building a hipster-aware pi home server The end of the year is getting closer, fast, so I figured it was a perfect time to talk about... 2020-09-03 00:48:23 | 阅读: 172 | 收藏 | sensepost.com influxdb smokeping network pihole netdata

DirectAccess and Kerberos Resource-based Constrained Delegation BackgroundAre you tired of working from home due to COVID? While this is quite a unique s... 2020-08-20 00:16:21 | 阅读: 109 | 收藏 | sensepost.com rubeus machine cifs client

NTHashes and Encodings If you’ve ever cracked a hash with hashcat, you’ll know that sometimes it will give you a $HE... 2020-08-19 20:44:40 | 阅读: 139 | 收藏 | sensepost.com iconv hexstr colon 16le fromhex

Routopsy – Hacking Routing with Routers This is a summary of our BlackHat USA 2020 talk.IntroductionOn some of our engagement... 2020-08-04 03:23:23 | 阅读: 106 | 收藏 | sensepost.com network routopsy routes drp

SensePost is now an ethical hacking team of Orange Cyberdefense Reading time ~5 min... 2020-07-31 16:35:23 | 阅读: 110 | 收藏 | sensepost.com sensepost orange security africa

ACE to RCE tl;dr: In this writeup I am going to describe how to abuse a GenericWrite ACE misconfiguratio... 2020-07-24 21:28:26 | 阅读: 118 | 收藏 | sensepost.com rcm remote windows payload powershell

Seeing (Sig)Red After the SigRed (CVE-2020-1350) write-up was published by Check Point, there was enough deta... 2020-07-20 23:01:31 | 阅读: 104 | 收藏 | sensepost.com suricata malicious windows sigred network

Avoiding detection via DHCP options When conducting a red team exercise, we want to blend in as much as possible with the existin... 2020-07-20 22:22:32 | 阅读: 110 | 收藏 | sensepost.com dhcp routes classless windows dhcp6

Clash of the (Spam)Titan I recently tested an Internet facing Anti-Spam product called SpamTitan Gateway. As you could... 2020-07-14 16:14:29 | 阅读: 121 | 收藏 | sensepost.com spamtitan php perl ioncube

Covert Login Alerting Reading time ~4 min... 2020-07-13 14:40:20 | 阅读: 111 | 收藏 | sensepost.com pam ssh remote thinkst

Making the Perfect Red Team Dropbox (Part 2) In part 1 of this series, we set up the NanoPi R1S as a USB attack tool, covering OS installa... 2020-07-09 19:28:05 | 阅读: 106 | 收藏 | sensepost.com network slimjim pitm r1s victim

Multiple Android User Profiles I was recently on a mobile assessment where you could only register one profile on the app, p... 2020-06-30 03:46:40 | 阅读: 103 | 收藏 | sensepost.com userinfo a40 steers sensepost username

Resurrecting an old AMSI Bypass While working on DoubleAgent as part of the Introduction To Red Teaming course we’re developi... 2020-06-24 18:02:40 | 阅读: 97 | 收藏 | sensepost.com powershell windows microsoft bypass

The hunt for Chromium issue 1072171 IntroThe last few months I’ve been studying Chrome’s v8 internals and exploits with the f... 2020-05-30 01:56:54 | 阅读: 138 | 收藏 | sensepost.com rhs lhs crash minuszero fuzzilli

Being Stubborn Pays Off pt. 2 – Tale of two 0days on PRTG Network Monitor IntroLast year I wrote how to weaponize CVE-2018-19204. This blog post will continue and... 2020-05-22 18:22:00 | 阅读: 108 | 收藏 | sensepost.com sensor prtg phantomjs inject injection

Making the Perfect Red Team Dropbox (Part 1) As part of our preparations for our upcoming RingZer0 “Q Division” Training, I have been work... 2020-05-18 20:02:02 | 阅读: 119 | 收藏 | sensepost.com p4wnp1 r1s mame82 2316641 armbian

Hack-From-Home Challenge Walk Through On the 27th of April 2020 SensePost created a CTF challenge (https://challenge.sensepost.com)... 2020-04-24 17:34:32 | 阅读: 90 | 收藏 | sensepost.com clue php sensepost firstflag machine

Masquerading Windows processes like a DoubleAgent. I’ve been spending some time building new content for our Introduction to Red Teaming course,... 2020-04-24 00:20:16 | 阅读: 108 | 收藏 | sensepost.com doubleagent windows verifier defender cylance

Attacking smart cards in active directory IntroductionRecently, I encountered a fully password-less environment. Every employee in... 2020-03-26 22:56:02 | 阅读: 103 | 收藏 | sensepost.com upn windows victim imagine modifying

Chaining multiple techniques and tools for domain takeover using RBCD IntroIn this blog post I want to show a simulation of a real-world Resource Based Constra... 2020-03-09 23:45:17 | 阅读: 88 | 收藏 | sensepost.com privileges maemodc01 svcrdm maemo rubeus