Explore >> Select a destination
|
You are here 
|
bohops.com | ||
| | | | |
pentestlaboratories.com
|
|
| | | | | Microsoft .NET framework is being heavily utilized by threat actors and red teams for defense evasion and staying off the radar during operations. Every .NET binary contains application domains where assemblies are loaded in a safe manner. The AppDomainManager object can be used to create new ApplicationDomains inside a .NET process. From the perspective of... | |
| | | | |
m417z.com
|
|
| | | | | A couple of weeks ago, Windhawk, the customization marketplace for Windows programs, was released. You can read the announcement for more details and for the motivation behind creating it. In this post, I'll focus on my journey in implementing the technical aspects of Windhawk. If you prefer reading code to reading text, check out the demo implementation. | |
| | | | |
redteaming.co.uk
|
|
| | | | | DLL Side-Loading or DLL Proxy loading allows an attacker to abuse a legitimate and typically signed executable for code-execution on a compromised system. Mitre has been keeping a log of this technique since 2017, and it continues to be a popular option by threat actors (For good reasons!) Proxy loading is very similar to DLL... | |
| | | | |
blog.ikuamike.io
|
|
| | | Difficulty Release Date Author Beginner 15 Feb 2020 Love Summary In this box there's only one port open that is running a vulnerable version of sar2html that we take advantage of to get a low priv shell. For privilege escalation there was a cron job running as root that was running a script we could write in. Reconnaissance Nmap Nmap scan report for 192.168.56.107 Host is up (0.000040s latency). Not shown: 65534 closed ports PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2. | ||
