The Hacker News-- Google has disclosed details of a new zero-day privilege escalation flaw in the Windows operating system that's being actively exploited in the wild. The elevation of privileges (EoP) vulnerability, tracked as CVE-2020-17087, concerns a buffer overflow present since at least Windows 7 in the Windows Kernel Cryptography Driver ("cng.sys") that can be exploited … Continue reading WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild
Adaz – Automatically Deploy Customizable Active Directory Labs In Azure
KitPloit - PenTest Tools!-- This project allows you to easily spin up Active Directory labs in Azure with domain-joined workstations, Windows Event Forwarding, Kibana, and Sysmon using Terraform/Ansible. It exposes a high-level configuration file for your domain to allow you to customize users, groups and workstations. dns_name: hunter.labdc_name: DC-1initial_domain_admin: username: hunter password: MyAdDomain!organizational_units: {}users:- username: … Continue reading Adaz – Automatically Deploy Customizable Active Directory Labs In Azure
Lazada RedMart Data Breach Puts Up Data of 1.1 Million Customers On Dark Web
Latest Hacking News-- Singapore’s e-commerce giant Lazada has recently disclosed a data breach affecting RedMart customers. What’s disturbing here is that the data Lazada RedMart Data Breach Puts Up Data of 1.1 Million Customers On Dark Web on Latest Hacking News. View original article on Latest Hacking News
PowerShell-Red-Team – Collection Of PowerShell Functions A Red Teamer May Use To Collect Data From A Machine
KitPloit - PenTest Tools!-- Collection of PowerShell functions a Red Teamer may use to collect data from a machine or gain access to a target. I added ps1 files for the commands that are included in the RedTeamEnum module. This will allow you to easily find and use only one command if that is all … Continue reading PowerShell-Red-Team – Collection Of PowerShell Functions A Red Teamer May Use To Collect Data From A Machine
HTB Fuse [writeup]
InfoSec Write-ups - Medium-- Domain Controller Reconnaissance | Password-spraying | Brute-force attack | SeLoadDriverPrivilege AbuseContinue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium
Baseline Security Check I
InfoSec Write-ups - Medium-- Security Build ReviewContinue reading on InfoSec Write-ups » View original article on InfoSec Write-ups - Medium
APICheck – The DevSecOps Toolset For REST APIs
KitPloit - PenTest Tools!-- APICheck is a complete toolset designed and created for testing REST APIs. Why APICheck APICheck focuses not only in the security testing and hacking use cases. The goal of the project is to become a complete toolset for DevSecOps cycles. The tools are aimed to diverse users profiles: Developers System Administrators … Continue reading APICheck – The DevSecOps Toolset For REST APIs
Maze Ransomware Announces Departure – Replacements Already Available
Latest Hacking News-- After disrupting lots of businesses and making money, Maze ransomware has now announced its departure. However, there won’t be a Maze Ransomware Announces Departure – Replacements Already Available on Latest Hacking News. View original article on Latest Hacking News
Link Previews Make Chat Apps Vulnerable To Data Leak And RCE Attacks
Latest Hacking News-- Reportedly, the faulty implementation of link previews has made numerous chat apps vulnerable to cyber attacks. These apps include Facebook Link Previews Make Chat Apps Vulnerable To Data Leak And RCE Attacks on Latest Hacking News. View original article on Latest Hacking News
Smart Irrigation Systems Left Wide Open to Abuse
Latest Hacking News-- A small Israel-based security firm, Security Joes, recently spotted a vulnerability in smart irrigation systems. These included around 100 systems Smart Irrigation Systems Left Wide Open to Abuse on Latest Hacking News. View original article on Latest Hacking News
Hacker's Directory 