101 matches found
Exploit for Improper Authentication in Microsoft
CVE-2026-26128 !Examplehttps://github.com/jarnovandenbrink/...
LogonTracer 操作系统命令注入漏洞
LogonTracer is a visual system log analysis tool developed by the Japanese JPCERT organization. This product can detect malicious login attempts by analyzing Windows Active Directory event logs. Versions of LogonTracer prior to 2.0.0 contained a vulnerability related to operating system command...
CVE-2026-32072
Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally...
EUVD-2026-22645
Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network...
EUVD-2026-22497
Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally...
CVE-2026-33826
Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network...
CVE-2026-32072
Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally...
CVE-2026-33826
Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network...
CVE-2026-33826 Windows Active Directory Remote Code Execution Vulnerability
...
PT-2026-32798
CVE-2026-32072 Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally. https://t.co/LqmmLGYoRL...
PT-2026-32885
Name of the Vulnerable Software and Affected Versions Windows Active Directory versions prior to April 2026 Patch Tuesday Description Improper input validation in Windows Active Directory allows an authorized attacker to execute arbitrary code over an adjacent network. This issue enables...
denkair-lab
DenkAir - Windows AD Pentesting Lab A comprehensive Windows A...
BadSuccessor: dMSA abuse to Escalate Privileges in Windows Active Directory
This module exploits 'Bad Successor', which allows operators to elevate privileges on domain controllers running at the Windows 2025 forest functional level. Microsoft decided to introduce Delegated Managed Service Accounts in this forest level and they came ripe for exploitation. Normal users...
EUVD-2023-25982
Malicious code in bioql PyPI...
EUVD-2024-49530
Malicious code in bioql PyPI...
EUVD-2025-2416
Malicious code in bioql PyPI...
EUVD-2023-39353
Malicious code in bioql PyPI...
EUVD-2022-40585
Malicious code in bioql PyPI...
tactical-exploitation
This is a tactical exploitation toolkit repository. It contains a Python script called "easywin.py" that provides a toolkit for exploit-less attacks aimed at Windows and Active Directory environments. The script leverages information gathering and brute force capabilities against the SMB protocol...
Kerberoasting Detections: A New Approach to a Decade-Old Challenge
Security experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical defense methods. Why? It's because existing detections rely on brittle heuristics and static rules, which don't hold up for detecting potential attack patterns in highly variable...