Skip to content

Severins kleine Cyber Seite

Für ein Phishing Mail ist man nie zu alt!

  • Discovery
  • About Me
  • Impressum

Author: Severin Winkler

Active Directory forest trusts part 2 – Trust transitivity and finding a trust bypass

On June 11, 2021 By Severin Winkler In Gefundenes

In my first personal blog post in 2018 I wrote about Active Directory forest trusts and how they work under the hood. Part two of the series was since then promised but never delivered. https://dirkjanm.io/active-directory-forest-trusts-part-two-trust-transitivity/

Continue reading

Mind-Maps

On June 1, 2021 By Severin Winkler In Gefundenes

Mind-Maps Bug Hunters Methodology – [Jhaddix] Fiding Server side issues – [Imran parray] Javascript Recon My Recon – [Imran parray] https://github.com/imran-parray/Mind-Maps

Continue reading

> Attacking Active Directory: 0 to 0.9

On May 30, 2021 By Severin Winkler In Gefundenes

The purpose of this guide is to view Active Directory from an attacker perspective. I will try to review different aspects of Active Directory and those terms that every pentester should control in order to …

Continue reading

BloodHound Cypher Cheatsheet

On May 23, 2021 By Severin Winkler In Gefundenes

Bloodhound uses Neo4j, a graphing database, which uses the Cypher language. Cypher is a bit complex since it’s almost like programming with ASCII art. https://hausec.com/2019/09/09/bloodhound-cypher-cheatsheet/

Continue reading

Analysis of the 2021 Verizon Data Breach Report (DBIR)

On May 23, 2021 By Severin Winkler In Gefundenes

Every year I like to look at Verizon’s DBIR report and see what kind of wisdom I can extract. This year they appear to have put in even more effort, so let’s get into it. …

Continue reading

Incident response playbooks

On May 10, 2021 By Severin Winkler In Gefundenes

You need to respond quickly to detected security attacks to contain and remediate its damage. As new widespread cyberattacks happen, such as Solarigate and the Exchange Server vulnerability, Microsoft will respond with detailed incident response …

Continue reading

Mimikatz

On April 12, 2021 By Severin Winkler In Gefundenes

It seems like many people on both sides of the fence, Red & Blue, aren’t familiar with most of Mimikatz’s capabilities, so I put together this information on all the available commands I could find. …

Continue reading

Mobile Security Framework (MobSF)

On April 8, 2021 By Severin Winkler In Gefundenes

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. https://github.com/MobSF/Mobile-Security-Framework-MobSF

Continue reading

The Consumer Authentication Strength Maturity Model (CASMM)

On March 26, 2021 By Severin Winkler In Gefundenes

This post is an attempt to create an easy-to-use security model for the average internet user. Basically, how secure is someone’s current behavior with respect to passwords and authentication, and how can they improve? People …

Continue reading

Enterprise access model

On March 6, 2021 By Severin Winkler In Gefundenes

This document describes an overall enterprise access model that includes context of how a privileged access strategy fits in. For a roadmap on how to adopt a privileged access strategy, see the rapid modernization plan …

Continue reading

Posts navigation

«Previous Posts 1 2 3 Next Posts»

Recent Posts

  • Sysmon Tools
  • Secrets of Successful Security Programs – Part 1
  • Blockchain + SSI = ID?
  • Microsoft 365 Licensing
  • Antivirus Event Analysis Cheat Sheet v1.8.2

Archives

  • March 2022
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • October 2020

Categories

  • Gefundenes
  • Uncategorized
WordPress Theme: Chronus by ThemeZee.