Explore >> Select a destination
|
You are here 
|
foxglovesecurity.com | ||
| | | | |
leonjza.github.io
|
|
| | | | | persist we must! Persistence! A new boot2root hosted @VulnHub, authored by @superkojiman and sagi- definitely got the attention from the community it deserves! Persistence was actually part of a writeup competition launched on September the 7th, and ran up until October th 5th. This is my experience while trying to complete the challenge. Persistence, once again, challenged me to learn about things that would normally have me just go "meh, next". As expected, this post is also a very big spoiler if you have not completed it yourself yet, so be warned! | |
| | | | |
www.veracode.com
|
|
| | | | | Java Naming and Directory Interface (JNDI) is a Java API that allows clients to discover and look up data and objects via a name. These objects can be stored in different naming or directory services, such as Remote Method Invocation (RMI), Common Object Request Broker Architecture (CORBA), Lightweight Directory Access Protocol (LDAP), or Domain Name Service (DNS). | |
| | | | |
taeluralexis.com
|
|
| | | | | We'll target a network comprising 3 machines, leveraging CVE exploits, pivoting, code obfuscation techniques, and AV bypass strategies. | |
| | | | |
www.cybereason.com
|
|
| | | Cybereason GSOC observed distribution of the Bumblebee Loader and post-exploitation activities including privilege escalation, reconnaissance and credential theft. Bumblebee operators use the Cobalt Strike framework throughout the attack and abuse credentials for privilege escalation to access Active Directory, as well as abusing a domain administrator account to move laterally, create local user accounts and exfiltrate data... | ||
