20 matches found
Silent Domain Hijack: Detecting DCSync with Trellix NDR
Silent Domain Hijack: Uncovering the DCSync Attack and Detecting with Trellix NDR By Maulik Maheta and Chao Sun · December 10, 2025 Executive summary DCSync is one of the most powerful and stealthy techniques an attacker can use once they have gained access to an Active Directory AD environment...
Exploit for CVE-2020-1472
PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows an attacker to authenticate as the domain controller account with a zero-length password. The exploit uses the impacket library to connect to the Netlogon service and send a zero-length challenge and...
Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces
Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. "The campaign involved unauthorized administrative logins on management interfaces of firewalls, creation of new accounts, SSL VP...
Metasploit Weekly Wrap-Up 11/22/2024
JetBrains TeamCity Login Scanner Metasploit added a login scanner for the TeamCity application to enable users to check for weak credentials. TeamCity has been the subject of multiple ETR vulnerabilities and is a valuable target for attackers. Targeted DCSync added to Windows Secrets Dump This...
Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain
The prolific Chinese nation-state actor known as APT41 aka Brass Typhoon, Earth Baku, Wicked Panda, or Winnti has been attributed to a sophisticated cyber attack targeting the gambling and gaming industry. "Over a period of at least six months, the attackers stealthily gathered valuable informati...
Microsoft Office NTLMv2 Disclosure
Exploit Title: Microsoft Office NTLMv2 Disclosure Vulnerability Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.office.com/ Software Link: https://www.office.com/ Details: https://github.com/passtheticket/CVE-2024-38200 Version: Microsoft Office 2019 MSO Build 1808...
Metasploit Weekly Wrap-Up
PTT for DCSync This week, community member smashery made an improvement to the windowssecretsdump module to enable it to dump domain hashes using the DCSync method after having authenticated with a Kerberos ticket. Now, if a user has a valid Kerberos ticket for a privileged account, they can run...
ADCSKiller - An ADCS Exploitation Automation Tool Weaponizing Certipy And Coercer
ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services ADCS vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. Please note that the ADCSKiller is...
Acltoolkit - ACL Abuse Swiss-Knife
acltoolkit is an ACL abuse swiss-army knife. It implements multiple ACL abuses. Installation pip install acltoolkit-ad or git clone https://github.com/zblurx/acltoolkit.git cd acltoolkit make Usage usage: acltoolkit -h -debug -hashes LMHASH:NTHASH -no-pass -k -dc-ip ip address -scheme ldap scheme...
Exploit for CVE-2020-1472
CVE-2020-1472 POC Requires the latest impacket from GitHubh...
Exploit for CVE-2020-1472
CVE-2020-1472 POC Requires the latest impacket from GitHubh...
Exploit for CVE-2020-1472
CVE-2020-1472 POC Requires the latest impacket from GitHubh...
Exploit for CVE-2020-1472
CVE-2020-1472 POC Requires the latest impacket from GitHubh...
Exploit for CVE-2020-1472
!Pythonpython-shield CVE-2020-1472 CVE-2020-1472 - Zero...
Exploit for CVE-2020-1472
CVE-2020-1472 POC Requires the latest impacket from GitHubh...
Exploit for CVE-2020-1472
CVE-2020-1472 - Zero-Logon POC !alt texthttps://github.com...
Exploit for CVE-2020-1472
CVE-2020-1472 - Zero-Logon POC !alt texthttps://github.com...
Exploit for CVE-2020-1472
CVE-2020-1472 POC Requires the latest impacket from GitHubh...
Vulnerable-AD - Create A Vulnerable Active Directory That'S Allowing You To Test Most Of Active Directory Attacks In Local Lab
Create a vulnerable active directory that's allowing you to test most of active directory attacks in local lab. Main Features Randomize Attacks Full Coverage of the mentioned attacks you need run the script in DC with Active Directory installed Some of attacks require client workstation Supported...
Jackdaw - Tool To Collect All Information In Your Domain And Show You Nice Graphs
Jackdaw is here to collect all information in your domain, store it in a SQL database and show you nice graphs on how your domain objects interact with each-other an how a potential attacker may exploit these interactions. It also comes with a handy feature to help you in a password-cracking...