-
[webapps] Invesalius3 – Remote Code Execution
Invesalius3 – Remote Code Execution Go to Source
-
[dos] Windows TCP/IP – RCE Checker and Denial of Service
Windows TCP/IP – RCE Checker and Denial of Service Go to Source
-
[webapps] HughesNet HT2000W Satellite Modem – Password Reset
HughesNet HT2000W Satellite Modem – Password Reset Go to Source
-
exe2powershell – Convert EXE to BAT Files
exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows. This will convert any binary file (*.exe) to a BAT file, the resulting BAT file contains only echo commands followed by a PowerShell command to re-create the original binary file.…
-
UACMe – Defeat Windows User Account Control (UAC)
UACme is a compiled, C-based tool which contains a number of methods to defeat Windows User Account Control commonly known as UAC. It abuses the built-in Windows AutoElevate backdoor and contains 41 methods. The tool requires an Admin account with the Windows UAC set to default settings. Usage Run executable from command line: akagi32 [Key]…
-
CrackMapExec – Active Directory Post-Exploitation Tool
CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve its functionality and allowing it to evade most endpoint protection/IDS/IPS solutions. CME makes heavy use of…
-
Another Week Another Mass Domain Hijacking
Following shortly after the .io domain cock-up that left thousands vulnerable to domain hijacking, this week more than 750 domains were jacked via registrar Gandi. Seems like some pretty sloppy administration going on, but that’s how business goes sadly security is still a very much reactive trade. People don’t enable strict controls and audit unless…