Bert Hubert, Sie beraten regelmässig Politikerinnen. Was sagen Sie zur Signal-Affäre, bei der der Chefredakteur des Magazins «The Atlantic» versehentlich in einen Gruppenchat mit dem US-Vizepräsidenten J. D.
Continue readingMonth: March 2025
URL validation bypass cheat sheet for SSRF/CORS/Redirect – 2024 Edition | W
This cheat sheet contains payloads for bypassing URL validation. These wordlists are useful for attacks such as server-side request forgery, CORS misconfigurations, and open redirection.
Continue readingConditional Access Regelwerke in 2025 –
Wie viele Policies sind notwendig, um einen Microsoft 365 Tenant vernünftig abzusichern? Zwei? Drei? Zwölf? Dreißig? Die Wahrheit liegt für die meisten Tenants dazwischen. Es gibt einige Dinge zu beachten und kein passendes CA-Regelwerk von der Stange.
Continue readingGitHub – nshalabi/SysmonTools: Utilities for Sysmon
Sysmon View helps in tracking and visualizing Sysmon logs by logically grouping and correlating the various Sysmon events together, using existing events data, such as executables names, session GUIDs, event creation time, etc., the tool then re-arranges this data for display into multiple views
Continue readingGitHub – decoder-it/KrbRelayEx-RPC
KrbRelayEx-RPC is a tool similar to my KrbRelayEx designed for performing Man-in-the-Middle (MitM) attacks by relaying Kerberos AP-REQ tickets.
Continue readingDeception in Depth – Hiding AD Users and Groups – Part 1
Hello darkness, my old friend. We’re back after quite the long hiatus with another entry in the Deception in Depth series, since then I’ve changed roles from the lead on the deception project at $Employer to the Red Team (I’ve mentioned this in a few posts before, I think.
Continue readingHow Google Does It: Using threat intelligence to uncover and track cybercri
One of the GTIG teams was able to investigate the malware in concert with our cybercrimes investigations group, and the legal litigation team was able to take civil action against the CryptBot malware distributors.
Continue reading