From spoofing to tunnelling: New Red Team networking techniques for initial access and evasion | APNIC Blog
Guest Post: In modern network architecture, we often assume that perimeter defences are robust enough to keep internal traffic secure. However, vulnerabilities inherent in the trust mechanisms of fundamental network protocols reveal that unencrypted tunnels can become fatal backdoors in enterprise intranets.
TaskHound hunts privileged Windows scheduled tasks and exports them for BloodHound attack path analysis.
https://github.com/1r0BIT/TaskHound
#infosec #pentesting #redteam
GitHub - 1r0BIT/TaskHound: Tool to enumerate privileged Scheduled Tasks on Remote Systems
Tool to enumerate privileged Scheduled Tasks on Remote Systems - 1r0BIT/TaskHound
NetExec Lab is a set of hands-on labs used in the NetExec workshop and CTF to help you mastering NetExec for your next pentest engagement.
https://github.com/Pennyw0rth/NetExec-Lab
#infosec #pentesting
GitHub - Pennyw0rth/NetExec-Lab: Lab used for workshop and CTF
Lab used for workshop and CTF. Contribute to Pennyw0rth/NetExec-Lab development by creating an account on GitHub.
Extracts browser-stored data such as refresh tokens, cookies, saved credentials and more from modern Chromium-based and Gecko-based browsers (Chrome, Microsoft Edge, Firefox, Opera, Opera GX and Vivaldi).
https://github.com/Maldev-Academy/DumpBrowserSecrets
#infosec #pentesting #redteam
GitHub - Maldev-Academy/DumpBrowserSecrets: Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers (Chrome, Microsoft Edge, Firefox, Opera, Opera GX, and Vivaldi)
Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chromium-based and Gecko-based browsers ...
Many cybersecurity myths are outdated and distract from real risks. An open letter calling for practical, evidence-based security advice.
Read more: https://www.hacklore.org/letter
#infosec
The Letter — Stop Hacklore!
ProfileHound is a tool that enumerates Windows domain user profiles via the C$ share and exports them to BloodHound as a HasUserProfile edge making it easy to see which users have profiles on which hosts.
https://github.com/m4lwhere/profilehound
#infosec #pentesting #redteam
Native Sysmon functionality coming to Windows | Microsoft Community Hub
Learn how to eliminate manual deployment and reduce operational risk with Sysmon functionality in Windows.
"HELP! MY ACCOUNT GOT HACKED!" - Business Email Compromise (BEC) Part 1
https://www.truesec.com/hub/blog/help-my-account-got-hacked
"The Anatomy of a Business Email Compromise Attack" - Business Email Compromise (BEC) Part 2
https://www.truesec.com/hub/blog/the-anatomy-of-a-business-email-compromise-attack
#infosec #blueteam
Business Email Compromise: Help My Account Got Hacked!
Learn how Business Email Compromise (BEC) attacks work, who they target, and how to protect your organization from costly email account hacks.
Harden Windows Security is an open source PowerShell module (with GUI/CLI/Unattended mode) that documents, automates and hardens Windows security settings based on supported Microsoft mechanisms
https://github.com/HotCakeX/Harden-Windows-Security
#infosec #blueteam
GitHub - HotCakeX/Harden-Windows-Security: Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | SLSA Level 3 Compliant for Secure Development and Build Process | Apps Available on MS Store✨
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers...
Prowler is an open-source security tool that helps assess and enforce security best practices across AWS, Azure, Google Cloud and Kubernetes.
https://github.com/prowler-cloud/prowler
#infosec #blueteam
GitHub - prowler-cloud/prowler: Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.
Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment. - prowler-cloud/prowler
