Lucene search
K

51 matches found

Kitploit
Kitploit
added 2017/08/31 2:30 p.m.40 views

RedSnarf - A Pen-Testing / Red-Teaming Tool For Windows Environments

RedSnarf is a pen-testing / red-teaming tool by Ed Williams for retrieving hashes and credentials from Windows workstations, servers and domain controllers using OpSec Safe Techniques. RedSnarf functionality includes: Retrieval of local SAM hashes Enumeration of user/s running with elevated syste...

7.8AI score
Exploits0References3
Metasploit
Metasploit
added 2017/07/10 8:57 p.m.54 views

Razer Synapse rzpnk.sys ZwOpenProcess

A vulnerability exists in the latest version of Razer Synapse v2.20.15.1104 as of the day of disclosure which can be leveraged locally by a malicious application to elevate its privileges to those of NTAUTHORITY\SYSTEM. The vulnerability lies in a specific IOCTL handler in the rzpnk.sys driver th...

9.8CVSS0.2AI score0.85539EPSS
Exploits5
Schneier on Security
Schneier on Security
added 2017/06/14 1:15 p.m.44 views

The grugq on Reality Winner, the Intercept, and OPSEC

Good commentary...

7.1AI score
Exploits0
n0where
n0where
added 2017/05/06 4:15 a.m.30 views

Windows Penetration Testing Tool: RedSnarf

Windows Penetration Testing Tool RedSnarf is a pen-testing / red-teaming tool by Ed William and Richard Davy for retrieving hashes and credentials from Windows workstations, servers and domain controllers using OpSec Safe Techniques. RedSnarf aims to do the following: Leave no evidence on the hos...

0.4AI score
Exploits0References3
n0where
n0where
added 2017/04/10 4:36 a.m.251 views

Pentesting Active Directory Environments: CrackMapExec

Pentesting Active Directory Environments: CrackMapExec CrackMapExec a.k.a CME is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2015/09/09 8:0 a.m.10 views

Jessy Irwin on Password Security, Opsec and User Education

Dennis Fisher talks with Jessy Irwin of 1Password about her path into the security world, the many security challenges in the education sector, the password-security problem, and security jewelry. Download: digitalunderground219.mp3 Music by Chris Gonsalves...

1.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2015/02/24 10:29 a.m.15 views

Kris McConkey on OpSec Failures

At last week’s Security Analyst Summit Kris McConkey, part of PricewaterhouseCoopers’ UK Cyber Threat Operations team, discusses hacker OpSec failures: How attackers are still humans and sometimes make mistakes like using personal email addresses and real names in their campaigns...

1.4AI score
Exploits0References1
ThreatPost
ThreatPost
added 2015/02/16 12:6 p.m.7 views

Hackers' Op-Sec Failures Important Clues to Uncover APT Gangs

CANCUN – Sophistication, resourcefulness and ingenuity are characteristics usually associated with state-sponsored espionage hacker groups. But they’re certainly not infallible. Like most detective work, security analysts generally are able to toss back the covers on APT campaigns and major...

0.5AI score
Exploits0References1
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.20 views

CVE-2000-0807

The OPSEC communications authentication mechanism fwn1 in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability."...

6.9AI score0.01678EPSS
Exploits0References3
CVE
CVE
added 2001/01/22 5:0 a.m.50 views

CVE-2000-0807

The OPSEC Authentication Spoof issue (CVE-2000-0807) affects Check Point VPN-1/FireWall-1 prior to the patches described in the ISS/FireWall-1 vulnerability alert. The security hole arises in the OPSEC authentication mechanism, allowing a remote attacker to spoof authentication and gain access to...

7.5CVSS6.9AI score0.01678EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2000/11/14 5:0 a.m.16 views

CVE-2000-0807

The OPSEC communications authentication mechanism fwn1 in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability."...

7.5CVSS6.9AI score0.01678EPSS
Exploits0References3
Rows per page
Query Builder