31ric » 1bluebass

Some fun AWS reads

Posted on 2024-11-162024-11-14 by tmack

Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources https://www.aquasec.com/blog/bucket-monopoly-breaching-aws-accounts-through-shadow-resources/ Capturing Exposed AWS Keys During Dynamic Web Application Tests https://www.praetorian.com/blog/capturing-exposed-aws-keys-during-dynamic-web-application-tests/ AWS Network Firewall egress filtering can be easily bypassed https://canglad.com/blog/2023/aws-network-firewall-egress-filtering-can-be-easily-bypassed/

Hacker Video – SIEGECAST: Kerberoasting & Attacks 101

Posted on 2024-11-142024-10-27 by tmack

Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? Tim Media walks you through how to attack Kerberos with ticket attacks and Kerberoasting. He covers the basics of Kerberos authentication and then shows you how the trust model can be exploited for persistence, pivoting, and privilege escalation. At the conclusion, Read More …

powershell code – Find computers

Posted on 2024-11-132024-11-11 by tmack

To find a single machine and the date it last logged on Get-ADComputer -identity SRV-DB01 -Properties * | FT Name, LastLogonDate -Autosize Find all the machines Get-ADComputer -Filter * -Properties * | FT Name, LastLogonDate -Autosize

News :: AT&T Breached again…..

Posted on 2024-11-122024-11-11 by tmack

article Another example of sprawling clouds maybe? Security 101 – You have to know what you have. /snark over

NOTES :: Purdue Model

Posted on 2024-11-112025-01-14 by tmack

The Purdue Model The Purdue model is generally accepted as the standard for building an industrial control system (ICS) network architecture in a way that supports OT security, separating the layers of the network to maintain a hierarchical flow of data between them, and as such, reflects the baseline architecture requirements for many industrial control Read More …

Hacker Video – What Is An XXE Attack

Posted on 2024-11-072024-10-27 by tmack

XML files can incorporate inline references to other documents. Unsafe treatment of external references allows an attacker to probe your file system for sensitive information – an XML External Entity (XXE) attack.

Unmasking a CIA Criminal

Posted on 2024-11-072025-01-22 by tmack

Hacker video of the week……

EDRKillShifter

Posted on 2024-11-012024-10-27 by tmack

“EDRKillShifter” is a type of malware specifically designed to disable Endpoint Detection and Response (EDR) security software on a system, allowing attackers to carry out malicious activities like deploying ransomware without detection; it is considered a sophisticated tool often used by cybercriminals to evade security measures. Key points about EDRKillShifter: Function: Its primary purpose is Read More …

New Video – Assembly Primer For Hackers – Hello World

Posted on 2024-10-312024-10-27 by tmack

This is new video I found some time ago, when I was entertaining the thought of getting the OSCP. Assembly Primer For Hackers – Hello World

How to change user agent in nmap

Posted on 2024-10-272024-10-27 by tmack

NMAP How to change user agent You can find the default value in /usr/share/nmap/nselib/http.lua (At the beginning of the file, a couple of lines after the comments) local USER_AGENT = stdnse.get_script_args(‘http.useragent’) or “Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)” You can change the value with this line local USER_AGENT = stdnse.get_script_args(‘http.useragent’) or “Mozilla/5.0 (compatible; MSIE 9.0; Read More …