Week 23 In Review – 2017

/, Security Tools, Week in Review/Week 23 In Review – 2017

Events Related

Techniques

  • impacket – github.com
    This script will exploit CVE-2017-7494, uploading and executing the shared library specified by the user through the –so parameter.
  • Automating the Empire with the Death Star: getting Domain Admin with a push of a button – byt3bl33d3r.github.io
    Originally, I wanted something that could just take BloodHounds output, parse it, feed it to Empire and make it follow the ‘chain’. However, BloodHound does not take into account (at least to my knowledge) paths that could be achieved using domain privilege escalations such as GPP Passwords in SYSVOL (I personally find that one an almost every engagement).

Tools

  • Troll – github.com
    A source level debugger for C programs running on ARM Cortex-M parts. Utilizes the *blackmagic* probe and the *Qt* framework
  • City-Wide IMSI-Catcher Detection – seaglass.cs.washington.edu
    Modern cellphones are vulnerable to attacks by governments and hackers using rogue cellular transmitters called IMSI-catchers. These surveillance devices can precisely locate phones, and sometimes eavesdrop on communications, send spam, or inject malware into phones.
2017-06-08T19:10:20-07:00 June 4th, 2017|Security Conferences, Security Tools, Week in Review|0 Comments

Related Posts

Leave A Comment

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.

Read more About Us

Support Us

Support this site via patreon.

Other Information