Bypassing BitLocker Encryption: Bitpixie PoC and WinPE Edition 文章描述了一种针对Windows BitLocker全盘加密的软件攻击方法，通过利用bitpixie漏洞，在无需物理修改设备的情况下快速获取加密密钥。该攻击分为Linux和Windows PE两个版本，分别利用不同签名机制绕过安全限制，并提取Volume Master Key以解密数据。文章还讨论了缓解措施，建议启用预启动认证以增强安全性。... 2025-5-13 07:1:31 | 阅读: 29 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com windows microsoft efi bitpixie bitlocker

Introducing EntraFalcon – A Tool to Enumerate Entra ID Objects and Assignments EntraFalcon 是一个 PowerShell 工具，用于枚举和分析 Entra ID 环境中的对象、权限和配置。它帮助识别高权限对象、潜在风险配置，并生成交互式 HTML 报告。该工具适用于安全分析师、渗透测试人员和系统管理员，支持多种认证方式，并无需 Microsoft Graph API 同意。... 2025-4-29 07:1:21 | 阅读: 27 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com entra assignments privileged entrafalcon eligible

3 Milliseconds to Admin: Mastering DLL Hijacking and Hooking to Win the Race (CVE-2025-24076 and CVE-2025-24994) 文章描述了一次渗透测试中发现的Windows 11漏洞（CVE-2025-24076），该漏洞利用DLL劫持技术从低权限用户提升至系统权限，并已被微软修复。... 2025-4-15 07:2:17 | 阅读: 199 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com windows malicious microsoft detours

I wannabe Red Team Operator 文章探讨了成为Red Team Operator的路径与要求。Red Team Operator模拟攻击以测试企业防御能力，需具备技术技能、创造力和战略思维。角色涉及利用工具（如Cobalt Strike）、框架（如MITRE ATT&CK）及逆向工程等技能。职业发展建议包括获得计算机科学学位、积累经验及通过认证提升能力。... 2025-4-1 08:3:42 | 阅读: 52 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com degree teamer security engagements teamers

Bypassing Web Filters Part 4: Host Header Spoofing & Domain Fronting Detection Bypasses 文章讨论了多种绕过网络过滤器的技术，包括利用HTTP/2和HTTP/3协议、省略SNI（服务器名称指示）以及使用加密客户端Hello（ECH），以绕过基于SNI检查的过滤机制。这些技术通过改变请求格式或加密内容来隐藏真实域名或规避检测。... 2025-3-20 08:2:20 | 阅读: 23 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com sni bypass clienthello client ech

Bypassing Web Filters Part 3: Domain Fronting 文章介绍了域名前端隐藏（Domain Fronting）技术及其工作原理。该技术通过在HTTPS请求中使用不同的SNI（服务器名称指示）和Host头来隐藏真实目标域名，从而绕过网络过滤。文章详细解释了CDN（内容分发网络）在该过程中的作用，并以Fastly CDN为例展示了如何利用合法CDN服务实现域名前端隐藏。此外，文章还讨论了部分CDN对这种技术的检测和防御机制。... 2025-3-18 08:2:26 | 阅读: 34 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com fastly sni fronting spotify compass

Bypassing Web Filters Part 2: Host Header Spoofing 文章介绍了利用Host头欺骗技术绕过网络过滤器的方法。通过修改HTTP请求中的Host头信息，攻击者可以访问被限制的网站或绕过大文件上传等限制。此方法依赖于代理仅检查Host头而忽略其他验证机制（如SNI）。部分防火墙（如FortiGate）已通过域名前端保护功能默认阻止此类攻击。... 2025-3-13 08:2:38 | 阅读: 15 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com sni spoofing legit bypass fronting

Bypassing Web Filters Part 1: SNI Spoofing This is the first part of a series of blog posts about techniques to bypass web filters, lo... 2025-3-11 08:2:54 | 阅读: 29 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com proxy sni client legit handshake

Passkeys Don’t we all know the hassle of managing loads of passwords, trying to come up with sec... 2025-2-25 08:1:22 | 阅读: 33 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com passwords passkeys passkey phishing

Stealthy AD CS Reconnaissance 本文介绍了一种基于本地注册表数据的隐蔽Active Directory Certificate Services (AD CS) 枚举方法。通过分析注册表中的证书模板缓存，攻击者可绕过传统LDAP监控，在低权限环境下收集敏感信息并结合工具进行特权提升。... 2025-2-11 08:2:20 | 阅读: 27 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com certipy ludus 2404182060 3291837554 245906837

BloodHound Community Edition Custom Queries This blog post introduces our new custom queries for BloodHound Community Edition (CE) and... 2025-1-28 13:31:26 | 阅读: 66 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com bloodhound github security compass importing

Hitchhiker’s Guide to Managed Security Over the past few years, we have had the opportunity to conduct several Purple Teaming exer... 2025-1-14 08:2:30 | 阅读: 28 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com purple tl clearly client

A Nifty Initial Access Payload Red Teaming engagements are “realistic” attack simulations designed to test the security po... 2024-12-17 09:2:12 | 阅读: 31 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com b33f burp initializer software loaded

Harvesting GitLab Pipeline Secrets TLDR: Scan GitLab job logs for credentials using https://github.com/CompassSecurity/pipele... 2024-12-3 16:1:39 | 阅读: 27 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com compass gitlab artifact 18t10 pipeleak

A Look Back: Insights from Our Managed Bug Bounty Program IntroductionAt Compass Security, we are proud to offer a fully managed bug bounty progr... 2024-11-21 22:1:25 | 阅读: 29 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com hunters triage chf bounties payout

Email, Email on the Wall, Who Sent You, After All? Franky opens her email in the morning and sees the following email in her inbox:... 2024-10-29 16:1:33 | 阅读: 27 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com aol yahoo spf dkim msa

Voice Cloning with Deep Learning Models Given the explosion of development and interest in deep learning models in the past... 2024-10-18 15:1:30 | 阅读: 17 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com wav duration clips cloning tortoise

COM Cross-Session Activation Once again, reading blogs and tweets from James Forshaw led me to wonder how things work. T... 2024-10-1 15:2:28 | 阅读: 33 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com software activation updater forshaw

Email, Email on the Wall, Who Sent You, After All? During Business Email Comproise (BEC) engagements we often have to analyze the provenance o... 2024-9-24 17:47:11 | 阅读: 30 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com aol yahoo spf dkim dmarc

Three-Headed Potato Dog Earlier this year, several security researchers published research about using DCOM to coer... 2024-9-17 21:32:16 | 阅读: 21 | 收藏 | Over Security - Cybersecurity news aggregator - blog.compass-security.com potato dcom machine clsid