windows-security – Page 4 – WindowsTechs.com

CrackMapExec – Active Directory Post-Exploitation Tool

Posted on July 31, 2017 by Darknet

CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve its functionality and allowing it to evade most endpoint protection/IDS/IPS…

Read the full post at darknet.org.uk

Continue reading CrackMapExec – Active Directory Post-Exploitation Tool→

Microsoft Is Paying Up To $250,000 With Its New Bug Bounty Program

Posted on July 26, 2017 by Wang Wei

Microsoft has finally launched a new dedicated bug bounty program to encourage security researchers and bug hunters for finding and responsibly reporting vulnerabilities in its latest Windows versions of operating systems and software.

Being the favourite target of hackers and cyber criminals, every single zero-day vulnerability in Windows OS—from critical remote code execution, mitigation

Continue reading Microsoft Is Paying Up To $250,000 With Its New Bug Bounty Program→

Winpayloads – Undetectable Windows Payload Generation

Posted on June 26, 2017 by Darknet

Winpayloads is a tool to provide undetectable Windows payload generation with some extras running on Python 2.7. It provides persistence, privilege escalation, shellcode invocation and much more. Features UACBypass – PowerShellEmpire PowerUp – PowerShellEmpire Invoke-Shellcode Invoke-Mimikatz Invoke-EventVwrBypass Persistence – Adds payload…

Read the full post at darknet.org.uk

Continue reading Winpayloads – Undetectable Windows Payload Generation→

Next Windows 10 Version May Have Built-in EMET Anti-Exploit Program

Posted on June 20, 2017 by Mohit Kumar

It seems Microsoft is planning to build its EMET anti-exploit tool into the kernel of Windows 10 Creator Update (also known as RedStone 3), which is expected to release in September/October 2017.

So you may not have to separately download and install … Continue reading Next Windows 10 Version May Have Built-in EMET Anti-Exploit Program→

First-Ever Data Stealing Malware Found Using Intel AMT Tool to Bypass Firewall

Posted on June 9, 2017 by Swati Khandelwal

It’s not hard for a well-funded state-sponsored hacking group to break into corporate networks and compromise systems with malware, but what’s challenging for them is to keep that backdoor and its communication undetectable from a firewall and other ne… Continue reading First-Ever Data Stealing Malware Found Using Intel AMT Tool to Bypass Firewall→

Kaspersky Accuses Microsoft of Unfairly Disabling its Antivirus in Windows 10

Posted on June 7, 2017 by Mohit Kumar

Russian antivirus vendor Kaspersky Lab is so upset with US software giant Microsoft that the security firm has filed more antitrust complaints against the company.

The antivirus firm initially filed a lawsuit late last year against Microsoft with Russ… Continue reading Kaspersky Accuses Microsoft of Unfairly Disabling its Antivirus in Windows 10→

Microsoft Issues Patches for Actively Exploited Critical Vulnerabilities

Posted on April 12, 2017 by Swati Khandelwal

Besides a previously undisclosed code-execution flaw in Microsoft Word, the tech giant patches two more zero-day vulnerabilities that attackers had been exploiting in the wild for months, as part of this month’s Patch Tuesday.

In total, Microsoft patc… Continue reading Microsoft Issues Patches for Actively Exploited Critical Vulnerabilities→

PowerMemory – Exploit Windows Credentials In Memory

Posted on April 7, 2017 by Darknet

PowerMemory is a PowerShell based tool to exploit Windows credentials present in files and memory, it levers Microsoft signed binaries to hack Windows. The method is totally new. It proves that it can be extremely easy to get credentials or any other i… Continue reading PowerMemory – Exploit Windows Credentials In Memory→

Windows SMB Zero-Day Exploit Released in the Wild after Microsoft delayed the Patch

Posted on February 6, 2017 by Swati Khandelwal

Last weekend a security researcher publically disclosed a zero-day vulnerability in Windows 10, Windows 8.1 and Server editions after Microsoft failed to patch it in the past three months.

The zero-day memory corruption flaw resides in the implementat… Continue reading Windows SMB Zero-Day Exploit Released in the Wild after Microsoft delayed the Patch→

p0wnedShell – PowerShell Runspace Post Exploitation Toolkit

Posted on January 13, 2017 by Darknet

p0wnedShell is an offensive PowerShell Runspace Post Exploitation host application written in C# that does not rely on powershell.exe but runs PowerShell commands and functions within a PowerShell run space environment (.NET). It has a lot of offensive… Continue reading p0wnedShell – PowerShell Runspace Post Exploitation Toolkit→