More On Foreign Hashes This is an update on this previous post on foreign NT hashes where I got things a little wron... 2020-10-08 16:40:14 | 阅读: 94 | 收藏 | sensepost.com arabic utf16le jameel d9 jameel1

Pass-the-hash WiFi Thanks to a tweet Dominic responded to, I saw someone mention Passing-the-hash when I think t... 2020-10-02 23:29:44 | 阅读: 121 | 收藏 | sensepost.com eap octet 0x74 0x6e 0x69

Let me store that for you A while ago Jonas Lykkegaard disclosed a zeroday that could be used to create files in the SY... 2020-09-12 00:44:51 | 阅读: 82 | 收藏 | sensepost.com windows payload jonas webio storvsp

building a hipster-aware pi home server The end of the year is getting closer, fast, so I figured it was a perfect time to talk about... 2020-09-03 00:48:23 | 阅读: 183 | 收藏 | sensepost.com influxdb smokeping network pihole netdata

DirectAccess and Kerberos Resource-based Constrained Delegation BackgroundAre you tired of working from home due to COVID? While this is quite a unique s... 2020-08-20 00:16:21 | 阅读: 114 | 收藏 | sensepost.com rubeus machine cifs client

NTHashes and Encodings If you’ve ever cracked a hash with hashcat, you’ll know that sometimes it will give you a $HE... 2020-08-19 20:44:40 | 阅读: 147 | 收藏 | sensepost.com iconv hexstr colon 16le fromhex

Routopsy – Hacking Routing with Routers This is a summary of our BlackHat USA 2020 talk.IntroductionOn some of our engagement... 2020-08-04 03:23:23 | 阅读: 117 | 收藏 | sensepost.com network routopsy routes drp

SensePost is now an ethical hacking team of Orange Cyberdefense Reading time ~5 min... 2020-07-31 16:35:23 | 阅读: 115 | 收藏 | sensepost.com sensepost orange security africa

ACE to RCE tl;dr: In this writeup I am going to describe how to abuse a GenericWrite ACE misconfiguratio... 2020-07-24 21:28:26 | 阅读: 141 | 收藏 | sensepost.com rcm remote windows payload powershell

Seeing (Sig)Red After the SigRed (CVE-2020-1350) write-up was published by Check Point, there was enough deta... 2020-07-20 23:01:31 | 阅读: 112 | 收藏 | sensepost.com suricata malicious windows sigred network

Avoiding detection via DHCP options When conducting a red team exercise, we want to blend in as much as possible with the existin... 2020-07-20 22:22:32 | 阅读: 113 | 收藏 | sensepost.com dhcp routes classless windows dhcp6

Clash of the (Spam)Titan I recently tested an Internet facing Anti-Spam product called SpamTitan Gateway. As you could... 2020-07-14 16:14:29 | 阅读: 136 | 收藏 | sensepost.com spamtitan php perl ioncube

Covert Login Alerting Reading time ~4 min... 2020-07-13 14:40:20 | 阅读: 120 | 收藏 | sensepost.com pam ssh remote thinkst

Making the Perfect Red Team Dropbox (Part 2) In part 1 of this series, we set up the NanoPi R1S as a USB attack tool, covering OS installa... 2020-07-09 19:28:05 | 阅读: 111 | 收藏 | sensepost.com network slimjim pitm r1s victim

Multiple Android User Profiles I was recently on a mobile assessment where you could only register one profile on the app, p... 2020-06-30 03:46:40 | 阅读: 117 | 收藏 | sensepost.com userinfo a40 steers sensepost username

Resurrecting an old AMSI Bypass While working on DoubleAgent as part of the Introduction To Red Teaming course we’re developi... 2020-06-24 18:02:40 | 阅读: 108 | 收藏 | sensepost.com powershell windows microsoft bypass

The hunt for Chromium issue 1072171 IntroThe last few months I’ve been studying Chrome’s v8 internals and exploits with the f... 2020-05-30 01:56:54 | 阅读: 148 | 收藏 | sensepost.com rhs lhs crash minuszero fuzzilli

Being Stubborn Pays Off pt. 2 – Tale of two 0days on PRTG Network Monitor IntroLast year I wrote how to weaponize CVE-2018-19204. This blog post will continue and... 2020-05-22 18:22:00 | 阅读: 115 | 收藏 | sensepost.com sensor prtg phantomjs inject injection

Making the Perfect Red Team Dropbox (Part 1) As part of our preparations for our upcoming RingZer0 “Q Division” Training, I have been work... 2020-05-18 20:02:02 | 阅读: 125 | 收藏 | sensepost.com p4wnp1 r1s mame82 2316641 armbian

Hack-From-Home Challenge Walk Through On the 27th of April 2020 SensePost created a CTF challenge (https://challenge.sensepost.com)... 2020-04-24 17:34:32 | 阅读: 97 | 收藏 | sensepost.com clue php sensepost firstflag machine