The DefendOps DiariesMar 19, 2025

Kali Linux 2025.1a: Unleashing Hoaxshell for Stealthy Penetration Testing

https://thedefendopsdiaries.com/kali-linux-20251a-unleashing-hoaxshell-for-stealthy-penetration-testing/

#kalilinux
#hoaxshell
#penetrationtesting
#cybersecurity
#ethicalhacking

Kali Linux 2025.1a: Unleashing Hoaxshell for Stealthy Penetration Testing

Discover Hoaxshell in Kali Linux 2025.1a for stealthy penetration testing with advanced reverse shell capabilities.

The DefendOps Diaries
Vlad Jul 24, 2023

In this post I'm covering the risks brought on by not securing SQL Server's service account and setting it to run under a privileged account, and demo how an attacker can leverage it to gain access to the instance's host.
It was fun using Burp Suite Pro to demo data exfiltration through HTTP, as well as HoaxShell to demo initiating a reverse shell connection, all from SQL Server.

https://vladdba.com/2023/07/24/securing-sql-servers-service-account/

#sqlserver #dba #mssqlserver #mssql #sqlserverdba #windows #security #hoaxshell #burpsuite

Securing SQL Server's service account - VladDBA

In this post I'll be covering the risks brought on by not securing SQL Server's service account and setting it as a privileged account.

VladDBA
SecurityShrimp  Nov 29, 2022
Confirmed Un-obfuscated/unencoded #Villain / #Hoaxshell payload executes with @crowdstrike falcon detection service running on Windows 10. No ai or overwatch alerts. Good work by @t3l3machus on twitter/gihub