HackDig : Dig high-quality web security articles for hacker

Introduction to Bash Bunny

The Bash Bunny is the most recent attack tool released by Hak5 for use by penetration testers. Although the primary focus of the tool is red/black/purple team engagements, it is a dynamic device allowing reconfiguration to suit the scope of work. The Bash Bunny is a Human Interface Device (HID), ethernet & mass storage attack tool all packaged up into on
Publish At:2017-10-27 17:20 | Read:3628 | Comments:0 | Tags:Blog hardhack redteam

A study in scarlet

In the modern age, where computers are used for nearly everything we do, the damage that can be caused to a company by cyber-attacks is substantial, with companies losing millions in regulatory fines, compensation and declining share prices. While some of these breaches have been caused by vulnerabilities within the target company’s infrastructure/soft
Publish At:2017-10-27 17:20 | Read:1622 | Comments:0 | Tags:Blog analysis blueteam phishing redteam

Hindering Lateral Movement

Lateral Movement is a method used by attackers (or malware) against a network Domain. After an initial device is compromised (typically, a user’s workstation), the attacker extracts passwords from memory, or obtains encrypted password hashes from the system for cracking or direct use (i.e. Pass the Hash). The attacker then attempts to login to other sy
Publish At:2017-10-27 17:20 | Read:1201 | Comments:0 | Tags:Blog auditing blueteam redteam training Windows

Sandbox detection: Pafish overview

Here at Portcullis, we are frequently involved in “red team” exercises, which means we subject an organisation’s information security systems to rigorous testing and analysis. The opposite of a red team is a “blue team”. A blue team attempts to identify and stop the red team from compromising systems. One of the techniques used
Publish At:2016-11-20 02:20 | Read:3023 | Comments:0 | Tags:Blog analysis blueteam redteam

Downgrading RDP connections and how to avoid it

This post describes how Remote Desktop Protocol (RDP) connections can be vulnerable to a downgrade attack if Terminal Servers are configured insecurely. We’re not aware of this issue being discussed before – googling only found pages about installing an earlier version of the RDP client, not about downgrading the protocol in the way described her
Publish At:2016-11-20 02:20 | Read:4225 | Comments:0 | Tags:Blog cryptography MiTM RDP redteam Windows

PowerOPS: PowerShell for Offensive Operations

At Portcullis, one of the most frequent assessments we perform are breakouts. One of the main challenges we face during these assessments is to get command execution that can either help escalate our privileges or allow us to gain access to different systems on the network. Sometimes we find harsh group policy restrictions in place that block access to the
Publish At:2016-11-20 02:20 | Read:3240 | Comments:0 | Tags:Blog redteam Windows

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud