Clik here to view.
Infosec Tool List Update December 2020
I spend a few hours every day looking for new security tools. I try to categorize them in a way that makes sense to me.Hopefully this helps someone learn about tools they haven’t seen before. I believe...
View ArticleClik here to view.
Bypass AV/EDR with Safe Mode?
Guess what might not be running in safe mode? An AV/EDR. Also, attackers do NOT need to be physically in front of the machine to run in safe mode. I learned about this technique reading about snatch...
View ArticleClik here to view.
Finding writable folders and hijackable DLLs
This is pretty straight forward. All of the hard work was already done by Petr Hinchley and Matt Hand. This finds writable folders and hijackable DLLs.First I had to compile HijackHunter from Matt...
View ArticleClik here to view.
Run Kali Linux on Windows without admin rights or installation
A while back I was trying to follow the steps of another article (link below) but I could never get it to work correctly and see the network. This was itching my brain so I finally looked at it again...
View ArticleClik here to view.
Dynamic passwords, process hollowing and packers test
This is an educational walk through of me testing with dynamic passwords, process hollowing and packers.First, I want to create a realistic program that does something useful. I’ll add in “hidden”...
View ArticleClik here to view.
Changing file properties to lower virus total detection
This is not new, I read about it somewhere else (Thank you to whoever wrote the article I read, I didn’t bookmark it to give you credit ☹).I’m just writing about it so I don’t forget 😊.All of the...
View ArticleClik here to view.
Find Suspicious Permissions
I’m sure this is not net but it is new to me. Maybe you are making sure there are not admins on machines but are you checking for regular users with effectively admin permissions?To figure this out, I...
View ArticleClik here to view.
Brute force domain cached credentials
Have I always been able to brute force domain cached credentials just by disabling the network or is my AD lab messed up? I’m sure this isn’t new but it is new to me. My lockout is set but disabling...
View ArticleClik here to view.
Some things to better protect my home network
Here are some things I do to better protect my home network. There are much more qualified people that have written much better articles on this topic but this is just what I do.I bought a reputable...
View ArticleClik here to view.
Windows Defender Exclusion Persistence with Registry.pol
I didn’t research if anyone already found this. I don’t imagine I am the first person that found this.For starters I have one exclusion specified for some testingan excluded folderHere is the path in...
View Article
