Part 16: Tool Description Why it is Difficult to Say What a Tool Does

Why it is difficult to say what a tool does? 🤔

In Part 16 of his On Detection blog series, Jared Atkinson unpacks two examples demonstrating this problem and why it exists. ghst.ly/3C9uA6u

GitHub - dirkjanm/BloodHound.py: A Python based ingestor for BloodHound A Python based ingestor for BloodHound. Contribute to dirkjanm/BloodHound.py development by creating an account on GitHub.

Few BloodHound python updates: LDAP channel binding is now supported with Kerberos auth (native) or with NTLM (custom ldap3 version). Furthermore, the BH CE collector now has its own pypi package and command. You can have both on the same system with pipx. github.com/dirkjanm/Blo...

Two new modules for MSSQL on NXC, thanks to the contributions of @lodos2005.bsky.social and @adamkadaban.bsky.social 🔥

- rid-brute from mssql
- mssql_coerce from mssql

github.com/Pennyw0rth/N...

Relaying Kerberos over SMB using krbrelayx

Interesting blog post from Synacktiv on relaying kerberos over smb (based on the work of @decoder-it.bsky.social and @tiraniddo.bsky.social )
www.synacktiv.com/publications...

CVEs of SSH A talk about recent high-profile issues related to the SSH ecosystem.

Hey folks! Just wanted to let you know we're (we being my company in this case) doing an open webinar on "CVEs of SSH", led by Dan Murray. It will happen this Thursday 8pm CET. If you're interested, check out hexarcana.ch/workshops/cv...

LOLESXi

LOLESXi features a comprehensive list of binaries/scripts natively available in VMware ESXi that adversaries have utilised in their operations.

lolesxi-project.github.io/LOLESXi/

#infosec #pentest #redteam #blueteam