ID: T1553.003 Description: Detects modifications to SIP and Trust Provider-related registry keys/values by a non-Administrator user. Links:https://attack.mitre.org/techniques/T1553/003/Red Teaming ExperimentsSpecterOps Subverting Trust in Windows
Author: misterjanson
Password Cracking Demo
This is a recording based on a presentation I gave at the 2019 Cerdant Security Conference in Dublin, OH. Included in this presentation: Core Hash Cracking KnowledgeOverview of Cracking MethodologyLive Password Crack (Mask Attack)Pen Test Demonstration (DWVA & SQLMap) https://www.youtube.com/watch?v=3sk0q8WK2Ek&t=17s
Protected: Lab – Post Exploitation
There is no excerpt because this is a protected post.
Meterpreter Remote Port Scan
Performing remote network scan via meterpreter session. Check IP configuration of compromised host: meterpreter > ifconfig Interface 2 ============ Name : AMD PCNET Family PCI Ethernet Adapter - Packet Scheduler Miniport Hardware MAC : 00:50:56:87:a6:9c MTU : 1500 IPv4 Address : 10.32.120.15 IPv4 Netmask : 255.255.255.0 ARP scan of remote subnet. Using -r to set … Continue reading Meterpreter Remote Port Scan
Capture ATP Overview and Demo
This is a recording I did for Cerdant from July 2017. https://www.youtube.com/watch?v=9uzzAeTjM1s
Cylance Overview and Demo
This is a recording I did for Cerdant from May 2018. https://www.youtube.com/watch?v=EhClY7Vx9QQ&t=794s
SonicWall Diag Page
Internal settings can be accessed via the "diag" page. The SonicWall Disclmaimer reads: "THE FOLLOWING FEATURES AND DIAGNOSTIC ROUTINES ARE NOT SUPPORTED BY SonicWall, Inc.. SonicWall makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty." Location: Access starting in SonicOS 7: https://<ip_address>/sonicui/7/m/mgmt/settings/diagAccess … Continue reading SonicWall Diag Page
SonicOS 7
Diag page: /sonicui/7/m/mgmt/settings/diag
XSS
Sample Alerts: <script>(alert'XSS')<script>
Jason Palm 