pentestmonkey

New release from the team, @pentestmonkey has ported udp-proto-scanner to Python and given it a bit of a polish: github.com/CiscoCXSecurit…

We did a thing! It's over 10 years since we started working on this but it's still useful today: github.com/CiscoCXSecurit… Kudos to @pentestmonkey for porting the Perl bits to a modern language. #aix #solaris #linux #unix #security

[Blog] Beyond LLMNR/NBNS Spoofing - Exploiting Active Directory-Integrated DNS blog.netspi.com/exploiting-adi… Also, #PowerShell ADIDNS spoofing functions added to Powermad github.com/Kevin-Robertso…

Congrats to @nmonkee @iantshaw @alexjplaskett and all the team at @mwrinfosecurity on their acquisition by @FSecure globenewswire.com/news-release/2…

Ben Heck's staring a new youtube channel. I was a huge fan of the Ben Heck Show. youtu.be/5WlRm-ghuoA

AD ACL Scanner. A tool with GUI used to create reports of access control lists (DACLs) and system access control lists (SACLs) in Active Directory github.com/canix1/ADACLSc…

So excited - here's my updated "Guide to Attacking Domain Trusts" posts.specterops.io/a-guide-to-att… ! Was a blast to write

Getting command execution on MSWord without any Macros 😈 sensepost.com/blog/2017/macr… #windows #maldoc #malware

Happy to announce that the sqlmap project has been sponsored by @netsparker web application security scanner

Cyber security community! Opportunity to contribute to the foundations of the future cyber security profession ncsc.gov.uk/blog-post/cybe…

Our paper about Escalating Privileges in Linux using Fault Injection is available online: riscure.com/publication/es… ! @pulsoid #FDTC17

awesome-windows-domain-hardening : Curated list of awesome Security Hardening techniques for Windows: github.com/PaulSec/awesom… cc @PaulWebSec

Our launch event for the #BashBunny will be March 2nd, 8pm. More info and RSVP here! goo.gl/forms/3d7mkK6e…

A step by step guide on how to decrypt SCOM “RunAs” Credentials nccgroup.trust/uk/about-us/ne…

FuzzySec -> Anatomy of UAC Attacks - fuzzysecurity.com/tutorials/27.h…

TO ALL in InfoSec who overuse Advanced. "It is in the flawless execution of the basics that we find world class success." - Lombardi

McAfee SiteList.xml AD privilege escalation > should be part of every priv esc checklist > ICYMI like me github.com/tfairane/HackS…

Nice set of posts on a threat hunting reference model proposal blog.sqrrl.com/the-cyber-hunt… blog.sqrrl.com/the-threat-hun… blog.sqrrl.com/the-threat-hun…

Another @metasploit module from @ukstufus, for storing groups, computers and user memberships from AD in a SQLite DB github.com/rapid7/metaspl…

View RDP session from pcap (and private key). Amazing work @CTXIS. Thank you for sharing. contextis.com/resources/blog…