recentpopularlog in

plaxx : windows   340

« earlier  
WinPmem memory imager
source code for an old version can be found under rekall's source tree
windows  memory  acquisition  dfir 
10 weeks ago by plaxx
matterpreter/DefenderCheck: Identifies the bytes that Microsoft Defender flags on.
very simple approach to detect what makes AV flag based on splitting files in half and scanning
evasion  antivirus  pentest  redteam  scan  defender  windows  security 
12 weeks ago by plaxx
OpenSource Drive - ODrive
a Google Drive GUI that works on Linux
linux  google  drive  sync  tool  opensource  windows  mac  electronic 
april 2019 by plaxx
Authenticated Arbitrary Command Execution on PostgreSQL 9.3 > Latest
PostgreSQL, commonly known as Postgres is one of the largest and most popular database systems in the world. It is the primary database of Mac OSX but also has Linux and Windows versions available…
postgresql  exploitation  rce  linux  windows  osx  pentest 
march 2019 by plaxx
Juicy Potato (abusing the golden privileges) | juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
privilege-escalation  pentest  windows  iis  sql  vulnerability  system  service 
march 2019 by plaxx
Tron fights for the User
A script that removes unnecessary cruft from a Windows system
windows  bloat  cleanup  sysadmin 
february 2019 by plaxx
Windows on AWS with Vagrant
Windows on AWS with Vagrant. GitHub Gist: instantly share code, notes, and snippets.
vagrant  aws  windows  recipe 
february 2019 by plaxx
Mitigations against Mimikatz Style Attacks - SANS Internet Storm Center
SANS Internet Storm Center - A global cooperative cyber threat / internet security monitor and alert system. Featuring daily handler diaries with summarizing and analyzing new threats to networks and internet security events.
blueteam  pentest  checklist  mimikatz  lsass  credential  security  sysadmin  active-directory  windows 
february 2019 by plaxx
infosecn1nja/AD-Attack-Defense: Attack and defend active directory using modern post exploitation adversary tradecraft activity
Attack and defend active directory using modern post exploitation adversary tradecraft activity - infosecn1nja/AD-Attack-Defense
ad  active-directory  pentest  redteam  blueteam  windows 
february 2019 by plaxx
Wagging the Dog: Abusing Resource-Based Constrained Delegation to Attack Active Directory | Shenanigans Labs
Back in March 2018, I embarked on an arguably pointless crusade to prove that the TrustedToAuthForDelegation attribute was meaningless, and that “protocol transition” can be achieved without it. I believed that security wise, once constrained delegation was enabled (msDS-AllowedToDelegateTo was not null), it did not matter whether it was configured to use “Kerberos only” or “any authentication protocol”. I started the journey with Benjamin Delpy’s (@gentilkiwi) help modifying Kekeo t...
ad  domain  kerberos  active-directory  internal  pentest  windows  delegation  forest  security 
january 2019 by plaxx
secrary/InjectProc: InjectProc - Process Injection Techniques [This project is not maintained anymore]
InjectProc - Process Injection Techniques [This project is not maintained anymore] - secrary/InjectProc
security  programming  dll  injection  apc  async  windows 
december 2018 by plaxx
NYAN-x-CAT/Lime-RAT: LimeRAT | Simple, yet powerful remote administration tool for Windows
LimeRAT | Simple, yet powerful remote administration tool for Windows - NYAN-x-CAT/Lime-RAT
malware  rat  windows  c#  dot-net  trojan  security 
november 2018 by plaxx
lgandx/Responder: Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. - lgandx/Responder

The better maintained fork of Responder
secuirty  pentest  windows  fork  llmnr  netbios  smb  man-in-the-middle  wpad 
october 2018 by plaxx
VcXsrv Windows X Server download | SourceForge.net
Download VcXsrv Windows X Server for free. Windows X-server based on the xorg git sources (like xming or cygwin's xwin), but compiled with Visual C++ 2012 Express Edition. Source code can also be compiled with VS2008, VS2008 Express Edition and VS2010 Express Edition, although current project and makefile are not fully compatible anymore.
desktop  x11  windows  server  xorg  xserver  wsl 
september 2018 by plaxx
AD Explorer - Windows Sysinternals | Microsoft Docs
Active Directory Explorer is an advanced Active Directory (AD) viewer and editor.
ad  activedirectory  ldap  windows  domains  client  explorer  gui  tool  sysinternals  directory 
september 2018 by plaxx
jiahaog/nativefier: Make any web page a desktop application
Description This isn't a nativefier issue per se, but rather an issue with how electron was compiled for linux and the new glibc 2.28 on arch linux If you upgrade glibc you will get a segmentation fault when you launch any app created wi...
web  app  generator  electron  native  osx  windows  linux  desktop 
august 2018 by plaxx
DynamoRIO Dynamic Instrumentation Tool Platform
DynamoRIO is a runtime code manipulation system that supports code transformations on any part of a program, while it executes. DynamoRIO exports an interface for building dynamic tools for a wide variety of uses: program analysis and understanding, profiling, instrumentation, optimization, translation, etc. Unlike many dynamic tool systems, DynamoRIO is not limited to insertion of callouts/trampolines and allows arbitrary modifications to application instructions via a powerful IA-32/AMD64/ARM/AArch64 instruction manipulation library. DynamoRIO provides efficient, transparent, and comprehensive manipulation of unmodified applications running on stock operating systems (Windows, Linux, or Android) and commodity IA-32, AMD64, ARM, and AArch64 hardware.
dynamic  compiler  reverse-engineering  instrumentation  arm  x86  x86_64  android  windows  linux 
may 2018 by plaxx
pd: process dump
Process Dump is a Windows reverse-engineering tool to dump malware memory components back to disk for analysis. It uses an aggressive import reconstruction approach to make analysis easier, and supports 32 and 64 bit modules. Dumping of regions without PE headers is supported and in these cases PE headers and import tables will automatically be generated.
windows  process  dump  reverse-engineering  pe  mz  import  x64  x86 
february 2018 by plaxx
« earlier      
per page:    204080120160

Copy this bookmark:





to read