Resources

  • Derbycon 2016 Videos – www.irongeek.com
    These are the videos of the presentations from Derbycon 2016.

Tools

  • PowerShell-Suite – github.com
    Bypass-UAC is self-contained and does not have any dependencies, bar a requirement that the target have PowerShell v2.

Techniques

  • Mass-analyzing a chunk of the Internet – 255.wf
    Say we finished a complete IPv4 scan of the classic FTP protocol on port 21. This includes the initial connection, and a banner-fetch. We save all results that made it past the “is port open” check. This includes hosts that responded with an error or which dropped their connection. Useful for blacklisting IP slashes to reduce scan time.
  • Down to Silicon Level Debugging – bioshacking.blogspot.com
    Let’s focus on the ICE part. There was at least one mistake I did in my BIOS book that I didn’t realize due to my handicap in not having an ICE and its related skills.
  • Luckystrike: An Evil Office Document Generator – www.shellntel.com
    Luckystrike is a PowerShell based generator of malicious .xls documents (soon to be .doc). All your payloads are saved into a database for easy retrieval & embedding into a new or existing document. Luckystrike provides you several infection methods designed to get your payloads to execute without tripping AV.
  • More Hacking SQL Servers Without A Password – blog.anitian.com
    Hacking SQL servers is fun. Early this year, I blogged about hacking SQL servers without a password. I used Ettercap to perform a man-in-the-middle attack between a Microsoft SQL server and client. Using Ettercap filters I showed how you can replace a SQL query with your own malicious query in transit.