When a security incident occurs on your network, one of the most important steps of the response process is the identification of all assets involved by the attack.Continue…
During the creation of a long article about lateral movement using WMI, i’ve collected a good number of techniques to remotely manipulate Windows Services using WMI and Powershell.
In my previous post “Code injection on Windows using Python: a simple example“, i’ve explored the ctype python library and the usage of Windows API in order to perform a code injection on 32bit systems.
All tests was performed using shellcodes generated by metasploit or found on some online repository, i ask myself:
“Is it possible to generate the shellcode directly into my python script?”
Recently i had to perform some comparative tests on a couple of whitelisting solutions.
One of the crucial step of the test was the proper functioning of memory monitoring feature, useful in case of process injection: infact, when a trusted process has been started, an attacker may use it as vector for inject a malicious code.
In order to perform this check, i’ve decided to wrote a little PoC for 32bit systems dedicated to this test.
When you develop an application, often you could need to store some configurations. This data can contain a lot of sensitive informations, and this is a critical point if your sourcecode is hosted on a GitHub repository.
Impacket is a collection of Python classes, developed by Core Security, for working with network protocols, which provides a low-level programmatic access to the packets and, for some protocols such us SMB1-3 and MSRPC, the protocol implementation itself.
Just imagine: your small web app, that allows user to download medium-large ZIP files, due a lucky reddit post, suddenly start to receive huge amount of traffic, and specifically a lot of downloads.
The server is a small tier with a very small bandwith: a peak of downloads after a new file release turn in a DDOS for your webapp.
It’s not a mystery: raw JSON it’s not really readable!
Often i publish some small code snippets, usually written during development of large projects.
Today i want to share a small PHP class that uses Twitter API in order to perform a search and downloads the most recents tweets.
Some weeks ago i’ve written a brief tutorial focused on building a simple Echo BOT on Telegram using Python.