813562 2026-04-29T16:56:53.587Z weekly 0.7 https://onedaysec.com/qa/how-does-the-command-line-xss-platform-create-an-https-server-and-handle-incomin-1777481813497 2026-04-29T16:56:53.513Z weekly 0.7 https://onedaysec.com/qa/why-would-a-penetration-tester-need-to-build-their-own-command-line-xss-platform-1777481813419 2026-04-29T16:56:53.430Z weekly 0.7 https://onedaysec.com/qa/how-does-the-file-manager-gui-in-this-parser-enhance-the-email-reading-experienc-1777481798764 2026-04-29T16:56:38.781Z weekly 0.7 https://onedaysec.com/qa/what-are-the-three-different-extraction-scenarios-covered-by-the-parser-and-how--1777481798685 2026-04-29T16:56:38.713Z weekly 0.7 https://onedaysec.com/qa/how-does-the-parser-extract-the-email-subject-sender-and-recipients-from-the-xml-1777481798596 2026-04-29T16:56:38.614Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-purpose-of-the-soap-xml-parser-described-in-this-article-1777481798491 2026-04-29T16:56:38.515Z weekly 0.7 https://onedaysec.com/qa/what-are-the-different-dump-methods-supported-by-lsassy-for-remotely-extracting--1777481782868 2026-04-29T16:56:22.886Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-package-lsassy-into-a-standalone-exe-using-pyinstaller-and-1777481782765 2026-04-29T16:56:22.789Z weekly 0.7 https://onedaysec.com/qa/how-do-you-install-lsassy-and-fix-formatting-issues-on-windows-1777481782701 2026-04-29T16:56:22.718Z weekly 0.7 https://onedaysec.com/qa/what-is-lsassy-and-why-is-it-useful-for-remote-credential-extraction-from-lsasse-1777481782644 2026-04-29T16:56:22.659Z weekly 0.7 https://onedaysec.com/qa/what-debugging-steps-are-recommended-for-analyzing-cve-2021-34473-and-why-is-the-1777481767581 2026-04-29T16:56:07.598Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-enumerate-all-mailbox-users-in-an-exchange-organization-usin-1777481767511 2026-04-29T16:56:07.534Z weekly 0.7 https://onedaysec.com/qa/how-can-attackers-use-the-ssrf-vulnerability-to-access-mailbox-data-of-other-use-1777481767462 2026-04-29T16:56:07.473Z weekly 0.7 https://onedaysec.com/qa/what-is-the-core-vulnerability-in-cve-2021-34473-and-how-does-it-function-1777481767372 2026-04-29T16:56:07.388Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-differences-between-the-c-and-python-implementations-for-connec-1777481743680 2026-04-29T16:55:43.690Z weekly 0.7 https://onedaysec.com/qa/why-must-the-base64-encoded-payload-be-url-encoded-when-sending-to-the-memory-lo-1777481743634 2026-04-29T16:55:43.649Z weekly 0.7 https://onedaysec.com/qa/what-does-the-file-write-backdoor-test2aspx-do-and-how-is-it-triggered-1777481743561 2026-04-29T16:55:43.584Z weekly 0.7 https://onedaysec.com/qa/how-does-the-memory-loading-backdoor-test1aspx-execute-a-payload-1777481743468 2026-04-29T16:55:43.483Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-methods-of-backdoor-code-implementation-described-in-the-articl-1777481743402 2026-04-29T16:55:43.422Z weekly 0.7 https://onedaysec.com/qa/what-defense-strategies-can-be-used-to-detect-or-prevent-ie-simulation-based-fil-1777481722231 2026-04-29T16:55:22.247Z weekly 0.7 https://onedaysec.com/qa/how-does-process-hollowing-simulate-ie-browser-to-download-files-and-what-is-a-k-1777481722169 2026-04-29T16:55:22.187Z weekly 0.7 https://onedaysec.com/qa/what-is-the-advantage-of-using-scheduled-tasks-to-launch-ie-for-file-downloads-a-1777481722103 2026-04-29T16:55:22.120Z weekly 0.7 https://onedaysec.com/qa/how-can-i-download-a-file-using-the-ie-com-object-from-powershell-without-showin-1777481722056 2026-04-29T16:55:22.068Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-purpose-of-simulating-the-ie-browser-in-penetration-testing-for-1777481721986 2026-04-29T16:55:22.004Z weekly 0.7 https://onedaysec.com/qa/how-can-an-organization-detect-or-defend-against-silenttrinity-1777481709675 2026-04-29T16:55:09.810Z weekly 0.7 https://onedaysec.com/qa/what-are-the-different-stagers-provided-by-silenttrinity-and-how-do-they-work-1777481709511 2026-04-29T16:55:09.579Z weekly 0.7 https://onedaysec.com/qa/what-role-does-the-ironpython-engine-play-in-silenttrinity-1777481709213 2026-04-29T16:55:09.298Z weekly 0.7 https://onedaysec.com/qa/how-does-silenttrinity-execute-its-payload-using-msbuild-1777481709098 2026-04-29T16:55:09.118Z weekly 0.7 https://onedaysec.com/qa/what-is-silenttrinity-and-why-is-it-notable-for-c2-operations-1777481709022 2026-04-29T16:55:09.040Z weekly 0.7 https://onedaysec.com/qa/how-can-process-doppelganging-be-detected-1777481678685 2026-04-29T16:54:38.704Z weekly 0.7 https://onedaysec.com/qa/what-limitations-does-process-doppelganging-have-in-practical-exploitation-1777481678623 2026-04-29T16:54:38.642Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-steps-to-implement-process-doppelganging-1777481678573 2026-04-29T16:54:38.584Z weekly 0.7 https://onedaysec.com/qa/what-is-process-doppelganging-and-how-does-it-differ-from-process-hollowing-1777481678509 2026-04-29T16:54:38.521Z weekly 0.7 https://onedaysec.com/qa/how-can-i-automate-scanning-all-dlls-in-the-windows-directory-for-export-functio-1777481662645 2026-04-29T16:54:22.658Z weekly 0.7 https://onedaysec.com/qa/what-are-the-architecture-considerations-when-using-comsvcsdll-to-dump-a-process-1777481662557 2026-04-29T16:54:22.575Z weekly 0.7 https://onedaysec.com/qa/what-other-windows-system-dlls-beside-comsvcsdll-contain-minidump-related-export-1777481662490 2026-04-29T16:54:22.516Z weekly 0.7 https://onedaysec.com/qa/why-does-rundll32-comsvcsdll-fail-to-dump-lsass-when-run-from-cmd-but-succeed-fr-1777481662397 2026-04-29T16:54:22.412Z weekly 0.7 https://onedaysec.com/qa/how-can-i-use-comsvcsdll-to-dump-the-memory-of-lsassexe-for-credential-extractio-1777481662286 2026-04-29T16:54:22.308Z weekly 0.7 https://onedaysec.com/qa/what-nodejs-modules-are-essential-for-implementing-the-server-and-client-in-the--1777481638021 2026-04-29T16:53:58.045Z weekly 0.7 https://onedaysec.com/qa/how-does-the-articles-downloader-c2-communicate-between-the-server-and-client-an-1777481637914 2026-04-29T16:53:57.974Z weekly 0.7 https://onedaysec.com/qa/what-synchronization-challenge-does-the-article-encounter-when-building-a-period-1777481637842 2026-04-29T16:53:57.869Z weekly 0.7 https://onedaysec.com/qa/how-does-the-article-implement-a-file-dropper-using-nodejs-and-what-techniques-a-1777481637780 2026-04-29T16:53:57.796Z weekly 0.7 https://onedaysec.com/qa/what-is-the-key-difference-between-nodejs-and-javascript-as-highlighted-in-the-a-1777481637717 2026-04-29T16:53:57.734Z weekly 0.7 https://onedaysec.com/qa/what-other-common-downloader-methods-exist-besides-certutil-in-cmd-1777481622991 2026-04-29T16:53:43.011Z weekly 0.7 https://onedaysec.com/qa/how-does-certutil-handle-base64-encoding-and-decoding-1777481622903 2026-04-29T16:53:42.947Z weekly 0.7 https://onedaysec.com/qa/why-is-it-important-to-clear-the-cache-after-using-certutil-as-a-downloader-1777481622832 2026-04-29T16:53:42.848Z weekly 0.7 https://onedaysec.com/qa/how-can-certutilexe-be-used-as-a-downloader-in-penetration-testing-1777481622754 2026-04-29T16:53:42.774Z weekly 0.7 https://onedaysec.com/qa/what-is-mimipenguin-and-how-does-it-relate-to-extracting-linux-passwords-1777481607654 2026-04-29T16:53:27.679Z weekly 0.7 https://onedaysec.com/qa/what-tools-and-methods-are-commonly-used-to-crack-linux-password-hashes-1777481607592 2026-04-29T16:53:27.610Z weekly 0.7 https://onedaysec.com/qa/why-are-rainbow-table-attacks-ineffective-against-linux-password-hashes-1777481607525 2026-04-29T16:53:27.535Z weekly 0.7 https://onedaysec.com/qa/how-are-linux-user-passwords-stored-and-what-is-the-format-in-the-etcshadow-file-1777481607387 2026-04-29T16:53:27.400Z weekly 0.7 https://onedaysec.com/qa/what-are-the-advantages-of-this-new-technique-over-previous-offline-extraction-m-1777481591275 2026-04-29T16:53:11.287Z weekly 0.7 https://onedaysec.com/qa/how-does-the-article-correct-the-previous-misconception-about-locating-the-maste-1777481591224 2026-04-29T16:53:11.240Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-perform-offline-extraction-of-chrome-saved-passwords-using-1777481591149 2026-04-29T16:53:11.169Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-obtain-the-master-key-without-needing-the-users-login-passwo-1777481591092 2026-04-29T16:53:11.107Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-challenge-addressed-in-this-article-regarding-offline-extractio-1777481590964 2026-04-29T16:53:10.986Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-notty-ssh-connections-and-other-stealthy-ssh-activity-1777481576995 2026-04-29T16:52:57.015Z weekly 0.7 https://onedaysec.com/qa/how-can-i-bypass-ssh-logging-mechanisms-entirely-during-a-penetration-test-1777481576921 2026-04-29T16:52:56.950Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-ssh-log-files-on-linux-and-how-can-i-delete-or-modify-them-to-c-1777481576860 2026-04-29T16:52:56.871Z weekly 0.7 https://onedaysec.com/qa/how-can-i-implement-an-ssh-password-authentication-program-in-python-for-penetra-1777481576804 2026-04-29T16:52:56.814Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-and-prevent-malicious-transport-agent-backdoors-on-exch-1777481556452 2026-04-29T16:52:36.466Z weekly 0.7 https://onedaysec.com/qa/what-malicious-actions-can-a-transport-agent-backdoor-perform-on-email-traffic-1777481556369 2026-04-29T16:52:36.395Z weekly 0.7 https://onedaysec.com/qa/how-does-an-attacker-install-a-malicious-transport-agent-on-an-exchange-server-1777481556250 2026-04-29T16:52:36.282Z weekly 0.7 https://onedaysec.com/qa/what-is-a-transport-agent-in-microsoft-exchange-and-how-can-it-be-exploited-as-a-1777481556183 2026-04-29T16:52:36.202Z weekly 0.7 https://onedaysec.com/qa/can-powerforensics-recover-files-that-were-deleted-using-sdelete-1777481540079 2026-04-29T16:52:20.097Z weekly 0.7 https://onedaysec.com/qa/how-do-i-delete-a-file-that-is-locked-by-another-process-1777481540020 2026-04-29T16:52:20.037Z weekly 0.7 https://onedaysec.com/qa/how-can-i-securely-delete-a-file-to-prevent-recovery-on-windows-1777481539964 2026-04-29T16:52:19.980Z weekly 0.7 https://onedaysec.com/qa/what-is-powerforensics-and-how-can-it-be-used-to-recover-deleted-files-1777481539895 2026-04-29T16:52:19.907Z weekly 0.7 https://onedaysec.com/qa/how-do-file-deletion-and-recovery-work-on-ntfs-windows-systems-1777481539805 2026-04-29T16:52:19.822Z weekly 0.7 https://onedaysec.com/qa/why-cant-you-directly-copy-syseventevt-from-systemrootsystem32config-and-open-it-1777481514662 2026-04-29T16:51:54.694Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-delete-a-single-log-entry-from-an-evt-file-1777481514570 2026-04-29T16:51:54.588Z weekly 0.7 https://onedaysec.com/qa/how-is-an-evt-file-structured-and-what-key-fields-must-be-updated-when-deleting--1777481514518 2026-04-29T16:51:54.527Z weekly 0.7 https://onedaysec.com/qa/what-is-an-evt-file-and-which-windows-systems-use-it-1777481514359 2026-04-29T16:51:54.392Z weekly 0.7 https://onedaysec.com/qa/what-are-the-main-advantages-of-covenant-over-other-c2-frameworks-1777481501187 2026-04-29T16:51:41.233Z weekly 0.7 https://onedaysec.com/qa/what-are-some-notable-capabilities-available-through-covenants-grunt-tasks-1777481501101 2026-04-29T16:51:41.125Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-communication-templates-for-grunt-and-how-do-they-differ-1777481501032 2026-04-29T16:51:41.059Z weekly 0.7 https://onedaysec.com/qa/how-does-covenant-launch-its-grunt-payload-and-what-are-some-of-the-launcher-met-1777481500936 2026-04-29T16:51:40.957Z weekly 0.7 https://onedaysec.com/qa/what-is-covenant-and-what-makes-it-stand-out-among-c2-frameworks-1777481500851 2026-04-29T16:51:40.872Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-defense-strategies-against-scf-and-desktopini-icon-base-1777481473062 2026-04-29T16:51:13.089Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-implant-a-backdoor-using-folder-icons-to-capture-credentials-1777481472985 2026-04-29T16:51:13.024Z weekly 0.7 https://onedaysec.com/qa/what-is-the-more-stealthy-method-involving-desktopini-to-capture-ntlmv2-hashes-a-1777481472880 2026-04-29T16:51:12.898Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-use-scf-files-on-a-file-server-to-steal-ntlmv2-hashes-1777481472794 2026-04-29T16:51:12.809Z weekly 0.7 https://onedaysec.com/qa/what-are-the-differences-between-chrome-and-firefox-offline-password-extraction--1777481451735 2026-04-29T16:50:51.779Z weekly 0.7 https://onedaysec.com/qa/how-do-you-locate-the-correct-master-key-file-for-offline-chrome-password-extrac-1777481451663 2026-04-29T16:50:51.682Z weekly 0.7 https://onedaysec.com/qa/can-you-export-chrome-passwords-offline-just-by-having-the-users-ntlm-hash-1777481451576 2026-04-29T16:50:51.591Z weekly 0.7 https://onedaysec.com/qa/what-is-dpapi-and-how-is-it-used-in-chromes-password-storage-1777481451415 2026-04-29T16:50:51.435Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-defenses-against-tscon-based-remote-desktop-hijacking-1777481440101 2026-04-29T16:50:40.119Z weekly 0.7 https://onedaysec.com/qa/how-can-attackers-combine-the-utility-manager-backdoor-with-tscon-to-bypass-the--1777481440020 2026-04-29T16:50:40.042Z weekly 0.7 https://onedaysec.com/qa/are-disconnected-remote-desktop-sessions-still-vulnerable-to-tscon-hijacking-1777481439914 2026-04-29T16:50:39.932Z weekly 0.7 https://onedaysec.com/qa/how-can-tscon-be-abused-to-achieve-unauthorized-remote-desktop-login-1777481439827 2026-04-29T16:50:39.851Z weekly 0.7 https://onedaysec.com/qa/what-command-line-steps-are-needed-to-enable-remote-desktop-on-a-windows-system--1777481426352 2026-04-29T16:50:26.369Z weekly 0.7 https://onedaysec.com/qa/what-is-rdpwrap-and-how-does-it-enable-multi-user-rdp-without-modifying-system-f-1777481426257 2026-04-29T16:50:26.296Z weekly 0.7 https://onedaysec.com/qa/how-can-i-permanently-enable-multi-user-remote-desktop-on-a-windows-system-by-mo-1777481426152 2026-04-29T16:50:26.171Z weekly 0.7 https://onedaysec.com/qa/what-limitation-do-non-server-versions-of-windows-have-regarding-remote-desktop--1777481426079 2026-04-29T16:50:26.106Z weekly 0.7 https://onedaysec.com/qa/how-can-i-enable-multi-user-remote-desktop-on-a-non-server-windows-system-using--1777481425999 2026-04-29T16:50:26.014Z weekly 0.7 https://onedaysec.com/qa/what-are-typical-exploitation-scenarios-where-rid-hijacking-is-used-1777481408788 2026-04-29T16:50:08.816Z weekly 0.7 https://onedaysec.com/qa/what-are-the-limitations-and-detection-risks-of-using-rid-hijacking-in-a-penetra-1777481408678 2026-04-29T16:50:08.701Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-perform-rid-hijacking-on-a-windows-system-1777481408564 2026-04-29T16:50:08.586Z weekly 0.7 https://onedaysec.com/qa/what-is-rid-hijacking-and-how-does-it-differ-from-account-cloning-1777481408486 2026-04-29T16:50:08.505Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-defense-strategies-against-net-ntlm-hash-theft-via-http-1777481394751 2026-04-29T16:49:54.776Z weekly 0.7 https://onedaysec.com/qa/what-registry-key-controls-the-user-authentication-method-for-http-ntlm-in-inter-1777481394690 2026-04-29T16:49:54.706Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-exploit-the-http-protocol-to-capture-net-ntlm-hashes-in-a-do-1777481394632 2026-04-29T16:49:54.651Z weekly 0.7 https://onedaysec.com/qa/what-are-the-prerequisites-for-obtaining-a-clients-net-ntlm-hash-via-the-http-pr-1777481394562 2026-04-29T16:49:54.582Z weekly 0.7 https://onedaysec.com/qa/how-does-the-ntlm-authentication-process-work-over-the-http-protocol-1777481394490 2026-04-29T16:49:54.501Z weekly 0.7 https://onedaysec.com/qa/what-steps-are-needed-to-generate-a-client-certificate-and-configure-mutual-auth-1777481374770 2026-04-29T16:49:34.802Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-ssl-on-apache-ubuntu-and-set-up-two-way-authentication-1777481374681 2026-04-29T16:49:34.708Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-the-conventional-and-quick-methods-for-generating-1777481374622 2026-04-29T16:49:34.639Z weekly 0.7 https://onedaysec.com/qa/why-do-self-signed-certificates-cause-browser-warnings-about-subject-alternative-1777481374507 2026-04-29T16:49:34.540Z weekly 0.7 https://onedaysec.com/qa/how-do-i-configure-apache-for-https-traffic-distribution-with-client-certificate-1777481374435 2026-04-29T16:49:34.458Z weekly 0.7 https://onedaysec.com/qa/what-detection-and-defense-mechanisms-can-prevent-exchange-based-acl-privilege-e-1777481361285 2026-04-29T16:49:21.309Z weekly 0.7 https://onedaysec.com/qa/what-is-dcsync-and-how-does-it-relate-to-the-exchange-acl-escalation-1777481361133 2026-04-29T16:49:21.156Z weekly 0.7 https://onedaysec.com/qa/how-do-attackers-use-powerview-to-establish-a-stealthy-backdoor-via-exchange-gro-1777481361062 2026-04-29T16:49:21.082Z weekly 0.7 https://onedaysec.com/qa/what-groups-in-an-exchange-environment-provide-privilege-escalation-pathways-to--1777481360993 2026-04-29T16:49:21.007Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-escalate-privileges-to-domain-admin-by-exploiting-exchange-s-1777481360929 2026-04-29T16:49:20.944Z weekly 0.7 https://onedaysec.com/qa/how-does-the-article-address-bypassing-etw-event-tracing-for-windows-when-using--1777481344599 2026-04-29T16:49:04.631Z weekly 0.7 https://onedaysec.com/qa/what-technique-does-the-execute-assembly-approach-use-to-avoid-static-detection--1777481344396 2026-04-29T16:49:04.464Z weekly 0.7 https://onedaysec.com/qa/how-do-you-pass-command-line-arguments-to-the-main-function-of-a-net-assembly-wh-1777481344171 2026-04-29T16:49:04.186Z weekly 0.7 https://onedaysec.com/qa/what-is-seatbelt-and-why-would-someone-want-to-load-it-in-memory-1777481344117 2026-04-29T16:49:04.125Z weekly 0.7 https://onedaysec.com/qa/what-type-of-sensitive-data-can-be-extracted-from-a-sophos-utm-configuration-fil-1777481330429 2026-04-29T16:48:50.444Z weekly 0.7 https://onedaysec.com/qa/what-format-is-the-sophos-utm-configuration-file-stored-in-and-how-can-it-be-par-1777481330368 2026-04-29T16:48:50.392Z weekly 0.7 https://onedaysec.com/qa/what-methods-were-used-to-locate-and-decompile-the-confdplx-configuration-manage-1777481330281 2026-04-29T16:48:50.293Z weekly 0.7 https://onedaysec.com/qa/how-can-i-set-up-a-sophos-utm-test-environment-for-security-research-1777481330201 2026-04-29T16:48:50.221Z weekly 0.7 https://onedaysec.com/qa/how-do-i-reverse-lookup-ip-information-using-the-shodan-api-in-python-1777481313635 2026-04-29T16:48:33.663Z weekly 0.7 https://onedaysec.com/qa/can-i-export-search-results-from-the-shodan-website-and-process-them-locally-1777481313576 2026-04-29T16:48:33.595Z weekly 0.7 https://onedaysec.com/qa/how-do-i-use-python-to-call-the-shodan-api-and-retrieve-search-results-1777481313495 2026-04-29T16:48:33.518Z weekly 0.7 https://onedaysec.com/qa/how-can-i-search-for-devices-using-the-shodan-command-line-interface-1777481313441 2026-04-29T16:48:33.454Z weekly 0.7 https://onedaysec.com/qa/what-are-the-three-types-of-shodan-credits-and-how-do-they-differ-1777481313325 2026-04-29T16:48:33.338Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-processes-running-in-a-vrealize-log-insight-appliance-and-what--1777481292882 2026-04-29T16:48:12.925Z weekly 0.7 https://onedaysec.com/qa/how-do-you-enable-remote-debugging-on-a-vrealize-log-insight-appliance-and-which-1777481292749 2026-04-29T16:48:12.770Z weekly 0.7 https://onedaysec.com/qa/what-are-the-initial-steps-to-install-vrealize-log-insight-from-scratch-for-vuln-1777481292690 2026-04-29T16:48:12.706Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-building-a-vrealize-log-insight-vulnerability-debugging-e-1777481292619 2026-04-29T16:48:12.631Z weekly 0.7 https://onedaysec.com/qa/what-defense-recommendations-does-the-article-offer-against-troubleshooting-pack-1777481279651 2026-04-29T16:47:59.670Z weekly 0.7 https://onedaysec.com/qa/why-is-digital-signature-verification-important-for-troubleshooting-packs-and-ho-1777481279549 2026-04-29T16:47:59.593Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-steps-to-develop-a-troubleshooting-pack-with-a-payload-using-ts-1777481279466 2026-04-29T16:47:59.479Z weekly 0.7 https://onedaysec.com/qa/how-can-the-windows-troubleshooting-platform-be-abused-in-penetration-testing-1777481279405 2026-04-29T16:47:59.416Z weekly 0.7 https://onedaysec.com/qa/how-do-i-automate-minio-version-checking-using-python-1777481265649 2026-04-29T16:47:45.688Z weekly 0.7 https://onedaysec.com/qa/what-information-does-the-apiv1admininfo-endpoint-return-1777481265564 2026-04-29T16:47:45.581Z weekly 0.7 https://onedaysec.com/qa/what-if-the-minio-web-console-is-not-on-the-default-port-9000-1777481265509 2026-04-29T16:47:45.522Z weekly 0.7 https://onedaysec.com/qa/how-can-i-detect-the-version-of-a-running-minio-server-1777481265389 2026-04-29T16:47:45.421Z weekly 0.7 https://onedaysec.com/qa/how-can-i-fix-common-errors-like-0x80370102-or-terminal-emulator-issues-when-usi-1777481253188 2026-04-29T16:47:33.208Z weekly 0.7 https://onedaysec.com/qa/what-steps-are-needed-to-install-and-configure-a-kali-linux-subsystem-on-windows-1777481253045 2026-04-29T16:47:33.062Z weekly 0.7 https://onedaysec.com/qa/how-do-i-install-kali-nethunter-on-a-oneplus-6t-running-android-11-1777481252931 2026-04-29T16:47:32.950Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-methods-to-install-kali-linux-on-a-oneplus-6t-as-described-in-t-1777481252838 2026-04-29T16:47:32.852Z weekly 0.7 https://onedaysec.com/qa/what-are-the-default-web-paths-for-goanywhere-on-windows-and-linux-and-why-might-1777481238548 2026-04-29T16:47:18.563Z weekly 0.7 https://onedaysec.com/qa/how-can-i-enable-or-modify-user-accounts-in-the-goanywhere-database-when-the-ser-1777481238492 2026-04-29T16:47:18.508Z weekly 0.7 https://onedaysec.com/qa/what-database-does-goanywhere-managed-file-transfer-use-and-how-can-i-access-it--1777481238437 2026-04-29T16:47:18.450Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-remote-debugging-for-goanywhere-managed-file-transfer-on-windows-1777481238366 2026-04-29T16:47:18.385Z weekly 0.7 https://onedaysec.com/qa/why-is-it-useful-to-set-up-an-adaudit-plus-vulnerability-debugging-environment-1777481214474 2026-04-29T16:46:54.491Z weekly 0.7 https://onedaysec.com/qa/what-is-the-default-postgresql-password-for-the-postgres-user-in-adaudit-plus-1777481214328 2026-04-29T16:46:54.409Z weekly 0.7 https://onedaysec.com/qa/how-can-i-obtain-and-decrypt-the-database-user-password-for-adaudit-plus-1777481214159 2026-04-29T16:46:54.181Z weekly 0.7 https://onedaysec.com/qa/where-are-the-main-jar-files-containing-adaudit-plus-web-functionality-located-1777481214097 2026-04-29T16:46:54.108Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-remote-debugging-for-adaudit-plus-1777481214021 2026-04-29T16:46:54.035Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-authentication-and-encoding-details-to-consider-when-writing-a--1777481195008 2026-04-29T16:46:35.027Z weekly 0.7 https://onedaysec.com/qa/what-is-tabshell-and-how-can-python-be-used-to-exploit-it-1777481194904 2026-04-29T16:46:34.926Z weekly 0.7 https://onedaysec.com/qa/how-can-pypsrp-be-used-to-debug-the-communication-format-between-python-and-exch-1777481194815 2026-04-29T16:46:34.838Z weekly 0.7 https://onedaysec.com/qa/what-are-the-core-components-and-steps-to-implement-remote-exchange-powershell-c-1777481194760 2026-04-29T16:46:34.774Z weekly 0.7 https://onedaysec.com/qa/why-is-python-preferred-over-powershell-for-remote-exchange-powershell-execution-1777481194675 2026-04-29T16:46:34.698Z weekly 0.7 https://onedaysec.com/qa/what-commands-and-tools-are-used-to-connect-to-the-vrealize-log-insight-cassandr-1777481179681 2026-04-29T16:46:19.712Z weekly 0.7 https://onedaysec.com/qa/how-can-i-reset-the-admin-password-for-vrealize-log-insight-web-login-1777481179616 2026-04-29T16:46:19.636Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-remote-debugging-for-vrealize-log-insight-services-1777481179555 2026-04-29T16:46:19.570Z weekly 0.7 https://onedaysec.com/qa/how-do-i-install-vrealize-log-insight-for-vulnerability-debugging-1777481179482 2026-04-29T16:46:19.492Z weekly 0.7 https://onedaysec.com/qa/how-does-the-database-encryption-algorithm-in-admanager-plus-work-for-user-passw-1777481168399 2026-04-29T16:46:08.426Z weekly 0.7 https://onedaysec.com/qa/what-is-the-default-password-for-the-postgresql-postgres-user-in-admanager-plus-1777481168328 2026-04-29T16:46:08.346Z weekly 0.7 https://onedaysec.com/qa/how-can-i-decrypt-the-admanager-plus-database-user-password-from-the-configurati-1777481168272 2026-04-29T16:46:08.285Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-remote-debugging-for-admanager-plus-to-analyze-vulnerabilities-1777481168204 2026-04-29T16:46:08.220Z weekly 0.7 https://onedaysec.com/qa/does-the-password-obtained-via-zld_fsextract-work-for-both-bin-and-db-firmware-f-1777481155641 2026-04-29T16:45:55.656Z weekly 0.7 https://onedaysec.com/qa/how-can-i-extract-the-decryption-password-for-a-zyxel-bin-firmware-file-using-zl-1777481155582 2026-04-29T16:45:55.603Z weekly 0.7 https://onedaysec.com/qa/what-conditions-must-be-met-for-the-known-plaintext-attack-to-work-on-zyxel-firm-1777481155510 2026-04-29T16:45:55.537Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-general-methods-for-decrypting-zyxel-firmware-discussed-in-the--1777481155439 2026-04-29T16:45:55.457Z weekly 0.7 https://onedaysec.com/qa/what-ports-and-endpoints-are-used-for-different-zimbra-services-1777481122422 2026-04-29T16:45:22.441Z weekly 0.7 https://onedaysec.com/qa/what-is-cve-2019-9621-and-how-does-it-affect-zimbra-authentication-1777481122332 2026-04-29T16:45:22.357Z weekly 0.7 https://onedaysec.com/qa/how-can-you-authenticate-to-the-zimbra-soap-api-using-a-regular-user-account-1777481122261 2026-04-29T16:45:22.273Z weekly 0.7 https://onedaysec.com/qa/what-are-the-main-namespaces-in-the-zimbra-soap-api-and-their-purposes-1777481122177 2026-04-29T16:45:22.193Z weekly 0.7 https://onedaysec.com/qa/what-firewall-rules-must-be-enabled-on-a-client-for-remote-group-policy-update-v-1777481110163 2026-04-29T16:45:10.182Z weekly 0.7 https://onedaysec.com/qa/where-are-scheduled-task-configurations-stored-within-a-gpo-and-how-often-do-cli-1777481110075 2026-04-29T16:45:10.095Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-main-exploitation-approaches-for-remote-execution-via-gpo-sched-1777481110004 2026-04-29T16:45:10.024Z weekly 0.7 https://onedaysec.com/qa/how-can-you-create-a-gpo-with-a-scheduled-task-using-only-powershell-commands-1777481109944 2026-04-29T16:45:09.959Z weekly 0.7 https://onedaysec.com/qa/what-is-the-advantage-of-using-group-policy-objects-gpo-to-deploy-scheduled-task-1777481109871 2026-04-29T16:45:09.888Z weekly 0.7 https://onedaysec.com/qa/what-steps-should-an-attacker-follow-to-verify-and-extract-firefox-saved-passwor-1777481096275 2026-04-29T16:44:56.293Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-export-firefox-passwords-if-a-master-password-is-set-1777481096201 2026-04-29T16:44:56.223Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-export-firefox-passwords-offline-if-no-master-password-is-se-1777481096143 2026-04-29T16:44:56.159Z weekly 0.7 https://onedaysec.com/qa/what-tools-can-export-saved-firefox-passwords-and-what-are-their-limitations-wit-1777481096076 2026-04-29T16:44:56.092Z weekly 0.7 https://onedaysec.com/qa/how-does-firefox-store-saved-passwords-and-what-files-are-involved-1777481096000 2026-04-29T16:44:56.017Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-jar-files-and-configuration-locations-for-password-manager-pro--1777481078093 2026-04-29T16:44:38.107Z weekly 0.7 https://onedaysec.com/qa/how-do-i-connect-to-the-postgresql-database-used-by-password-manager-pro-1777481078046 2026-04-29T16:44:38.061Z weekly 0.7 https://onedaysec.com/qa/how-can-i-decrypt-the-password-manager-pro-database-password-1777481077991 2026-04-29T16:44:38.010Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-remote-debugging-jpda-for-password-manager-pro-1777481077937 2026-04-29T16:44:37.949Z weekly 0.7 https://onedaysec.com/qa/how-can-i-install-password-manager-pro-for-vulnerability-research-1777481077860 2026-04-29T16:44:37.878Z weekly 0.7 https://onedaysec.com/qa/after-uploading-a-file-via-clientuploader-where-can-it-be-accessed-and-who-can-v-1777481051888 2026-04-29T16:44:11.901Z weekly 0.7 https://onedaysec.com/qa/where-are-zimbra-login-logs-stored-and-what-additional-functionality-does-the-op-1777481051823 2026-04-29T16:44:11.850Z weekly 0.7 https://onedaysec.com/qa/what-is-the-correct-way-to-upload-a-file-using-the-clientuploader-plugin-and-wha-1777481051715 2026-04-29T16:44:11.747Z weekly 0.7 https://onedaysec.com/qa/how-can-an-administrator-obtain-the-token-of-a-specified-mailbox-user-in-zimbra-1777481051643 2026-04-29T16:44:11.666Z weekly 0.7 https://onedaysec.com/qa/what-methods-can-be-used-to-detect-processhider-activity-1777481011636 2026-04-29T16:43:31.652Z weekly 0.7 https://onedaysec.com/qa/how-does-processhider-handle-process-hiding-on-64-bit-windows-systems-1777481011572 2026-04-29T16:43:31.592Z weekly 0.7 https://onedaysec.com/qa/why-must-processhider-be-compiled-as-a-32-bit-application-1777481011514 2026-04-29T16:43:31.526Z weekly 0.7 https://onedaysec.com/qa/how-does-processhider-hide-processes-from-monitoring-tools-like-task-manager-1777481011441 2026-04-29T16:43:31.455Z weekly 0.7 https://onedaysec.com/qa/can-a-forged-microsoft-authenticode-signature-or-a-custom-catalog-signature-allo-1777480990234 2026-04-29T16:43:10.249Z weekly 0.7 https://onedaysec.com/qa/what-exploitation-technique-is-demonstrated-for-hiding-a-password-filter-dll-and-1777480990167 2026-04-29T16:43:10.187Z weekly 0.7 https://onedaysec.com/qa/how-can-i-monitor-whether-a-password-filter-dll-is-attempting-to-load-without-a--1777480990068 2026-04-29T16:43:10.090Z weekly 0.7 https://onedaysec.com/qa/what-is-additional-lsa-protection-and-how-do-you-configure-it-on-windows-1777480989985 2026-04-29T16:43:09.995Z weekly 0.7 https://onedaysec.com/qa/how-do-you-ensure-compatibility-between-python-and-firefox-when-using-nss-to-exp-1777480972151 2026-04-29T16:42:52.170Z weekly 0.7 https://onedaysec.com/qa/what-files-are-required-for-nss-initialization-when-exporting-firefox-passwords--1777480972074 2026-04-29T16:42:52.111Z weekly 0.7 https://onedaysec.com/qa/how-does-the-script-verify-the-firefox-master-password-and-what-can-it-be-used-f-1777480972019 2026-04-29T16:42:52.037Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-steps-to-export-firefox-passwords-using-python-and-nss-1777480971939 2026-04-29T16:42:51.950Z weekly 0.7 https://onedaysec.com/qa/what-is-network-security-services-nss-and-how-does-firefox-use-it-for-password-m-1777480971882 2026-04-29T16:42:51.900Z weekly 0.7 https://onedaysec.com/qa/why-does-the-rop-chain-include-filler-values-like-0x41414141-and-how-are-they-co-1777480935045 2026-04-29T16:42:15.065Z weekly 0.7 https://onedaysec.com/qa/what-are-the-four-parameters-required-by-virtualalloc-and-how-are-they-set-in-th-1777480934974 2026-04-29T16:42:14.998Z weekly 0.7 https://onedaysec.com/qa/how-does-the-mona-plugin-in-immunity-debugger-assist-in-bypassing-dep-with-virtu-1777480934917 2026-04-29T16:42:14.929Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-advantage-of-using-virtualalloc-instead-of-virtualprotect-to-by-1777480934864 2026-04-29T16:42:14.878Z weekly 0.7 https://onedaysec.com/qa/how-can-i-load-a-level3-dll-trojan-eg-http-proxy-x64-sharedlib-using-rundll32-1777480920280 2026-04-29T16:42:00.296Z weekly 0.7 https://onedaysec.com/qa/how-do-pc-and-pc22-differ-in-the-context-of-danderspritz-trojan-generation-1777480920221 2026-04-29T16:42:00.240Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-level3-and-level4-trojans-in-danderspritz-1777480920153 2026-04-29T16:42:00.169Z weekly 0.7 https://onedaysec.com/qa/why-does-executing-pc_prep-in-danderspritz-not-return-any-echo-and-how-can-it-be-1777480920090 2026-04-29T16:42:00.103Z weekly 0.7 https://onedaysec.com/qa/how-can-you-extract-shellcode-from-a-c-program-using-vc60-debug-mode-1777480903920 2026-04-29T16:41:43.935Z weekly 0.7 https://onedaysec.com/qa/why-is-it-necessary-to-write-shellcode-in-pure-c-without-inline-assembly-for-64--1777480903866 2026-04-29T16:41:43.881Z weekly 0.7 https://onedaysec.com/qa/what-is-the-shellcodecompiler-tool-and-how-does-it-simplify-shellcode-generation-1777480903814 2026-04-29T16:41:43.828Z weekly 0.7 https://onedaysec.com/qa/why-cant-we-use-fixed-memory-addresses-in-shellcode-on-modern-windows-systems-li-1777480903756 2026-04-29T16:41:43.772Z weekly 0.7 https://onedaysec.com/qa/what-is-the-recommended-universal-method-for-privilege-reduction-from-system-to--1777480888019 2026-04-29T16:41:28.037Z weekly 0.7 https://onedaysec.com/qa/how-does-selectmyparent-enable-privilege-reduction-from-system-to-ordinary-user--1777480887955 2026-04-29T16:41:27.975Z weekly 0.7 https://onedaysec.com/qa/why-do-common-privilege-reduction-methods-like-runas-and-lsrunas-fail-when-start-1777480887877 2026-04-29T16:41:27.893Z weekly 0.7 https://onedaysec.com/qa/what-are-the-main-differences-in-environment-variables-between-system-privileges-1777480887831 2026-04-29T16:41:27.841Z weekly 0.7 https://onedaysec.com/qa/why-is-privilege-reduction-necessary-in-penetration-testing-when-operating-from--1777480887762 2026-04-29T16:41:27.781Z weekly 0.7 https://onedaysec.com/qa/why-does-changing-the-transmission-path-eg-copying-a-file-into-a-virtual-machine-1777480865767 2026-04-29T16:41:05.782Z weekly 0.7 https://onedaysec.com/qa/what-interesting-behavior-was-discovered-when-combining-lnk-files-with-cab-archi-1777480865711 2026-04-29T16:41:05.727Z weekly 0.7 https://onedaysec.com/qa/how-can-one-bypass-the-windows-attachment-manager-warning-using-compressed-files-1777480865661 2026-04-29T16:41:05.674Z weekly 0.7 https://onedaysec.com/qa/what-is-windows-attachment-manager-and-how-does-it-mark-downloaded-files-as-untr-1777480865560 2026-04-29T16:41:05.592Z weekly 0.7 https://onedaysec.com/qa/why-does-apc-injection-succeed-in-evading-sysmon-compared-to-createremotethread-1777480848194 2026-04-29T16:40:48.210Z weekly 0.7 https://onedaysec.com/qa/what-tools-did-casey-smith-share-to-execute-apc-injection-and-avoid-sysmon-1777480848091 2026-04-29T16:40:48.120Z weekly 0.7 https://onedaysec.com/qa/how-can-you-implement-apc-based-dll-injection-in-c-1777480847986 2026-04-29T16:40:48.000Z weekly 0.7 https://onedaysec.com/qa/what-sysmon-event-does-apc-injection-bypass-and-how-1777480847918 2026-04-29T16:40:47.928Z weekly 0.7 https://onedaysec.com/qa/does-bypassing-windows-event-log-affect-all-logging-and-what-are-its-limitations-1777480831991 2026-04-29T16:40:32.016Z weekly 0.7 https://onedaysec.com/qa/what-tools-are-used-in-bypass-method-two-to-locate-and-terminate-log-related-thr-1777480831934 2026-04-29T16:40:31.951Z weekly 0.7 https://onedaysec.com/qa/what-is-the-principle-behind-bypassing-windows-event-log-by-terminating-threads-1777480831880 2026-04-29T16:40:31.894Z weekly 0.7 https://onedaysec.com/qa/how-can-i-clear-all-windows-event-logs-using-built-in-tools-1777480831829 2026-04-29T16:40:31.840Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-methods-to-set-the-appdomainmanager-for-hijacking-a-net-program-1777480820242 2026-04-29T16:40:20.258Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-appdomainmanager-hijacking-attempts-on-net-programs-1777480820168 2026-04-29T16:40:20.188Z weekly 0.7 https://onedaysec.com/qa/what-is-the-exploitation-approach-targeting-visual-studio-using-appdomainmanager-1777480820103 2026-04-29T16:40:20.123Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-hijack-a-system-net-program-like-powershell_iseexe-using-app-1777480820003 2026-04-29T16:40:20.039Z weekly 0.7 https://onedaysec.com/qa/what-is-the-appdomainmanager-hijacking-technique-for-maintaining-persistence-in--1777480819914 2026-04-29T16:40:19.927Z weekly 0.7 https://onedaysec.com/qa/what-are-some-ways-to-defend-against-process-hiding-via-global-api-hooks-1777480800943 2026-04-29T16:40:00.958Z weekly 0.7 https://onedaysec.com/qa/does-the-global-api-hook-method-work-on-windows-8-or-later-systems-1777480800867 2026-04-29T16:40:00.896Z weekly 0.7 https://onedaysec.com/qa/how-does-the-registry-configuration-differ-when-hiding-processes-on-a-64-bit-win-1777480800769 2026-04-29T16:40:00.791Z weekly 0.7 https://onedaysec.com/qa/what-registry-keys-need-to-be-modified-to-enable-global-api-hooks-for-process-hi-1777480800707 2026-04-29T16:40:00.718Z weekly 0.7 https://onedaysec.com/qa/what-is-the-global-api-hook-method-for-hiding-processes-on-windows-7-and-how-doe-1777480800557 2026-04-29T16:40:00.623Z weekly 0.7 https://onedaysec.com/qa/what-limitation-does-the-first-sdcltexe-bypass-method-have-and-how-is-it-overcom-1777480773887 2026-04-29T16:39:33.913Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-or-prevent-this-uac-bypass-using-sdcltexe-1777480773777 2026-04-29T16:39:33.794Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-different-registry-hijack-methods-demonstrated-for-bypassing-ua-1777480773714 2026-04-29T16:39:33.729Z weekly 0.7 https://onedaysec.com/qa/why-does-this-uac-bypass-technique-only-work-on-windows-10-and-not-on-windows-7-1777480773618 2026-04-29T16:39:33.642Z weekly 0.7 https://onedaysec.com/qa/what-is-the-key-principle-behind-using-sdcltexe-to-bypass-uac-in-windows-10-1777480773540 2026-04-29T16:39:33.553Z weekly 0.7 https://onedaysec.com/qa/how-does-advanced-installer-help-in-creating-msi-files-for-penetration-testing-1777480752844 2026-04-29T16:39:12.855Z weekly 0.7 https://onedaysec.com/qa/what-is-the-alwaysinstallelevated-privilege-escalation-technique-with-msiexec-1777480752783 2026-04-29T16:39:12.802Z weekly 0.7 https://onedaysec.com/qa/can-msiexec-download-and-execute-an-msi-file-from-a-remote-server-1777480752706 2026-04-29T16:39:12.733Z weekly 0.7 https://onedaysec.com/qa/how-can-i-create-a-malicious-msi-file-for-penetration-testing-using-metasploit-1777480752600 2026-04-29T16:39:12.619Z weekly 0.7 https://onedaysec.com/qa/how-does-the-ycrcb-color-model-used-in-jpeg-files-aid-in-compression-and-stegano-1777480741248 2026-04-29T16:39:01.261Z weekly 0.7 https://onedaysec.com/qa/what-tools-are-commonly-used-to-detect-steganography-in-jpeg-images-and-how-do-t-1777480741172 2026-04-29T16:39:01.198Z weekly 0.7 https://onedaysec.com/qa/how-does-the-dqt-define-quantization-table-marker-provide-an-opportunity-for-hid-1777480741014 2026-04-29T16:39:01.050Z weekly 0.7 https://onedaysec.com/qa/what-is-a-com-comment-in-a-jpeg-file-and-how-can-it-be-used-for-steganography-1777480740938 2026-04-29T16:39:00.954Z weekly 0.7 https://onedaysec.com/qa/how-does-the-jpeg-file-format-make-it-easier-to-hide-payloads-compared-to-png-1777480740850 2026-04-29T16:39:00.870Z weekly 0.7 https://onedaysec.com/qa/is-there-an-alternative-way-to-send-unencoded-urls-without-modifying-the-request-1777480726182 2026-04-29T16:38:46.196Z weekly 0.7 https://onedaysec.com/qa/what-does-the-requote_uri-function-do-in-the-requests-library-and-why-is-it-the--1777480726110 2026-04-29T16:38:46.140Z weekly 0.7 https://onedaysec.com/qa/what-specific-modifications-are-needed-in-the-requests-and-urllib3-libraries-to--1777480726021 2026-04-29T16:38:46.051Z weekly 0.7 https://onedaysec.com/qa/why-does-the-python-requests-library-encode-urls-by-default-and-how-does-this-ca-1777480725954 2026-04-29T16:38:45.970Z weekly 0.7 https://onedaysec.com/qa/how-can-the-vshadow-tool-be-obtained-and-why-is-it-useful-in-penetration-testing-1777480712216 2026-04-29T16:38:32.252Z weekly 0.7 https://onedaysec.com/qa/what-defenses-can-be-implemented-to-prevent-abuse-of-volume-shadow-copy-in-attac-1777480712144 2026-04-29T16:38:32.167Z weekly 0.7 https://onedaysec.com/qa/what-is-the-role-of-the-volume-shadow-copy-service-vss-in-recovering-files-from--1777480712088 2026-04-29T16:38:32.101Z weekly 0.7 https://onedaysec.com/qa/how-can-penetration-testers-use-volume-shadow-copy-to-create-a-fileless-process-1777480712031 2026-04-29T16:38:32.044Z weekly 0.7 https://onedaysec.com/qa/what-is-the-key-difference-in-permissions-between-modifying-hkcu-and-hkcr-regist-1777480693804 2026-04-29T16:38:13.822Z weekly 0.7 https://onedaysec.com/qa/why-might-a-hijacked-dll-fail-to-load-in-a-scheduled-task-and-how-do-you-fix-it-1777480693746 2026-04-29T16:38:13.765Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-use-userland-registry-hijacking-for-persistence-with-schedul-1777480693683 2026-04-29T16:38:13.701Z weekly 0.7 https://onedaysec.com/qa/what-is-the-core-principle-behind-userland-registry-hijacking-1777480693576 2026-04-29T16:38:13.586Z weekly 0.7 https://onedaysec.com/qa/why-does-windows-explorer-or-cmd-show-only-260-characters-of-a-shortcuts-command-1777480680459 2026-04-29T16:38:00.488Z weekly 0.7 https://onedaysec.com/qa/how-does-the-lnk-files-attribute-flags-field-indicate-the-presence-of-a-command--1777480680390 2026-04-29T16:38:00.413Z weekly 0.7 https://onedaysec.com/qa/what-tools-or-languages-were-used-to-create-a-proof-of-concept-for-this-shortcut-1777480680298 2026-04-29T16:38:00.327Z weekly 0.7 https://onedaysec.com/qa/what-is-the-key-structural-difference-in-a-lnk-file-that-enables-storing-long-co-1777480680232 2026-04-29T16:38:00.248Z weekly 0.7 https://onedaysec.com/qa/how-can-malware-bypass-the-260-character-limit-on-command-line-parameters-in-win-1777480680099 2026-04-29T16:38:00.120Z weekly 0.7 https://onedaysec.com/qa/how-can-website-administrators-determine-if-their-joomla-site-is-vulnerable-and--1777480662236 2026-04-29T16:37:42.268Z weekly 0.7 https://onedaysec.com/qa/what-was-the-official-patch-for-these-vulnerabilities-and-how-does-it-prevent-th-1777480662177 2026-04-29T16:37:42.195Z weekly 0.7 https://onedaysec.com/qa/what-three-conditions-must-be-simultaneously-met-for-an-attacker-to-gain-full-ad-1777480662125 2026-04-29T16:37:42.140Z weekly 0.7 https://onedaysec.com/qa/why-might-a-successful-exploit-using-these-vulnerabilities-still-result-in-an-in-1777480662078 2026-04-29T16:37:42.092Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-vulnerabilities-cve-2016-8870-and-cve-2016-8869-in-joomla-34436-1777480662010 2026-04-29T16:37:42.024Z weekly 0.7 https://onedaysec.com/qa/which-default-ports-and-services-are-important-for-debugging-veeam-backup-replic-1777480642115 2026-04-29T16:37:22.128Z weekly 0.7 https://onedaysec.com/qa/why-might-the-veeam-creds-powershell-script-fail-on-veeam-backup-replication-11--1777480642019 2026-04-29T16:37:22.036Z weekly 0.7 https://onedaysec.com/qa/what-is-cve-2023-27532-and-how-does-it-relate-to-credential-exposure-in-veeam-1777480641944 2026-04-29T16:37:21.976Z weekly 0.7 https://onedaysec.com/qa/how-can-i-extract-database-credentials-from-veeam-backup-replication-during-vuln-1777480641895 2026-04-29T16:37:21.908Z weekly 0.7 https://onedaysec.com/qa/what-steps-are-needed-to-set-up-a-debugging-environment-for-veeam-backup-replica-1777480641835 2026-04-29T16:37:21.851Z weekly 0.7 https://onedaysec.com/qa/what-common-pitfalls-should-be-addressed-when-scanning-weblogic-via-the-t3-proto-1777480608174 2026-04-29T16:36:48.195Z weekly 0.7 https://onedaysec.com/qa/why-is-it-necessary-to-distinguish-between-early-and-currently-used-weblogic-ver-1777480608121 2026-04-29T16:36:48.137Z weekly 0.7 https://onedaysec.com/qa/how-can-you-detect-the-weblogic-version-when-the-admin-console-is-closed-or-the--1777480608036 2026-04-29T16:36:48.051Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-main-methods-for-detecting-the-weblogic-version-during-a-penetr-1777480607988 2026-04-29T16:36:47.997Z weekly 0.7 https://onedaysec.com/qa/where-can-the-complete-python-implementation-for-minio-version-detection-be-foun-1777480585558 2026-04-29T16:36:25.570Z weekly 0.7 https://onedaysec.com/qa/what-common-issue-occurs-when-the-minio-port-is-not-the-default-and-how-is-it-ha-1777480585505 2026-04-29T16:36:25.522Z weekly 0.7 https://onedaysec.com/qa/what-api-endpoint-returns-the-minio-version-information-and-how-should-the-respo-1777480585449 2026-04-29T16:36:25.470Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-log-in-to-the-minio-web-interface-to-perform-version-detecti-1777480585378 2026-04-29T16:36:25.397Z weekly 0.7 https://onedaysec.com/qa/what-is-minio-and-why-is-version-detection-important-in-penetration-testing-1777480585318 2026-04-29T16:36:25.330Z weekly 0.7 https://onedaysec.com/qa/why-might-penetration-testers-choose-imap-based-methods-over-the-web-management--1777480573478 2026-04-29T16:36:13.494Z weekly 0.7 https://onedaysec.com/qa/what-is-the-role-of-the-zimbrasoapexposeversion-property-in-zimbra-version-detec-1777480573373 2026-04-29T16:36:13.401Z weekly 0.7 https://onedaysec.com/qa/how-does-the-python-script-in-the-open-source-code-handle-failures-when-detectin-1777480573308 2026-04-29T16:36:13.322Z weekly 0.7 https://onedaysec.com/qa/what-are-the-main-methods-for-detecting-a-zimbra-version-during-a-penetration-te-1777480573201 2026-04-29T16:36:13.215Z weekly 0.7 https://onedaysec.com/qa/how-did-the-author-use-python-to-exploit-tabshell-and-what-tools-were-used-to-an-1777480559890 2026-04-29T16:35:59.920Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-considerations-when-implementing-kerberos-authentication-for-ex-1777480559794 2026-04-29T16:35:59.821Z weekly 0.7 https://onedaysec.com/qa/how-can-you-capture-and-analyze-the-raw-communication-data-when-developing-a-pyt-1777480559740 2026-04-29T16:35:59.749Z weekly 0.7 https://onedaysec.com/qa/why-should-we-use-python-instead-of-powershell-for-executing-exchange-powershell-1777480559676 2026-04-29T16:35:59.691Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-configuration-files-and-jar-files-needed-for-debugging-adaudit--1777480540162 2026-04-29T16:35:40.180Z weekly 0.7 https://onedaysec.com/qa/what-is-the-hard-coded-password-for-the-postgres-user-in-adaudit-plus-and-how-do-1777480540077 2026-04-29T16:35:40.102Z weekly 0.7 https://onedaysec.com/qa/how-can-i-obtain-the-encrypted-database-password-for-the-adap-user-in-adaudit-pl-1777480539979 2026-04-29T16:35:39.995Z weekly 0.7 https://onedaysec.com/qa/how-do-i-set-up-a-remote-debugging-environment-for-adaudit-plus-1777480539912 2026-04-29T16:35:39.924Z weekly 0.7 https://onedaysec.com/qa/how-can-i-modify-the-goanywhere-database-when-the-service-is-not-running-1777480526762 2026-04-29T16:35:26.813Z weekly 0.7 https://onedaysec.com/qa/what-database-does-goanywhere-managed-file-transfer-use-and-how-can-i-query-it-1777480526689 2026-04-29T16:35:26.712Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-remote-debugging-on-linux-for-goanywhere-mft-1777480526587 2026-04-29T16:35:26.605Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-remote-debugging-for-goanywhere-managed-file-transfer-on-windows-1777480526524 2026-04-29T16:35:26.540Z weekly 0.7 https://onedaysec.com/qa/what-vulnerability-and-fix-are-associated-with-this-remote-exchange-powershell-t-1777480499892 2026-04-29T16:34:59.906Z weekly 0.7 https://onedaysec.com/qa/how-are-exchange-powershell-commands-formatted-in-the-xml-file-used-for-executio-1777480499840 2026-04-29T16:34:59.857Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-code-differences-when-adapting-the-technique-from-python2-to-py-1777480499767 2026-04-29T16:34:59.784Z weekly 0.7 https://onedaysec.com/qa/how-does-the-implementation-achieve-credential-passing-without-a-domain-joined-h-1777480499653 2026-04-29T16:34:59.668Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-advantage-of-the-remote-exchange-powershell-access-technique-de-1777480499581 2026-04-29T16:34:59.597Z weekly 0.7 https://onedaysec.com/qa/what-is-the-significance-of-the-domainname-field-in-the-aaalogin-table-for-encry-1777480484536 2026-04-29T16:34:44.550Z weekly 0.7 https://onedaysec.com/qa/how-can-i-brute-force-adaudit-plus-user-passwords-using-the-encryption-analysis-1777480484472 2026-04-29T16:34:44.501Z weekly 0.7 https://onedaysec.com/qa/where-is-the-encrypted-password-data-stored-in-adaudit-plus-and-how-can-i-query--1777480484403 2026-04-29T16:34:44.425Z weekly 0.7 https://onedaysec.com/qa/how-does-adaudit-plus-encrypt-passwords-for-custom-users-and-domain-users-1777480484239 2026-04-29T16:34:44.283Z weekly 0.7 https://onedaysec.com/qa/what-should-you-do-if-you-encounter-garbled-text-or-an-ssl-versioncipher-mismatc-1777480462983 2026-04-29T16:34:23.006Z weekly 0.7 https://onedaysec.com/qa/why-does-using-allow_redirectsfalse-in-the-python-requests-module-not-work-for-f-1777480462799 2026-04-29T16:34:22.830Z weekly 0.7 https://onedaysec.com/qa/what-is-the-key-feature-used-for-fortigate-version-detection-and-how-is-it-extra-1777480462739 2026-04-29T16:34:22.754Z weekly 0.7 https://onedaysec.com/qa/how-can-you-distinguish-between-a-fortigate-management-page-and-a-vpn-login-page-1777480462651 2026-04-29T16:34:22.667Z weekly 0.7 https://onedaysec.com/qa/which-tools-are-commonly-used-to-capture-net-ntlm-hashes-and-how-do-they-work-1777480440948 2026-04-29T16:34:00.971Z weekly 0.7 https://onedaysec.com/qa/what-is-the-correct-format-for-a-net-ntlmv2-hash-when-using-hashcat-1777480440889 2026-04-29T16:34:00.908Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-obtain-a-net-ntlm-hash-in-a-network-environment-1777480440814 2026-04-29T16:34:00.836Z weekly 0.7 https://onedaysec.com/qa/how-is-an-ntlm-hash-generated-from-a-plaintext-password-1777480440744 2026-04-29T16:34:00.754Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-an-ntlm-hash-and-a-net-ntlm-hash-1777480440677 2026-04-29T16:34:00.694Z weekly 0.7 https://onedaysec.com/qa/why-does-the-winrm-service-require-administrator-privileges-for-initial-configur-1777480419993 2026-04-29T16:33:40.011Z weekly 0.7 https://onedaysec.com/qa/what-are-the-detection-methods-for-identifying-winrm-service-running-on-non-stan-1777480419915 2026-04-29T16:33:39.936Z weekly 0.7 https://onedaysec.com/qa/what-is-the-role-of-the-http-server-api-in-achieving-port-reuse-for-command-exec-1777480419856 2026-04-29T16:33:39.870Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-bypass-a-firewall-that-only-allows-port-80-or-443-to-remotel-1777480419789 2026-04-29T16:33:39.810Z weekly 0.7 https://onedaysec.com/qa/why-is-the-aes-256-encryption-used-for-cpassword-considered-a-security-weakness--1777480400668 2026-04-29T16:33:20.682Z weekly 0.7 https://onedaysec.com/qa/which-group-policy-preference-files-besides-groupsxml-can-contain-the-cpassword--1777480400566 2026-04-29T16:33:20.583Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-decrypt-the-cpassword-field-found-in-groupsxml-or-similar-gp-1777480400506 2026-04-29T16:33:20.525Z weekly 0.7 https://onedaysec.com/qa/what-is-the-sysvol-shared-folder-and-why-does-it-pose-a-security-risk-for-domain-1777480400435 2026-04-29T16:33:20.453Z weekly 0.7 https://onedaysec.com/qa/how-does-detecting-this-stealth-remote-assistance-attack-work-and-what-limitatio-1777480380160 2026-04-29T16:33:00.174Z weekly 0.7 https://onedaysec.com/qa/what-is-the-complete-exploitation-chain-for-stealth-remote-assistance-and-where--1777480380074 2026-04-29T16:33:00.092Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-programmatically-obtain-the-remote-assistance-connection-pas-1777480379982 2026-04-29T16:33:00.011Z weekly 0.7 https://onedaysec.com/qa/what-registry-and-firewall-modifications-are-needed-to-enable-remote-assistance--1777480379936 2026-04-29T16:32:59.943Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-stealthily-use-windows-remote-assistance-to-gain-remote-acce-1777480379854 2026-04-29T16:32:59.868Z weekly 0.7 https://onedaysec.com/qa/what-can-an-attacker-do-with-sedebugprivilege-to-escalate-privileges-or-access-s-1777480365523 2026-04-29T16:32:45.552Z weekly 0.7 https://onedaysec.com/qa/how-can-sebackupprivilege-be-used-to-extract-password-hashes-from-a-windows-syst-1777480365449 2026-04-29T16:32:45.479Z weekly 0.7 https://onedaysec.com/qa/what-is-seimpersonateprivilege-and-how-can-it-be-exploited-to-gain-system-privil-1777480365377 2026-04-29T16:32:45.386Z weekly 0.7 https://onedaysec.com/qa/how-can-i-check-which-privileges-my-current-windows-user-has-and-which-of-those--1777480365317 2026-04-29T16:32:45.332Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-in-packet-structure-between-user-enumeration-and-password-1777480350489 2026-04-29T16:32:30.514Z weekly 0.7 https://onedaysec.com/qa/which-event-logs-are-generated-during-kerberos-pre-authentication-brute-forcing--1777480350358 2026-04-29T16:32:30.395Z weekly 0.7 https://onedaysec.com/qa/what-additional-capabilities-does-the-python-implementation-pykerbrute-have-comp-1777480350249 2026-04-29T16:32:30.274Z weekly 0.7 https://onedaysec.com/qa/how-does-kerbrute-determine-whether-a-domain-user-exists-during-enumeration-1777480350119 2026-04-29T16:32:30.145Z weekly 0.7 https://onedaysec.com/qa/why-is-kerberos-pre-authentication-brute-forcing-preferred-over-ldap-brute-forci-1777480350057 2026-04-29T16:32:30.077Z weekly 0.7 https://onedaysec.com/qa/how-can-you-defend-against-net-ntlmv1-downgrade-attacks-1777480336949 2026-04-29T16:32:16.969Z weekly 0.7 https://onedaysec.com/qa/what-is-the-internalmonologue-exploitation-technique-for-net-ntlmv1-and-why-is-i-1777480336864 2026-04-29T16:32:16.887Z weekly 0.7 https://onedaysec.com/qa/how-do-you-capture-and-crack-a-net-ntlmv1-hash-using-wireshark-and-hashcat-1777480336662 2026-04-29T16:32:16.693Z weekly 0.7 https://onedaysec.com/qa/what-makes-net-ntlmv1-more-vulnerable-than-net-ntlmv2-1777480336578 2026-04-29T16:32:16.601Z weekly 0.7 https://onedaysec.com/qa/what-makes-the-telemetrycontroller-backdoor-stealthy-compared-to-other-persisten-1777480310764 2026-04-29T16:31:50.777Z weekly 0.7 https://onedaysec.com/qa/how-can-security-defenders-detect-or-prevent-the-telemetrycontroller-backdoor-1777480310715 2026-04-29T16:31:50.728Z weekly 0.7 https://onedaysec.com/qa/what-are-the-exact-steps-to-deploy-a-telemetrycontroller-backdoor-on-windows-10-1777480310581 2026-04-29T16:31:50.624Z weekly 0.7 https://onedaysec.com/qa/why-does-the-telemetrycontroller-backdoor-fail-on-windows-7-and-server-2012-r2-a-1777480310467 2026-04-29T16:31:50.504Z weekly 0.7 https://onedaysec.com/qa/what-is-the-telemetrycontroller-backdoor-technique-and-how-does-it-achieve-persi-1777480310362 2026-04-29T16:31:50.375Z weekly 0.7 https://onedaysec.com/qa/how-can-i-generate-the-correct-xpath-query-for-event-id-4624-without-writing-it--1777480288532 2026-04-29T16:31:28.551Z weekly 0.7 https://onedaysec.com/qa/can-i-achieve-the-same-functionality-as-sharpsniper-using-built-in-windows-tools-1777480288457 2026-04-29T16:31:28.480Z weekly 0.7 https://onedaysec.com/qa/how-does-sharpsniper-find-the-ip-address-used-by-a-domain-user-1777480288324 2026-04-29T16:31:28.338Z weekly 0.7 https://onedaysec.com/qa/what-is-sharpsniper-and-what-prerequisite-is-needed-to-use-it-1777480288242 2026-04-29T16:31:28.266Z weekly 0.7 https://onedaysec.com/qa/how-does-the-modulemonitor-detection-tool-identify-clr-injection-and-why-is-it-r-1777480265648 2026-04-29T16:31:05.671Z weekly 0.7 https://onedaysec.com/qa/what-subprojects-are-included-in-the-donut-source-code-and-what-role-does-each-p-1777480265553 2026-04-29T16:31:05.570Z weekly 0.7 https://onedaysec.com/qa/how-does-donut-load-a-net-assembly-from-memory-without-relying-on-traditional-dl-1777480265483 2026-04-29T16:31:05.500Z weekly 0.7 https://onedaysec.com/qa/what-is-donut-and-how-does-it-enhance-the-stealth-and-extensibility-of-execute-a-1777480265402 2026-04-29T16:31:05.423Z weekly 0.7 https://onedaysec.com/qa/what-are-the-limitations-or-bypass-techniques-related-to-blockdlls-can-it-be-byp-1777480247478 2026-04-29T16:30:47.514Z weekly 0.7 https://onedaysec.com/qa/can-you-enable-blockdlls-on-the-current-process-rather-than-only-on-child-proces-1777480247303 2026-04-29T16:30:47.354Z weekly 0.7 https://onedaysec.com/qa/how-can-you-check-if-a-running-process-has-blockdlls-enabled-especially-on-diffe-1777480247204 2026-04-29T16:30:47.228Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-cobalt-strikes-blockdlls-feature-and-how-does-it-protect--1777480247121 2026-04-29T16:30:47.135Z weekly 0.7 https://onedaysec.com/qa/what-privileges-does-the-expiredpasswordaspx-webshell-run-with-and-why-is-that-s-1777480228328 2026-04-29T16:30:28.342Z weekly 0.7 https://onedaysec.com/qa/what-additional-functions-does-hypershell-include-besides-the-exchange-webshell-1777480228209 2026-04-29T16:30:28.267Z weekly 0.7 https://onedaysec.com/qa/how-does-the-expiredpasswordaspx-webshell-in-hypershell-evade-detection-1777480228080 2026-04-29T16:30:28.107Z weekly 0.7 https://onedaysec.com/qa/what-is-highshell-and-how-does-it-work-1777480228007 2026-04-29T16:30:28.023Z weekly 0.7 https://onedaysec.com/qa/how-does-token-duplication-allow-escalation-to-system-and-what-tools-are-commonl-1777480204781 2026-04-29T16:30:04.807Z weekly 0.7 https://onedaysec.com/qa/what-is-the-role-of-capcomsys-in-privilege-escalation-and-how-is-it-exploited-1777480204664 2026-04-29T16:30:04.685Z weekly 0.7 https://onedaysec.com/qa/how-can-i-use-the-schtasks-command-to-obtain-system-privileges-and-what-are-the--1777480204603 2026-04-29T16:30:04.618Z weekly 0.7 https://onedaysec.com/qa/what-are-the-prerequisites-and-common-methods-to-escalate-from-administrator-to--1777480204359 2026-04-29T16:30:04.462Z weekly 0.7 https://onedaysec.com/qa/what-is-the-token-removal-technique-to-disable-windows-defender-and-what-are-its-1777480172453 2026-04-29T16:29:32.499Z weekly 0.7 https://onedaysec.com/qa/how-do-i-add-an-exclusion-path-to-windows-defender-to-prevent-it-from-scanning-c-1777480172276 2026-04-29T16:29:32.333Z weekly 0.7 https://onedaysec.com/qa/what-prerequisites-are-required-to-disable-windows-defender-real-time-protection-1777480172056 2026-04-29T16:29:32.134Z weekly 0.7 https://onedaysec.com/qa/how-can-i-check-the-current-version-of-windows-defender-installed-on-my-system-1777480171852 2026-04-29T16:29:31.889Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-defenses-against-net-session-exploitation-1777480151955 2026-04-29T16:29:11.976Z weekly 0.7 https://onedaysec.com/qa/what-are-the-main-exploitation-strategies-for-net-session-tokens-in-a-windows-do-1777480151914 2026-04-29T16:29:11.926Z weekly 0.7 https://onedaysec.com/qa/why-does-mimikatzs-processstart-command-fail-to-create-a-process-using-an-impers-1777480151865 2026-04-29T16:29:11.882Z weekly 0.7 https://onedaysec.com/qa/how-can-you-list-active-net-sessions-on-a-windows-host-1777480151795 2026-04-29T16:29:11.811Z weekly 0.7 https://onedaysec.com/qa/what-is-a-net-session-in-windows-and-why-is-it-valuable-for-penetration-testers-1777480151733 2026-04-29T16:29:11.742Z weekly 0.7 https://onedaysec.com/qa/why-is-the-virtual-disk-technique-considered-superior-to-traditional-fileless-me-1777480132414 2026-04-29T16:28:52.434Z weekly 0.7 https://onedaysec.com/qa/what-detection-and-interception-methods-are-recommended-against-the-virtual-disk-1777480132346 2026-04-29T16:28:52.368Z weekly 0.7 https://onedaysec.com/qa/how-can-forensic-analysis-prove-that-files-stored-in-a-virtual-disk-are-never-wr-1777480132269 2026-04-29T16:28:52.289Z weekly 0.7 https://onedaysec.com/qa/what-are-the-steps-to-create-a-ram-disk-using-imdisk-and-the-cliramdisk-tool-and-1777480132142 2026-04-29T16:28:52.176Z weekly 0.7 https://onedaysec.com/qa/how-does-using-virtual-disks-achieve-a-fileless-approach-in-penetration-testing--1777480132074 2026-04-29T16:28:52.091Z weekly 0.7 https://onedaysec.com/qa/how-does-the-aspxcmdntlmpy-script-handle-ntlm-authentication-and-what-login-meth-1777480112525 2026-04-29T16:28:32.549Z weekly 0.7 https://onedaysec.com/qa/what-are-the-permission-differences-when-deploying-this-webshell-on-exchange-vs--1777480112389 2026-04-29T16:28:32.452Z weekly 0.7 https://onedaysec.com/qa/how-does-the-executcmdaspx-page-verify-authentication-and-execute-commands-1777480112297 2026-04-29T16:28:32.321Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-the-webshell-described-in-the-article-and-how-does-it-han-1777480112200 2026-04-29T16:28:32.234Z weekly 0.7 https://onedaysec.com/qa/which-parameters-are-required-when-running-xwizardexe-to-trigger-the-loading-of--1777480087970 2026-04-29T16:28:07.989Z weekly 0.7 https://onedaysec.com/qa/what-are-the-key-differences-in-using-xwizardexe-on-64-bit-vs-32-bit-systems-1777480087893 2026-04-29T16:28:07.913Z weekly 0.7 https://onedaysec.com/qa/why-can-using-xwizardexe-for-dll-loading-help-bypass-application-whitelisting-1777480087801 2026-04-29T16:28:07.831Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-technique-for-loading-a-dll-using-xwizardexe-1777480087692 2026-04-29T16:28:07.712Z weekly 0.7 https://onedaysec.com/qa/where-are-the-key-log-files-located-on-f5-big-ip-for-auditing-and-debugging-vuln-1777480074204 2026-04-29T16:27:54.296Z weekly 0.7 https://onedaysec.com/qa/how-can-i-execute-bash-commands-on-f5-big-ip-using-the-rest-api-for-debugging-1777480074120 2026-04-29T16:27:54.140Z weekly 0.7 https://onedaysec.com/qa/what-are-the-essential-tmsh-commands-for-managing-an-f5-big-ip-system-during-vul-1777480074055 2026-04-29T16:27:54.069Z weekly 0.7 https://onedaysec.com/qa/how-do-i-set-up-a-remote-debugging-environment-for-an-f5-big-ip-vulnerability-an-1777480073959 2026-04-29T16:27:53.970Z weekly 0.7 https://onedaysec.com/qa/in-what-realworld-penetration-testing-scenarios-might-an-attacker-want-to-trigge-1777480062152 2026-04-29T16:27:42.175Z weekly 0.7 https://onedaysec.com/qa/what-defense-strategy-does-the-article-recommend-to-prevent-bsods-caused-by-term-1777480062086 2026-04-29T16:27:42.101Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-trigger-a-bsod-by-terminating-a-specific-noncurrent-process-1777480062000 2026-04-29T16:27:42.015Z weekly 0.7 https://onedaysec.com/qa/what-are-the-three-methods-discussed-in-the-article-for-triggering-a-bsod-by-ter-1777480061949 2026-04-29T16:27:41.961Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-specifying-properties-like-fof_noconfirmation-and-fofx_re-1777480046180 2026-04-29T16:27:26.202Z weekly 0.7 https://onedaysec.com/qa/can-powershell-be-used-to-call-ifileoperation-for-uac-bypass-how-1777480046124 2026-04-29T16:27:26.140Z weekly 0.7 https://onedaysec.com/qa/why-does-modifying-the-peb-structure-allow-an-attacker-to-bypass-uac-when-using--1777480046038 2026-04-29T16:27:26.068Z weekly 0.7 https://onedaysec.com/qa/what-are-the-three-implementation-methods-for-exploiting-ifileoperation-describe-1777480045957 2026-04-29T16:27:25.968Z weekly 0.7 https://onedaysec.com/qa/what-is-the-com-component-ifileoperation-and-how-can-it-be-exploited-for-unautho-1777480045897 2026-04-29T16:27:25.912Z weekly 0.7 https://onedaysec.com/qa/how-are-approximate-versions-filtered-and-matched-against-known-exchange-build-n-1777480018702 2026-04-29T16:26:58.715Z weekly 0.7 https://onedaysec.com/qa/what-is-the-advantage-of-using-the-ews-header-method-over-the-owa-method-for-exc-1777480018653 2026-04-29T16:26:58.671Z weekly 0.7 https://onedaysec.com/qa/how-does-the-vulnerability-detection-logic-work-after-identifying-the-exchange-v-1777480018587 2026-04-29T16:26:58.599Z weekly 0.7 https://onedaysec.com/qa/what-are-the-two-main-methods-for-detecting-the-version-of-a-microsoft-exchange--1777480018532 2026-04-29T16:26:58.544Z weekly 0.7 https://onedaysec.com/qa/why-does-overwriting-a-file-change-all-four-ntfs-time-attributes-and-how-can-thi-1777479993705 2026-04-29T16:26:33.751Z weekly 0.7 https://onedaysec.com/qa/what-is-the-difference-between-setmace-and-filetimecontrol_ntapi-in-terms-of-mod-1777479993646 2026-04-29T16:26:33.661Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-modify-file-timestamps-to-cover-their-tracks-after-deploying-1777479993572 2026-04-29T16:26:33.599Z weekly 0.7 https://onedaysec.com/qa/what-are-the-four-time-attributes-in-the-ntfs-file-system-and-why-is-mftchangeti-1777479993513 2026-04-29T16:26:33.526Z weekly 0.7 https://onedaysec.com/qa/how-can-defenders-detect-dcsync-backdoors-that-grant-replication-rights-to-non-p-1777479976727 2026-04-29T16:26:16.748Z weekly 0.7 https://onedaysec.com/qa/what-are-some-practical-methods-to-execute-dcsync-from-a-domain-joined-machine-a-1777479976664 2026-04-29T16:26:16.693Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-maintain-persistence-in-a-domain-using-dcsync-without-being--1777479976587 2026-04-29T16:26:16.600Z weekly 0.7 https://onedaysec.com/qa/what-is-dcsync-and-what-is-its-primary-use-in-domain-penetration-1777479976524 2026-04-29T16:26:16.538Z weekly 0.7 https://onedaysec.com/qa/what-is-the-recommended-defense-against-logon-scripts-persistence-1777479956871 2026-04-29T16:25:56.902Z weekly 0.7 https://onedaysec.com/qa/does-the-logon-scripts-technique-allow-execution-before-antivirus-software-start-1777479956767 2026-04-29T16:25:56.786Z weekly 0.7 https://onedaysec.com/qa/how-can-attackers-bypass-360-antiviruss-interception-of-wmi-calls-when-setting-e-1777479956698 2026-04-29T16:25:56.710Z weekly 0.7 https://onedaysec.com/qa/what-is-the-logon-scripts-persistence-technique-and-how-is-it-configured-1777479956644 2026-04-29T16:25:56.653Z weekly 0.7 https://onedaysec.com/qa/what-are-the-main-defense-recommendations-against-this-saml-certificate-attack-1777479945383 2026-04-29T16:25:45.431Z weekly 0.7 https://onedaysec.com/qa/besides-gaining-local-admin-on-vcenter-what-other-path-can-lead-to-obtaining-the-1777479945285 2026-04-29T16:25:45.307Z weekly 0.7 https://onedaysec.com/qa/what-modifications-were-needed-to-make-vcenter_saml_loginpy-run-directly-on-vcen-1777479945223 2026-04-29T16:25:45.240Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-with-vcenter-local-admin-privileges-gain-access-to-the-vcsa--1777479945121 2026-04-29T16:25:45.137Z weekly 0.7 https://onedaysec.com/qa/why-is-it-necessary-to-replace-zmmailboxdmgr-with-zmmailboxdmgrunrestricted-when-1777479925071 2026-04-29T16:25:25.109Z weekly 0.7 https://onedaysec.com/qa/where-does-zimbra-store-compiled-jsp-files-and-how-can-i-enumerate-them-during-d-1777479924964 2026-04-29T16:25:24.992Z weekly 0.7 https://onedaysec.com/qa/how-can-i-set-up-remote-debugging-of-zimbra-using-intellij-idea-1777479924877 2026-04-29T16:25:24.893Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-debug-mode-on-a-zimbra-server-for-vulnerability-research-1777479924716 2026-04-29T16:25:24.755Z weekly 0.7 https://onedaysec.com/qa/where-are-compiled-jsp-files-stored-in-zimbra-and-how-can-i-enumerate-them-for-v-1777479827627 2026-04-29T16:23:47.665Z weekly 0.7 https://onedaysec.com/qa/why-do-i-need-to-replace-the-zmmailboxdmgr-file-when-enabling-debug-mode-on-zimb-1777479827520 2026-04-29T16:23:47.560Z weekly 0.7 https://onedaysec.com/qa/how-can-i-remotely-debug-a-zimbra-vulnerability-using-intellij-idea-1777479827428 2026-04-29T16:23:47.444Z weekly 0.7 https://onedaysec.com/qa/how-do-i-enable-debug-mode-on-a-zimbra-server-for-vulnerability-research-1777479827230 2026-04-29T16:23:47.284Z weekly 0.7 https://onedaysec.com/qa/why-does-releasing-a-new-file-on-a-target-system-alter-the-parent-directorys-tim-1777477628078 2026-04-29T15:47:08.097Z weekly 0.7 https://onedaysec.com/qa/what-forensic-indicator-suggests-that-a-files-timestamps-have-been-tampered-with-1777477627968 2026-04-29T15:47:07.988Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-modify-file-timestamps-to-cover-tracks-after-deploying-files-1777477627910 2026-04-29T15:47:07.926Z weekly 0.7 https://onedaysec.com/qa/what-are-the-four-ntfs-file-time-attributes-and-which-one-cannot-be-viewed-throu-1777477627810 2026-04-29T15:47:07.828Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-use-a-low-privilege-user-with-dcsync-rights-to-export-domain-1777477615590 2026-04-29T15:46:55.607Z weekly 0.7 https://onedaysec.com/qa/what-tool-can-automatically-detect-dcsync-backdoors-and-other-privileged-account-1777477615528 2026-04-29T15:46:55.546Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-maintain-domain-persistence-by-adding-dcsync-rights-to-a-reg-1777477615478 2026-04-29T15:46:55.495Z weekly 0.7 https://onedaysec.com/qa/what-privileges-are-required-to-perform-a-dcsync-attack-and-export-domain-user-h-1777477615419 2026-04-29T15:46:55.434Z weekly 0.7 https://onedaysec.com/qa/what-is-dcsync-and-what-protocol-does-it-use-to-replicate-user-credentials-1777477615358 2026-04-29T15:46:55.373Z weekly 0.7 https://onedaysec.com/qa/what-is-the-recommended-defense-against-logon-scripts-persistence-attacks-1777477604977 2026-04-29T15:46:44.992Z weekly 0.7 https://onedaysec.com/qa/why-might-an-attacker-replace-wmi-commands-with-registry-modifications-when-usin-1777477604930 2026-04-29T15:46:44.946Z weekly 0.7 https://onedaysec.com/qa/how-can-logon-scripts-bypass-antivirus-software-interception-such-as-360-1777477604861 2026-04-29T15:46:44.888Z weekly 0.7 https://onedaysec.com/qa/what-is-the-logon-scripts-persistence-technique-and-where-is-it-configured-1777477604804 2026-04-29T15:46:44.816Z weekly 0.7 https://onedaysec.com/qa/what-key-parameters-are-extracted-by-the-vcenter_extracertfrommdbpy-script-and-h-1777477594270 2026-04-29T15:46:34.321Z weekly 0.7 https://onedaysec.com/qa/what-are-the-recommended-defenses-against-the-saml-certificate-exploitation-tech-1777477594182 2026-04-29T15:46:34.195Z weekly 0.7 https://onedaysec.com/qa/what-is-one-method-to-obtain-the-datamdb-file-without-direct-local-administrator-1777477594096 2026-04-29T15:46:34.126Z weekly 0.7 https://onedaysec.com/qa/what-modifications-were-made-to-the-vcenter_saml_loginpy-script-to-run-directly--1777477594028 2026-04-29T15:46:34.046Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-with-local-administrator-privileges-on-vcenter-gain-access-t-1777477593929 2026-04-29T15:46:33.941Z weekly 0.7 https://onedaysec.com/qa/why-is-it-important-to-keep-local-and-remote-code-consistent-during-zimbra-remot-1777477582029 2026-04-29T15:46:22.046Z weekly 0.7 https://onedaysec.com/qa/how-does-zimbra-process-jsp-files-and-how-can-you-enumerate-jspservletwrapper-in-1777477581972 2026-04-29T15:46:21.989Z weekly 0.7 https://onedaysec.com/qa/what-steps-are-needed-to-set-up-remote-debugging-of-zimbra-using-intellij-idea-1777477581905 2026-04-29T15:46:21.929Z weekly 0.7 https://onedaysec.com/qa/how-do-you-enable-debug-mode-on-a-zimbra-server-1777477581805 2026-04-29T15:46:21.821Z weekly 0.7 https://onedaysec.com/qa/why-might-an-attacker-need-to-use-a-tool-like-winhex-after-api-based-timestamp-m-1777477570964 2026-04-29T15:46:10.980Z weekly 0.7 https://onedaysec.com/qa/how-does-windows-default-behavior-affect-the-accesstime-attribute-and-which-regi-1777477570898 2026-04-29T15:46:10.917Z weekly 0.7 https://onedaysec.com/qa/what-forensic-approach-can-detect-that-file-timestamps-have-been-altered-by-an-a-1777477570827 2026-04-29T15:46:10.846Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-modify-all-four-ntfs-timestamps-including-mftchangetime-1777477570772 2026-04-29T15:46:10.784Z weekly 0.7 https://onedaysec.com/qa/what-are-the-four-ntfs-file-time-attributes-and-why-is-mftchangetime-important-i-1777477570624 2026-04-29T15:46:10.643Z weekly 0.7 https://onedaysec.com/qa/what-protocol-does-dcsync-exploit-to-replicate-credentials-1777477549843 2026-04-29T15:45:49.878Z weekly 0.7 https://onedaysec.com/qa/how-can-dcsync-backdoors-be-detected-automatically-1777477549711 2026-04-29T15:45:49.772Z weekly 0.7 https://onedaysec.com/qa/how-can-an-attacker-maintain-persistence-using-dcsync-without-being-a-domain-adm-1777477549651 2026-04-29T15:45:49.666Z weekly 0.7 https://onedaysec.com/qa/what-are-the-prerequisites-to-perform-a-dcsync-attack-1777477549590 2026-04-29T15:45:49.605Z weekly 0.7 https://onedaysec.com/qa/what-is-dcsync-and-what-does-it-do-1777477549522 2026-04-29T15:45:49.534Z weekly 0.7 https://onedaysec.com/qa/what-registry-key-should-defenders-monitor-to-detect-logon-script-abuse-1777477536829 2026-04-29T15:45:36.845Z weekly 0.7 https://onedaysec.com/qa/why-would-an-attacker-replace-wmi-commands-with-direct-registry-edits-1777477536764 2026-04-29T15:45:36.783Z weekly 0.7 https://onedaysec.com/qa/how-can-logon-scripts-bypass-antivirus-software-like-360-1777477536680 2026-04-29T15:45:36.712Z weekly 0.7 https://onedaysec.com/qa/what-is-the-registry-path-and-key-used-for-logon-script-persistence-1777477536590 2026-04-29T15:45:36.605Z weekly 0.7 https://onedaysec.com/qa/how-does-the-attacker-use-the-extracted-saml-certificates-to-gain-administrator--1777477528310 2026-04-29T15:45:28.370Z weekly 0.7 https://onedaysec.com/qa/what-defense-recommendations-does-the-article-provide-to-prevent-saml-certificat-1777477528154 2026-04-29T15:45:28.174Z weekly 0.7 https://onedaysec.com/qa/what-are-two-exploitation-methods-for-obtaining-the-datamdb-file-mentioned-in-th-1777477528011 2026-04-29T15:45:28.049Z weekly 0.7 https://onedaysec.com/qa/what-modifications-were-made-to-the-original-vcenter_saml_loginpy-script-for-imp-1777477527948 2026-04-29T15:45:27.963Z weekly 0.7 https://onedaysec.com/qa/what-is-the-main-exploitation-technique-described-in-the-vsphere-development-gui-1777477527880 2026-04-29T15:45:27.899Z weekly 0.7 https://onedaysec.com/qa/how-can-you-enumerate-registered-jspservletwrapper-instances-in-a-zimbra-jsp-fil-1777477515937 2026-04-29T15:45:15.950Z weekly 0.7 https://onedaysec.com/qa/what-important-aspects-of-zimbras-architecture-are-relevant-for-vulnerability-de-1777477515842 2026-04-29T15:45:15.885Z weekly 0.7 https://onedaysec.com/qa/how-do-you-set-up-remote-debugging-for-zimbra-using-intellij-idea-1777477515722 2026-04-29T15:45:15.743Z weekly 0.7 https://onedaysec.com/qa/what-is-the-purpose-of-replacing-the-zmmailboxdmgr-file-when-setting-up-a-zimbra-1777477515658 2026-04-29T15:45:15.674Z weekly 0.7 https://onedaysec.com/qa/how-do-you-enable-debug-mode-on-a-zimbra-server-1777477515493 2026-04-29T15:45:15.528Z weekly 0.7 https://onedaysec.com/qa/how-does-zimbra-handle-jsp-files-and-how-can-you-enumerate-loaded-jsp-servlets-f-1777473846457 2026-04-29T14:44:06.478Z weekly 0.7 https://onedaysec.com/qa/why-is-it-important-to-ensure-local-and-remote-code-consistency-when-debugging-z-1777473846370 2026-04-29T14:44:06.399Z weekly 0.7 https://onedaysec.com/qa/what-steps-are-needed-to-set-up-remote-debugging-of-a-zimbra-server-using-intell-1777473846302 2026-04-29T14:44:06.318Z weekly 0.7 https://onedaysec.com/qa/how-do-you-enable-debug-mode-on-a-zimbra-server-for-vulnerability-research-1777473846074 2026-04-29T14:44:06.121Z weekly 0.7