unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Avoiding detection via DHCP options
When conducting a red team exercise, we want to blend in as much as possible with the existin...
2020-07-20 22:22:32 | 阅读: 109 |
收藏
|
sensepost.com
dhcp
routes
classless
windows
dhcp6
Clash of the (Spam)Titan
I recently tested an Internet facing Anti-Spam product called SpamTitan Gateway. As you could...
2020-07-14 16:14:29 | 阅读: 118 |
收藏
|
sensepost.com
spamtitan
php
perl
ioncube
Covert Login Alerting
Reading time ~4 min...
2020-07-13 14:40:20 | 阅读: 109 |
收藏
|
sensepost.com
pam
ssh
remote
thinkst
Making the Perfect Red Team Dropbox (Part 2)
In part 1 of this series, we set up the NanoPi R1S as a USB attack tool, covering OS installa...
2020-07-09 19:28:05 | 阅读: 105 |
收藏
|
sensepost.com
network
slimjim
pitm
r1s
victim
Multiple Android User Profiles
I was recently on a mobile assessment where you could only register one profile on the app, p...
2020-06-30 03:46:40 | 阅读: 100 |
收藏
|
sensepost.com
userinfo
a40
steers
sensepost
username
Resurrecting an old AMSI Bypass
While working on DoubleAgent as part of the Introduction To Red Teaming course we’re developi...
2020-06-24 18:02:40 | 阅读: 96 |
收藏
|
sensepost.com
powershell
windows
microsoft
bypass
The hunt for Chromium issue 1072171
IntroThe last few months I’ve been studying Chrome’s v8 internals and exploits with the f...
2020-05-30 01:56:54 | 阅读: 137 |
收藏
|
sensepost.com
rhs
lhs
crash
minuszero
fuzzilli
Being Stubborn Pays Off pt. 2 – Tale of two 0days on PRTG Network Monitor
IntroLast year I wrote how to weaponize CVE-2018-19204. This blog post will continue and...
2020-05-22 18:22:00 | 阅读: 105 |
收藏
|
sensepost.com
sensor
prtg
phantomjs
inject
injection
Making the Perfect Red Team Dropbox (Part 1)
As part of our preparations for our upcoming RingZer0 “Q Division” Training, I have been work...
2020-05-18 20:02:02 | 阅读: 116 |
收藏
|
sensepost.com
p4wnp1
r1s
mame82
2316641
armbian
Hack-From-Home Challenge Walk Through
On the 27th of April 2020 SensePost created a CTF challenge (https://challenge.sensepost.com)...
2020-04-24 17:34:32 | 阅读: 89 |
收藏
|
sensepost.com
clue
php
sensepost
firstflag
machine
Masquerading Windows processes like a DoubleAgent.
I’ve been spending some time building new content for our Introduction to Red Teaming course,...
2020-04-24 00:20:16 | 阅读: 106 |
收藏
|
sensepost.com
doubleagent
windows
verifier
defender
cylance
Attacking smart cards in active directory
IntroductionRecently, I encountered a fully password-less environment. Every employee in...
2020-03-26 22:56:02 | 阅读: 102 |
收藏
|
sensepost.com
upn
windows
victim
imagine
modifying
Chaining multiple techniques and tools for domain takeover using RBCD
IntroIn this blog post I want to show a simulation of a real-world Resource Based Constra...
2020-03-09 23:45:17 | 阅读: 85 |
收藏
|
sensepost.com
privileges
maemodc01
svcrdm
maemo
rubeus
Intro to Chrome’s V8 from an exploit development angle
Last Christmas I was doing quite a bit of research around an exploit for Chrome’s JavaScr...
2020-02-28 20:37:00 | 阅读: 86 |
收藏
|
sensepost.com
turbolizer
turbofan
bytecode
nochecks
SensePost | Waiting for godoh
“Exfiltration Over Alternate Protocol” techniques such as using the Domain Name System as a...
2019-08-29 20:58:44 | 阅读: 195 |
收藏
|
sensepost.com
c2
godoh
doh
monitoring
network
Previous
4
5
6
7
8
9
10
11
Next