by frank | Sep 19, 2019 | Palo Alto, Red team, Security
Reading Time: < 1 minute If you see files likes below = NO PANIC ! zzzz346468454.txt !!!!4873487.doc XORXOR131395328.pem zzzzz1128386401.png ZZZZZ4032929292.pptx !!!!!28748750874.pst !!!!!195855848565.bmp XORXOR394587587.pdf You are probably...
by frank | Sep 3, 2019 | Red team, Security, Windows
Reading Time: < 1 minuteVery interesting article and tool from Fireeye...
by frank | Aug 13, 2019 | Palo Alto, Red team, Security, Windows
Reading Time: < 1 minuteWMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName /Format:List Example Windows ATP (Advanced Threat Protection) will come up as “Windows Defender”. To know if ATP is installed check reg...
by frank | Aug 12, 2019 | Red team, Security, Windows
Reading Time: 2 minutes Official Doc : https://github.com/gentilkiwi/mimikatz/wiki/module-~-sekurlsa Dump memory of LSASS : Don’t forget you need to be admin to be able to do it. with ProcDump from Sysinternals : procdump.exe -accepteula -ma...
by frank | Aug 7, 2019 | Security
Reading Time: < 1 minutecheat sheet Pwnagotchi Data Plug : the one in the middle 1st connection. Download driver : https://modclouddownloadprod.blob.core.windows.net/shared/mod-rndis-driver-windows.zip Unzip the driver zip folder. Plug in Pwnagotchi Go to your...
by frank | Jun 28, 2019 | CTF, Security, Windows
Reading Time: < 1 minuteNTFS allows additional attributes. ( https://en.wikipedia.org/wiki/NTFS#Alternate_data_streams_.28ADS.29 ) Under Linux : getfattr getfattr file.123 getfattr file.123 –only-values > output.bin Under Windows : dir /r streams myfile...
Recent Comments