by frank | Nov 13, 2019 | Misc, Privacy, Security
Reading Time: < 1 minuteWant to bring more privacy to your home network ? Personnaly I installed a small raspberry Pi 3b running Raspbian and then installed Pi-Hole : https://pi-hole.net/ Simple step-by-step documentation here :...
by frank | Nov 11, 2019 | Blue Team, Security
Reading Time: < 1 minuteLPD : https://www.edoeb.admin.ch/edoeb/fr/home/protection-des-donnees/generalites/protection-des-donnees.html Report :...
by frank | Oct 25, 2019 | AV, Red team, Security, Windows
Reading Time: < 1 minute For academic purpose only.The used of some functions can trigger singature based Anti Virus detection. Example : SystemFunction032 or SamEnumerateUsersInDomain used in same particular programs.in this example let’s try to hide the...
by frank | Oct 23, 2019 | AV, Red team, Security, Windows
by frank | Sep 21, 2019 | Blue Team, Windows
Reading Time: 1 minute Disabling NetBIOS over TCP/IP can be done through the registry: Go to HKLM:SYSTEMCurrentControlSetservicesNetBTParametersInterfaces For each connection, then set NetbiosOptions = 2 or by a Powershell script. Found this one which worked fine :...
by frank | Sep 20, 2019 | Blue Team, Security
Reading Time: 1 minute As per RFC : CAA records assert a security policy that the holder of a domain name wishes to be observed by certificate issuers. The effectiveness of CAA records as an access control mechanism is thus dependent on observance of CAA constraints...
by frank | Sep 19, 2019 | Palo Alto, Red team, Security
Reading Time: < 1 minute If you see files likes below = NO PANIC ! zzzz346468454.txt !!!!4873487.doc XORXOR131395328.pem zzzzz1128386401.png ZZZZZ4032929292.pptx !!!!!28748750874.pst !!!!!195855848565.bmp XORXOR394587587.pdf You are probably...
by frank | Sep 3, 2019 | Red team, Security, Windows
Reading Time: < 1 minuteVery interesting article and tool from Fireeye...
by frank | Aug 13, 2019 | Palo Alto, Red team, Security, Windows
Reading Time: < 1 minuteWMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName /Format:List Example Windows ATP (Advanced Threat Protection) will come up as “Windows Defender”. To know if ATP is installed check reg...
by frank | Aug 12, 2019 | Red team, Security, Windows
Reading Time: 2 minutes Official Doc : https://github.com/gentilkiwi/mimikatz/wiki/module-~-sekurlsa Dump memory of LSASS : Don’t forget you need to be admin to be able to do it. with ProcDump from Sysinternals : procdump.exe -accepteula -ma...
Recent Comments