Since Friday this week has been most eventful because of a malware - Wanacrypt, infecting thousands of computer networks in a jiffy. As speculated, it leveraged a very potent exploit that was made public by the Shadow Brokers. The name of the exploit is ETERNALBLUE, which was used by the Equation Group to exploit a large number of systems right untill Windows 10. List of Equation Group Exploits lists the exploits and their targets. Read more about Wanacrypt: What Do We Know About It As Of Now?
This is a short post about a cool PowerShell script – Invoke-Obfuscation that can help us a lot post exploitation. Why PowerShell? It is because, this shell and scripting language is already present on most modern Windows operating systems. It also has memory only execution capabilities that can help you evade anti-viruses and the likes, with almost no logging in the eventlog! Imagine if you are able to execute PowerSploit, obfuscating all your "stuff"! Read more about Invoke-Obfuscation: A PowerShell Command & Script Obfuscator!
A lot many good things are being done in Docker. Jackhammer is another good example of this. The authors have gone ahead and put almost everything you would need for vulnerability assessment and vulnerability management, dockerized it, made it an all-in-one tool and put it up for us to use! A few other security related docker projects can be found here. Read more about Jackhammer: A Vulnerability Assessment Collaboration Tool!
Exciting things are being done in PowerShell now-a-days and it is becoming like Python. A good example is my last post about PivotAll. This post is about another such tool - SecretServerSecretStealer. Read more about SecretServerSecretStealer: Decrypt Thycotic Server Passwords!
If you stay in California and want to protect your privacy, or you want to circumvent internet censorship imposed by your government or simply want to stay anonymous on the wire chances are you use use TOR or use a anonymous, no-log-keeping VPN. This post lists a few Do-It-Yourself projects that involves not more than a Raspberry Pi to try and keep you anonymous. As always I will try to keep this post updated. Additionally, if you know of any projects that I may have missed, you sure can let me Read more about List of Raspberry Pi DIY Projects for Anonymity!
I stumbled upon this tool when trying to find more Docker security projects - Cameradar. You can use this tool post exploitation just for the fun, or use it in your own network and check for unauthorized CCTV installations. You can also use it to test the security of your existing camera setup. Read more about Cameradar: Hack RTSP CCTV Cameras!
This is a short post about a cool PowerShell script - PivotAll that can help us a lot post exploitation. Why PowerShell? It is because, this shell and scripting language is already present on most modern Windows operating systems. Read more about [SHORT POST] PivotAll: A Comprehensive Pivoting Framework!