Silent Domain Hijack: Detecting DCSync with Trellix NDR

Silent Domain Hijack: Uncovering the DCSync Attack and Detecting with Trellix NDR By Maulik Maheta and Chao Sun · December 10, 2025 Executive summary DCSync is one of the most powerful and stealthy techniques an attacker can use once they have gained access to an Active Directory AD environment...

IBM Concert Information Disclosure Vulnerability

IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from an information disclosure vulnerability that stems from uncontrolled recursive directory replication,...

IBM Concert 安全漏洞

IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from an information disclosure vulnerability that stems from uncontrolled recursive directory replication,...

Metasploit Wrap-Up

Dump Windows secrets from Active Directory This week, our very own Christophe De La Fuente added an important update to the existing Windows Secret Dump module. It is now able to dump secrets from Active Directory, which will be very useful for Metasploit users. This new feature uses the Director...

Exploit for CVE-2020-1472

CVE-2020-1472 aka Zerologon Exploit POC !cve-2020-1742https...

Exploit for CVE-2020-1472

CVE-2020-1472 POC The vulnerability can be exploited in a Wi...

January 22, 2019—KB4476976 (OS Build 17763.292)

January 22, 2019—KB4476976 OS Build 17763.292 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that may cause Microsoft Edge to stop working with certain display drivers...

ZDI-08-065: Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability

ZDI-08-065: Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-065 October 8, 2008 -- CVE ID: CVE-2008-4478 -- Affected Vendors: Novell -- Affected Products: Novell eDirectory -- TippingPointTM IPS Customer Protection:...

Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within dhost.exe, the service responsible for directory replication which is bound b...

Novell eDirectory Core Protocol Opcode 0x24 Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within dhost.exe, the service responsible for directory replication which is bound b...