Resources

  • Infiltrate 2014 – shadow-file.blogspot.com
    Here are some additional resources of Zach Cutlip that may have mentioned in his Infiltrate 2014 presentation.
  • BlueHat Security Briefings: Fall 2013 Sessions – channel9.msdn.com
    The 2013 BlueHat Security Briefings took place on the Microsoft campus in December 2013. Here are the list of talks and discussions.

Tools

  • mimikatz 2.0 alpha 20140519 – github.com
    You can download this new release of Mimikatz 2.0 alpha from here. Pass-The-eKeys now also working on Windows 7/8 if KB2871997 installed.
  • Tastic RFID Thief – Proximity Badge Released – bishopfox.com
    The Tastic RFID Thief is a silent, long-range RFID reader that can steal the proximity badge information from an unsuspecting employee as they physically walk near this concealed device. You can download the tool from here.

Techniques

Vendor/Software patches

  • Microsoft to fix two major attack methods for hackers – trustedsec.com
    Microsoft is apparently fixing Two issues with the recently released update. A Metasploit module was released after an attack method was publicly disclosed and makes the process extremely simple.

Vulnerabilities