Skip to content

Severins kleine Cyber Seite

Für ein Phishing Mail ist man nie zu alt!

  • Discovery
  • About Me
  • Impressum

The Attackers Guide to Azure AD Conditional Access

On January 27, 2023 By Severin Winkler In Gefundenes

Conditional Access is one of Microsoft’s most powerful security features and the central engine for their zero trust architecture. https://danielchronlund.com/2022/01/07/the-attackers-guide-to-azure-ad-conditional-access/

Continue reading

IIS Crypto

On January 10, 2023 By Severin Winkler In Gefundenes

IIS Crypto allows you to create your own custom templates which can be saved and then executed on multiple servers. To create your own template, select all of the settings for your configuration. Click on …

Continue reading

Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More

On January 4, 2023 By Severin Winkler In Gefundenes

During the fall of 2022, a few friends and I took a road trip from Chicago, IL to Washington, DC to attend a cybersecurity conference and (try) to take a break from our usual computer …

Continue reading

New AMSI Bypass Using CLR Hooking

On January 4, 2023 By Severin Winkler In Gefundenes

In this article, I will present a new technique to bypass Microsoft’s Anti-Malware Scan Interface (AMSI) using API Call Hooking of CLR methods. https://practicalsecurityanalytics.com/new-amsi-bypass-using-clr-hooking/

Continue reading

Sponsor j3ssie/Osmedeus

On January 4, 2023 By Severin Winkler In Gefundenes

What is Osmedeus? Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. Next generation version? Enjoying this tool? Support it’s development and take your game to …

Continue reading

Web Security Academy

On January 4, 2023 By Severin Winkler In Gefundenes

This cross-site scripting (XSS) cheat sheet contains many vectors that can help you bypass WAFs and filters. You can select vectors by the event, tag or browser and a proof of concept is included for …

Continue reading

google/osv-scanner

On December 21, 2022 By Severin Winkler In Gefundenes

Use OSV-Scanner to find existing vulnerabilities affecting your project’s dependencies. OSV-Scanner provides an officially supported frontend to the OSV database that connects a project’s list of dependencies with the vulnerabilities that affect them. Since the …

Continue reading

deepinstinct/Dirty-Vanity

On December 15, 2022 By Severin Winkler In Gefundenes

The reflected shellcode works with ntdll API. It is generated from the included generation project shellcode_template, curtesy of https://github.com/rainerzufalldererste/windows_x64_shellcode_template https://github.com/deepinstinct/Dirty-Vanity

Continue reading

Game Of Active Directory v2

On December 13, 2022 By Severin Winkler In Gefundenes

The second version of Game Of Active directory is out! https://github.com/Orange-Cyberdefense/GOAD https://mayfly277.github.io/posts/GOADv2/

Continue reading

Pyramid – A Tool To Help Operate In EDRs’ Blind Spots

On December 12, 2022 By Severin Winkler In Gefundenes

Pyramid is a set of Python scripts and module dependencies that can be used to evade EDRs. The main purpose of the tool is to perform offensive tasks by leveraging some Python evasion properties and …

Continue reading

Posts navigation

1 2 3 … 5 Next Posts»

Recent Posts

  • The Attackers Guide to Azure AD Conditional Access
  • IIS Crypto
  • Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More
  • New AMSI Bypass Using CLR Hooking
  • Sponsor j3ssie/Osmedeus

Archives

  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • August 2022
  • May 2022
  • March 2022
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • October 2020

Categories

  • Gefundenes
  • Uncategorized
WordPress Theme: Chronus by ThemeZee.