[Enterprise Security] Meltdown and Spectre
It’s really not the end of the world…well depending on who you ask but that’s probably for other reasons than CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 (Meltdown and Spectre).
Mentions: bltsec
[Penetration Testing] Linux Local Privilege Escalation: /dev/random K2
This article will detail the steps I took in order to successfully gain access to higher privileged accounts via some basic Linux privilege escalation techniques and by exploiting CVE-2004-1051 for gaining root privileges.
[Enterprise Security] Automating the Destruction of Bind Shells
Demonstration of macOS’s Automator app receiving a voice command that executes a script that scans for open listening ports on a machine and then terminates those processes that haven’t been whitelisted.
[Enterprise Security] Black Honey
Discusses creating a service that will generate files to help monitor user activity and alert enterprise security teams of data breaches.
[Enterprise Security] SIEM IPS PFSENSE
High-level overview of how a SIEM could be integrated into an enterprise environment by adopting and scaling the architecture model used in this NSM lab.
[Security Awareness Training] “Free” WiFi
Security Awareness Training (SAT) – “Free” WiFi: Identifying Credential Harvesting Captive Portals and How to Protect Yourself Against Them
[Penetration Testing] WebDAV IIS 6.0 / TCP/IP IOCTL Privesc
Exploits: CVE-2017-7269, CVE-2014-4076
Techniques: HTTP / WebDAV method enumeration, Privilege Escalation […]
[Penetration Testing] Drupal RCE / Win32k.sys Kernel Exploit
Exploits: Drupal 7.54 Services Module RCE, CVE-2014-4113 Kernel Exploit
Techniques: Empire / Metasploit session passing, Fuzzing, Privilege Escalation […]
BLTSEC 