In this article, we will show details and metasploit module for vulnerability that affects Trend Micro’s IMSVA solution.
Unexpected Journey #2 – Taking Down Entire Domain Using Vulnerabilities of a SIEM Product
As I said on my previous article, being a penetration tester makes us feel like a group of traveler. Today, I would like to share a details about yet another 0day vulnerability we’ve found during penetration test which later lead us to take down entire domain network. (more…)
Unexpected Journey into the AlienVault OSSIM/USM During Engagement
Being a penetration tester makes us feel like a group of traveler. Discovering the internal world of the institution during engagement gives us the opportunity to make unexpected journeys. In this article, I will share a details of how we got an access to the heart of the company. (more…)
Windows Privilege Escalation Methods for Pentesters
Imagine that you have gotten a low-priv Meterpreter session on a Windows machine. Probably you’ll run getsystem to escalate your privileges. But what if it fails?
Don’t panic. There are still some techniques you can try.
Art of Anti Detection 2 – PE Backdoor Manufacturing
This paper will explain several methods used for placing backdoors in PE (Portable Executable) files for red team purposes, in order to fully grasp the content of this paper, readers needs to have at least intermediate x86 assembly knowledge, familiarity with debuggers and decent understanding of PE file format. (more…)