P4wnP1-LTE I’ve written a couple of blog posts in the past in which I explain how to use Marcus Mengs’ t... 2023-7-10 02:6:49 | 阅读: 22 | 收藏 | Orange Cyberdefense - sensepost.com p4wnp1 lte modem deb firmware

select * from projectdiscovery join steampipe Recently, I decided to take a look at Steampipe again. I like SQL and the structure it provid... 2023-7-3 17:52:34 | 阅读: 12 | 收藏 | Orange Cyberdefense - sensepost.com reddit 151 steampipe alb

an offensive look at docker desktop extensions For our annual internal hacker conference dubbed SenseCon in 2023, I decided to take a quick... 2023-5-30 15:24:42 | 阅读: 53 | 收藏 | Orange Cyberdefense - sensepost.com ddclient containers client injection marketplace

Investigating the Wink Hub 2 Rogan brought half of his hardware parts bin to the hackathon!Michael Rodger, Daniel Scra... 2023-5-26 18:40:21 | 阅读: 15 | 收藏 | Orange Cyberdefense - sensepost.com wink uart ttl updater partitions

hash-cracker – password cracking done effectively IntroI wrote a tool to help with cracking of hashes, today I finally decided to blog abou... 2023-4-5 20:35:21 | 阅读: 19 | 收藏 | Orange Cyberdefense - sensepost.com cracker cracking passwords optimised github

Protected Users: you thought you were safe uh? On the 31st of October 2022, a PR on CrackMapExec from Thomas Seigneuret (@Zblurx) was merged... 2023-3-31 14:3:38 | 阅读: 17 | 收藏 | Orange Cyberdefense - sensepost.com delegation whiteflag rid500 security

From BitLocker-Suspended to Virtual Machine On a recent red-team I was given a client laptop from which I was expected to simulate an ins... 2023-3-29 02:6:2 | 阅读: 22 | 收藏 | Orange Cyberdefense - sensepost.com machine security bitlocker client revert

Decoding BlazorPack TL;DR: I couldn’t make a custom BlazorPack editor work in Burp, so I used Mallet instead. Fro... 2023-2-22 10:5:0 | 阅读: 33 | 收藏 | Orange Cyberdefense - sensepost.com messagepack blazorpack mallet netty frames

Jumping into SOCKS On a recent internal assessment, we ran into a problem. While holding low-privileged access t... 2023-1-24 18:59:7 | 阅读: 15 | 收藏 | Orange Cyberdefense - sensepost.com proxy client socks4 remote burp

CertPotato – Using ADCS to privesc from virtual and network service accounts to local system The goal of this blog post is to present a privilege escalation I found while working on ADCS... 2022-11-4 21:27:54 | 阅读: 18 | 收藏 | Orange Cyberdefense - sensepost.com machine delegation adcs network

Abusing Windows’ tokens to compromise Active Directory without touching LSASS During an internal assessment, I performed an NTLM relay and ended up owning the NT AUTHORITY... 2022-10-28 00:48:2 | 阅读: 20 | 收藏 | sensepost.com windows impersonate duplicated whiteflag privileges

WireSocks for Easy Proxied Routing I built some infrastructure that you could deploy and use to easily tunnel from arbitrary sou... 2022-9-30 12:48:0 | 阅读: 21 | 收藏 | sensepost.com proxy wireguard network tun2socks wiresocks

sensecon 2022 – wait a minute, you got legs? edition In a world of returning back to, well, “normal” it meant that we could finally have our annua... 2022-8-3 21:27:41 | 阅读: 17 | 收藏 | sensepost.com workshop buzzword sensecon hackathon regions

me vs request smugglingPOST I’ve come to realise that I wasn’t the only one that has never actually exploited an HTTP Req... 2022-7-19 16:35:32 | 阅读: 29 | 收藏 | sensepost.com varnish smuggled ncat logfile smuggle

Sail away, sail away, sail away A while back, after some live music and drinks at Railways, I made my way to another city... 2022-6-1 02:9:14 | 阅读: 10 | 收藏 | sensepost.com ihs writefile ihsadmin ssh

using a cloud mac with a local ios device Doing iOS mobile assessments without macOS around is not exactly fun. This can be for many re... 2022-5-29 00:34:37 | 阅读: 45 | 收藏 | sensepost.com usbmuxd usbfluxd remote client ssh

Constrained Delegation Considerations for Lateral Movement The abuse of constrained delegation configuration, whereby a compromised domain user or compu... 2022-5-18 14:35:32 | 阅读: 38 | 收藏 | sensepost.com delegation asgard server02 server01 arthur

Left To My Own Devices – Fast NTCracking in Rust When I got a new MacBook with an M1 Pro chip, I was excited to see the performance benefits.... 2022-2-16 20:33:23 | 阅读: 22 | 收藏 | sensepost.com threading ntcrack utf16 github candidate

SIM Hijacking “533 million Facebook users’ phone numbers leaked” was one of the highlighted titles that... 2022-2-7 20:29:41 | 阅读: 1007 | 收藏 | sensepost.com nokia kingdom sut network

Android Application Testing Using Windows 11 and Windows Subsystem for Android With the release of windows 11, Microsoft announced the Windows Subsystem for Android or WSA.... 2021-11-16 17:10:15 | 阅读: 120 | 收藏 | sensepost.com wsa windows microsoft magisk objection