Smart Scale to Autoscale Migration

Table of Contents Manual Migration --- Automated Migration Prerequisites Migrate Good to know Important: This article is applicable only if you have the Sites section in Smart Scale. Sites that use the Virtual Apps and Desktops service appear as “Cloudxdsite” by default. To view Sites, go to Citr...

Persistent CDF Tracing Enabler - For Citrix Windows Receiver

Persistent CDF Tracing Enabler - For Citrix Windows Receiver Created Date: July 2014 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the...

Restore Policy Console Utility

Created Date: 5/13/2016 Updated Date: 10/10/2017 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the download location. Description The...

DeepBlueCLI - a PowerShell Module for Threat Hunting via Windows Event Logs

DeepBlueCLI - a PowerShell Module for Threat Hunting via Windows Event Logs Eric Conrad, Backshore Communications, LLC deepblue at backshore dot net Twitter: @ericconrad http://ericconrad.com Sample evtx files are in the .\evtx directory Usage: .\DeepBlue.ps1 See the Set-ExecutionPolicy Readme if...

PowerZure - PowerShell Framework To Assess Azure Security

For a list of functions, their usage, and more, check outhttps://powerzure.readthedocs.io What is PowerZure? PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure. PowerZure was created out of the need for a framework that can both...

PowerShell-Red-Team - Collection Of PowerShell Functions A Red Teamer May Use To Collect Data From A Machine

Collection of PowerShell functions a Red Teamer may use to collect data from a machine or gain access to a target. I added ps1 files for the commands that are included in the RedTeamEnum module. This will allow you to easily find and use only one command if that is all you want. If you want the...

Exploit for CVE-2020-16898

CVE-2020-16898 CVE-2020-16898: Windows TCP/IP remote code exe...

Phishing Emails Used to Deploy KONNI Malware

Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. The Cybersecurity and Infrastructure Security Agency CISA has observed cyber actors using emails containi...

Exploit for CVE-2020-16898

CVE-2020-16898 CVE-2020-16898: Windows TCP/IP remote code ex...

KB2285068 - List of the bugs that are fixed in SQL Server 2008 Service Pack 2

KB2285068 - List of the bugs that are fixed in SQL Server 2008 Service Pack 2 INTRODUCTION This article lists the bugs that are fixed in Microsoft SQL Server 2008 Service Pack 2 SP2. Notes Other fixes that are not documented may be included in the service pack. This list will be updated when more...

Microsoft SharePoint SSI / ViewState Remote Code Execution Exploit

This Metasploit module exploits a server-side include SSI in SharePoint to leak the web.config file and forge a malicious ViewState with the extracted validation key. This exploit is authenticated and requires a user with page creation privileges, which is a standard permission in SharePoint. The...

Microsoft SharePoint SSI / ViewState Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SharePoint Server-Side Include and ViewState RCE', 'Description' = %q This module exploits a server-side include SSI in SharePoint to...

nishang

This repository is an offensive tool for Windows systems, specifically for adding backdoors and executing malicious scripts. The primary vulnerability class is privilege escalation, as the tools aim to gain elevated privileges on the target system. The probable entry points include PowerShell...

Exploit for CVE-2020-16898

CVE-2020-16898Checker Check all Network I...

IAmTheKing and the SlothfulMedia malware family

On October 1, 2020, the DHS CISA agency released information about a malware family called SlothfulMedia, which they attribute to a sophisticated threat actor. We have been tracking this set of activity through our private reporting service, and we would like to provide the community with...

Lemon Duck Cryptocurrency-Mining Botnet Activity Spikes

Researchers are warning of a recent dramatic uptick in the activity of the Lemon Duck cryptocurrency-mining botnet, which targets victims’ computer resources to mine the Monero virtual currency. Click to Register! Researchers warn that Lemon Duck is “one of the more complex” mining botnets, with...

PowerShellGet Module WDAC Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in the PowerShellGet V2 module. An attacker who successfully exploited this vulnerability could bypass WDAC Windows Defender Application Control policy and execute arbitrary code on a policy locked-down machine. An attacker must have administrator...

Important Photon OS Security Update - PHSA-2020-3.0-0151

Updates of 'consul', 'powershell' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2020-0151

Updates of 'consul', 'powershell' packages of Photon OS have been released...

Trickbot disrupted

As announced today, Microsoft took action against the Trickbot botnet, disrupting one of the world’s most persistent malware operations. Microsoft worked with telecommunications providers around the world to disrupt key Trickbot infrastructure. As a result, operators will no longer be able to use...