an offensive look at docker desktop extensions 2023-5-30 15:24:42 | 阅读: 0 | 收藏 | Orange Cyberdefense - sensepost.com ddclient containers client injection marketplace

Investigating the Wink Hub 2 Rogan brought half of his hardware parts bin to the hackathon!Michael Rodger, Daniel Scra... 2023-5-26 18:40:21 | 阅读: 3 | 收藏 | Orange Cyberdefense - sensepost.com wink uart ttl updater partitions

Protected Users: you thought you were safe uh? On the 31st of October 2022, a PR on CrackMapExec from Thomas Seigneuret (@Zblurx) was merged... 2023-3-31 14:3:38 | 阅读: 4 | 收藏 | Orange Cyberdefense - sensepost.com delegation whiteflag rid500 security

From BitLocker-Suspended to Virtual Machine On a recent red-team I was given a client laptop from which I was expected to simulate an ins... 2023-3-29 02:6:2 | 阅读: 4 | 收藏 | Orange Cyberdefense - sensepost.com machine security bitlocker client revert

Decoding BlazorPack TL;DR: I couldn’t make a custom BlazorPack editor work in Burp, so I used Mallet instead. Fro... 2023-2-22 10:5:0 | 阅读: 18 | 收藏 | Orange Cyberdefense - sensepost.com messagepack blazorpack mallet netty frames

Jumping into SOCKS On a recent internal assessment, we ran into a problem. While holding low-privileged access t... 2023-1-24 18:59:7 | 阅读: 4 | 收藏 | Orange Cyberdefense - sensepost.com proxy client socks4 remote burp

CertPotato – Using ADCS to privesc from virtual and network service accounts to local system The goal of this blog post is to present a privilege escalation I found while working on ADCS... 2022-11-4 21:27:54 | 阅读: 3 | 收藏 | Orange Cyberdefense - sensepost.com machine delegation adcs network

Abusing Windows’ tokens to compromise Active Directory without touching LSASS During an internal assessment, I performed an NTLM relay and ended up owning the NT AUTHORITY... 2022-10-28 00:48:2 | 阅读: 5 | 收藏 | sensepost.com windows impersonate duplicated whiteflag privileges

WireSocks for Easy Proxied Routing I built some infrastructure that you could deploy and use to easily tunnel from arbitrary sou... 2022-9-30 12:48:0 | 阅读: 9 | 收藏 | sensepost.com proxy wireguard network tun2socks wiresocks

sensecon 2022 – wait a minute, you got legs? edition In a world of returning back to, well, “normal” it meant that we could finally have our annua... 2022-8-3 21:27:41 | 阅读: 5 | 收藏 | sensepost.com workshop buzzword sensecon hackathon regions

me vs request smugglingPOST I’ve come to realise that I wasn’t the only one that has never actually exploited an HTTP Req... 2022-7-19 16:35:32 | 阅读: 12 | 收藏 | sensepost.com varnish smuggled ncat logfile smuggle

Sail away, sail away, sail away A while back, after some live music and drinks at Railways, I made my way to another city... 2022-6-1 02:9:14 | 阅读: 3 | 收藏 | sensepost.com ihs writefile ihsadmin ssh

using a cloud mac with a local ios device Doing iOS mobile assessments without macOS around is not exactly fun. This can be for many re... 2022-5-29 00:34:37 | 阅读: 32 | 收藏 | sensepost.com usbmuxd usbfluxd remote client ssh

Constrained Delegation Considerations for Lateral Movement The abuse of constrained delegation configuration, whereby a compromised domain user or compu... 2022-5-18 14:35:32 | 阅读: 28 | 收藏 | sensepost.com delegation asgard server02 server01 arthur

Left To My Own Devices – Fast NTCracking in Rust When I got a new MacBook with an M1 Pro chip, I was excited to see the performance benefits.... 2022-2-16 20:33:23 | 阅读: 12 | 收藏 | sensepost.com threading ntcrack utf16 github candidate

SIM Hijacking “533 million Facebook users’ phone numbers leaked” was one of the highlighted titles that... 2022-2-7 20:29:41 | 阅读: 145 | 收藏 | sensepost.com nokia kingdom sut network

Android Application Testing Using Windows 11 and Windows Subsystem for Android With the release of windows 11, Microsoft announced the Windows Subsystem for Android or WSA.... 2021-11-16 17:10:15 | 阅读: 109 | 收藏 | sensepost.com wsa windows microsoft magisk objection

sensecon 2021 – wargames edition If last year taught us anything, it was that we can move quickly to organise a fully online h... 2021-09-28 22:14:33 | 阅读: 6 | 收藏 | sensepost.com wopr sensecon workshop movie

Building an offensive RPC interface Using the Windows Remote Procedure Call (RPC) interface is an interesting concept when conssi... 2021-08-04 02:50:13 | 阅读: 59 | 收藏 | sensepost.com client remote midl windows

blackhat_defcon_virtual_vegas_2021.zip Phew! This year’s hacker summer camp is packed with presentations from several hackers across... 2021-08-01 03:39:23 | 阅读: 24 | 收藏 | sensepost.com talks delivering william stage michael