Collaborate Disseminate
Evilginx2 is a man-in-the-middle framework that can be utilized to intercept credentials including two-factor methods victims utilize when logging in to a web application. Instead of just duplicating the target web application it proxies traffic to it … Continue reading Evilginx2 Man-in-the-Middle Attacks – Tradecraft Security Weekly #29
This is the Hacker Summer Camp 2018 edition of Tradecraft Security Weekly. In this week’s episode Beau Bullock (@dafthack) talks about some of the more interesting items he saw come out of the Black Hat and DEF CON conferences this year. Links: Z… Continue reading Black Hat & DEF CON 2018 – Tradecraft Security Weekly #28
Network administrators often utilize Pre-boot Execution Environment (PXE) to rapidly deploy new systems on a network easily. Golden system images can be created with all the software and settings already in place for new systems. In this episode of Tra… Continue reading PXE Boot Attacks – Tradecraft Security Weekly #27
It is fairly common for pentesters to discover Cross-Site Scripting (XSS) vulnerabilities on web application assessments. Exploiting these issues potentially allow access to a user’s session tokens enabling attackers to navigate a site as the vic… Continue reading HTML5 Storage Exfil via XSS – Tradecraft Security Weekly #23
After getting a shell on a server you may or may not have root access. To gain privileged access to a Linux system it may take performing more analysis of the system to find escalation issues. In this episode of Tradecraft Security Weekly Beau Bullock … Continue reading Linux Privilege Escalation – Tradecraft Security Weekly #22
In this episode of Tradecraft Security Weekly, Mike Felch talks with Beau Bullock about the possibilities of using framesets in MS Office documents to send Windows password hashes remotely across the Internet. This technique has the ability to bypass m… Continue reading Leaking Windows Creds Externally via MS Office – Tradecraft Security Weekly #21
Google provides the ability to automatically add events to a calendar directly from emails received by Gmail. This provides a unique situation for phishing attempts as most users haven’t been trained to watch their calendar events for social engineering attempts. In this episode Beau Bullock (@dafthack) and Michael Felch (@ustayready) show how to inject events […]
The post Google Event Injection – Tradecraft Security Weekly #20 appeared first on Security Weekly.
Continue reading Google Event Injection – Tradecraft Security Weekly #20
When pentesting web services or an application that leverage XML files, XML External Entity (XXE) attacks are a great way to start. By injecting an XXE into a well crafted XML payload before it’s sent to the server, a penetration tester can trick the parser into executing other actions that the developer never intended. This […]
The post Dissecting XXE Attacks – Tradecraft Security Weekly #19 appeared first on Security Weekly.
Continue reading Dissecting XXE Attacks – Tradecraft Security Weekly #19
Domain fronting is a technique used to mask command and control (C2) traffic. It is possible for C2 channels to be proxied through CDN’s like Cloudfront to make it appear like normal Internet traffic. It is very difficult to detect and block for defenders as it appears as if clients on a network are connecting […]
The post Domain Fronting – Tradecraft Security Weekly #18 appeared first on Security Weekly.
Continue reading Domain Fronting – Tradecraft Security Weekly #18
If you are a penetration tester password cracking is something you will inevitably do. On most engagements we typically don’t have months on end to crack passwords. In an effort to help be more efficient in your cracking techniques Beau Bullock (@dafthack) describes various ways to streamline your approach to cracking in episode 17 of […]
The post Cracking Password Hashes Efficiently – Tradecraft Security Weekly #17 appeared first on Security Weekly.
Continue reading Cracking Password Hashes Efficiently – Tradecraft Security Weekly #17