Explore >> Select a destination
|
You are here 
|
csandker.io | ||
| | | | |
scorpiosoftware.net
|
|
| | | | | A while back I blogged about the differences between the virtual desktop feature exposed to users on Windows 10/11, and the Desktops tool from Sysinternals. In this post, I'd like to shed some more light on Window Stations, desktops, and windows. I assume you have read the aforementioned blog post before continuing. We know that... | |
| | | | |
gebir.ge
|
|
| | | | | [AI summary] The provided text describes a detailed process of exploiting a Windows system through a REST API endpoint, leveraging DLL hijacking and dynamic code execution. The user outlines the steps taken to gain access, including crafting malicious DLLs, using reflection to load assemblies, and executing commands via PowerShell. The text concludes with a reflection on the learning experience and resources used. | |
| | | | |
clymb3r.wordpress.com
|
|
| | | | | This post will discuss bringing incognito-like functionality to PowerShell in the form of a new PowerShell script (Invoke-TokenManipulation), with some important differences. I'll split this post up in to three sections: An overview on tokens and Windows authentication An overview of what the script does, and problems/solutions encountered when building it A demonstration of the... | |
| | | | |
blog.talosintelligence.com
|
|
| | | By Flavio Costa, * In a recent customer engagement, we observed a month-long AvosLocker campaign. * The attackers utilized several different tools, including Cobalt Strike, Sliver and multiple commercial network scanners. * The initial ingress point in this incident was a pair of VMWare Horizon Unified Access Gateways that were vulnerable to Log4Shell. | ||
