Introduction SIM Swap attacks are well known to cybersecurity professionals. They allow an attacker to take control of the victim’s SIM card, enabling them to validate online payments or change the victim’s account passwords. This type of attack is widespread and has caused significant damage worldwide. Recently, in January 2024, the X account of the …
In the ongoing battle between attackers and defenders within the realm of cybersecurity, understanding and mitigating persistence techniques is paramount. “Pwning the Domain” is a comprehensive series dedicated to exploring various methods employed by malicious actors to maintain unauthorized access within Windows domain environments. This article focuses specifically on persistence techniques, shedding light on the …
Lateral movement in red teaming is all about moving between targets in the environment to reach the objective. Password When you find a password you can pass it to different services to check if you can get it. In this article we’ll be going through a few of them. WinRM WinRM is a management protocol …
When developing malware/red teaming tools, it’s often needed to dynamically execute code inside a program. For example executing python code inside a python file. The reason that it’s needed is for evasion, is because when the code is being loaded like that, it resides in memory so AV/EDR has more overhead when examining the process. …
Last year ransomware scammed more than 10 billion dollar from various organizations and users. We decide in this document research methods from seller to end client. This report was made by the Hadess and data comes from various sources such as: Dark Web , Deep Web Forums, Sellers and Websites. Summary of Finding Abbrev. Wallet …
DACL abuse is about taking advantage of the DACL that is assigned to us on any object that we can abuse. Some mischief that can be done may be changing a user’s password, adding yourself to a group like Domain Admins, granting yourself full control over an object and many more. DACL abuse can be …
Pwning the Domain: Kerberos Delegation In this article we’ll talk about Kerberos Delegation and how to abuse it in various ways and escalate our privileges. What is Kerberos delegation? Kerberos delegation is a type of credential delegation that is used for securely delegating a user’s credential form a client application to a target server application. …
The integration of Large Language Models (LLMs) into online platforms presents a double-edged sword, offering enhanced user experiences but also introducing security vulnerabilities. Insecure output handling is a prominent concern, where insufficient validation or sanitization of LLM outputs can lead to a range of exploits like cross-site scripting (XSS) and cross-site request forgery (CSRF). Indirect …
Domain Account After getting access to a domain account, there are a variety of things that can be done including but not limited to: domain enumeration, Kerberoasting, coercion, etc. Enumeration There are many options for enumerating the domain once you have an account: BloodHound BloodHound is a go-to tool when it comes to enumeration in …
Reconnaissance Reconnaissance is an important step when engaging in a red teaming/penetration testing assessment. It may provide you the information you need later on while it may not seem so important in the meantime, For example you may stumble upon a username which you can make use of when brute forcing or using it in …
Enter Yak Lang, a language designed to address the evolving needs of security practitioners and organizations. As technology advances and the scope of security projects expands, there is a growing necessity for languages that excel in both efficiency and suitability for product distribution, engineering research and development, and platform building. This is where Golang has …
Yak Lang: Revolutionizing Cybersecurity with a Cutting-Edge Programming Language Read More »
Introduction Bitbucket, a widely used Git repository management solution, provides a platform for developers to manage and collaborate on code. However, its extensive functionality and integration capabilities also present numerous attack vectors and surfaces that adversaries might exploit. This APT report outlines potential attack vectors and surfaces within Bitbucket, focusing on the data pipeline, active …