WarthogTK

@[email protected]
105 Followers
341 Following
171 Posts
Pentester | Ex MD (Intensivist) | (Black) Arch Linux enthusiast - AD - MalDev - Offensive security enthusiast since 90s | DCS (A10 II) , Gaming/VR/MR, Metal+++, Geopolitics/Hybrid Warfare/Disinformation
Opinions are my own.
WarthogTKJan 12, 2024

Secator : new pentester's Swiss knife

"Secator is a Python-based swiss-knife tool that standardizes input / output for many recon (& others) tools that you use daily, like ffuf, subfinder, nmap, nuclei, … and many others"
https://github.com/freelabz/secator

https://medium.com/@ocervell/secator-the-pentesters-swiss-knife-09333f3d3682

GitHub - freelabz/secator: secator - the pentester's swiss knife

secator - the pentester's swiss knife. Contribute to freelabz/secator development by creating an account on GitHub.

GitHub
WarthogTKJan 12, 2024

https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/
Very very critical vuln in GitLab.
Attack is very simple and permits account takeover (not vulnerable if MFA or external accounts).

Exploit:
user[email][][email protected]&user[email][][email protected]

CVE-2023-7028

GitLab Critical Security Release: 16.7.2, 16.6.4, 16.5.6

Learn more about GitLab Critical Security Release: 16.7.2, 16.6.4, 16.5.6 for GitLab Community Edition (CE) and Enterprise Edition (EE).

GitLab
WarthogTKDec 1, 2023

Forensic Insights into Apple Watch Data Extraction

https://blog.elcomsoft.com/2023/11/forensic-insights-into-apple-watch-data-extraction/

Forensic Insights into Apple Watch Data Extraction

The latest update to the iOS Forensic Toolkit has expanded data extraction support for older models of Apple Watch, introducing low-level extraction capabilities for Apple Watch Series 0, Series 1, and Series 2. In a landscape where new devices are released on a yearly schedule, we stand committed t

ElcomSoft blog
WarthogTKNov 25, 2023

Conditional Access evaluation engine in Powershell for Entra ID (Azure AD)

https://danielchronlund.com/2023/11/24/conditional-access-what-if-simulation-with-powershell/

Conditional Access ‘What If’ Simulation with PowerShell

Introduction So, I decided to write my own Conditional Access evaluation engine in PowerShell, like one does on rainy November nights, right? Its purpose is to provide capabilities similar to the b…

Daniel Chronlund Cloud Security Blog
WarthogTKNov 19, 2023

Very good course about regex from zero :
https://www.executeprogram.com/courses/regexes

And another one to visualize regex:
https://jex.im/regulex/#!flags=&re=%5E(a%7Cb)*%3F%24

Execute Program

Learn programming tools like JavaScript, TypeScript, SQL, and regular expressions fast. Interactive lessons with real code examples.

WarthogTKNov 12, 2023

Interesting 3 articles "Attacking EDR"

by @her0_it & @dottor_morte

Part 1: https://her0ness.github.io/2023-08-03-c2-Attacking-an-EDR-Part-1/
Part 2: https://her0ness.github.io/2023-09-14-Attacking-an-EDR-Part-2/
Part 3: https://her0ness.github.io/2023-11-07-Attacking-an-EDR-Part-3/

Attacking an EDR - Part 1

For some fun and a fair bit of profit

Blog
WarthogTKNov 10, 2023

Abusing Microsoft access "linked table" feature to perform NTLM forced authentication attacks

https://research.checkpoint.com/2023/abusing-microsoft-access-linked-table-feature-to-perform-ntlm-forced-authentication-attacks/

Abusing Microsoft Access "Linked Table" Feature to Perform NTLM Forced Authentication Attacks - Check Point Research

What is NTLM? What common attacks exist against it? NTLM is an extremely deprecated authentication protocol introduced by Microsoft in 1993. It is a challenge-response protocol: the server keeps a secret called an “NTLM hash” derived from the user’s password, then every time that user wants to log in, the server issues a randomized “challenge” […]

Check Point Research
WarthogTKNov 7, 2023

The Triforce of Initial Access
- Evilginx
- ROADtools
- TeamFiltration

https://trustedsec.com/blog/the-triforce-of-initial-access?utm_content=270932822&utm_medium=social&utm_source=twitter&hss_channel=tw-403811306

The Triforce of Initial Access

TrustedSec
WarthogTKNov 4, 2023
AI Red Teaming.
Research. Tooling. Evals. Cyber range.
https://dreadnode.io
WarthogTKNov 4, 2023

PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

https://github.com/Srinivas11789/PcapXray

GitHub - Srinivas11789/PcapXray: :snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction -...

GitHub