bolha.us

0 posts0 participants0 posts today

0x40kYikes, looks like OttoKit/SureTriggers for WordPress is causing some serious trouble again! 🤦‍♂️We're talking a nasty Authorization Bypass (CVE-2025-3102, if you need the specifics) that basically lets attackers waltz right in and create their own admin accounts. Not good.Seriously, updating to version 1.0.79 isn't just recommended, it's *crucial*. Don't leave the door wide open for attackers! Plus, your clients will definitely appreciate you keeping their sites safe from this kind of mess.It's situations like these that really highlight something important: While automated scans have their place, they simply can't replace a thorough pentest. That's how you uncover these deeper, critical vulnerabilities.So, take a moment and double-check your WordPress installations, folks!Speaking of which, quick question for the community: What are your favorite, must-have WordPress security plugins? Drop your recommendations below! 👇<a href="https://infosec.exchange/tags/wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#wordpress</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

0x40kWhoa, just checked out the latest GitGuardian report. It's wild how many secrets popped up *again*! 😳 We're talking millions of credentials just floating around out there.And here's the kicker: it's not *only* about human slip-ups anymore. You've got more and more 'Non-Human Identities' (NHIs) – think bots, scripts, AI agents – churning out secrets too. And honestly? Those NHI secrets often get way less attention than the ones people handle.As a pentester, I bump into this constantly. Find an old, forgotten API key lying around, and *boom* – system's compromised. 🤦‍♂️ Yeah, automated scans are definitely helpful, but nothing beats having solid secrets management in place. It's absolutely crucial.So, how's everyone else keeping their secrets locked down? Got any killer best practices to share?<a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentest</a> <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a> <a href="https://infosec.exchange/tags/SecretsManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecretsManagement</a>

Will HuntTop <a href="https://infosec.exchange/tags/hashcat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hashcat</a> tip:Want per-position duplication in your rules to leverage your GPU?It's not available in a single op, but you can emulate it by incrementally duplicating the first N chars, and then incrementally deleting the position and frequency of the redundant characters<a href="https://infosec.exchange/tags/password" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#password</a> <a href="https://infosec.exchange/tags/passwordcracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passwordcracking</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a>

0x40kAlright, security pros! 🤓 Just stumbled upon another article about pentesting, and it really hit home. 💯 You know how clients sometimes assume that just having security certificates and a firewall means they're totally secure?Well, let's be real, that's often far from the truth. 🤷‍♂️Here's the deal: Real penetration testing is *way* more than just running an automated scan. It actually demands brainpower, a dose of creativity, and the knack for thinking way outside the box. 🧠 You've gotta get creative!And yeah, proper security isn't free. But isn't it way better to invest upfront than deal with a potentially massive (and costly) mess later on? 🩸 Makes sense, right?So, what have you seen out there? What are the so-called "quick fixes" in security that drive you absolutely nuts? Let me know below! 👇<a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentest</a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://infosec.exchange/tags/NoQuickFixes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NoQuickFixes</a>

0x40kSeriously, EncryptHub isn't messing around! 🤯 They've jumped *right* on that Windows bug (CVE-2025-26633) that literally *just* got fixed. Talk about moving fast...So, the exploit? It involves the Microsoft Management Console (MMC), those MSC files, and something called MUIPath. Sounds pretty techy, right? But basically, it's a clever workaround. EncryptHub crafts two MSC files – same name, one legit, one malicious. Windows doesn't double-check properly and ends up loading the nasty one. Boom! 💥You see, as a pentester, I constantly witness attackers twisting legitimate system functions just like this. Your automated scanners? Yeah, they'll likely miss it completely. This kind of thing really needs hands-on analysis to catch. And yeah, updates are crucial, folks! Make sure you get CVE-2025-26633 patched ASAP. Oh, and those random MSI installers from sources you don't know? Big nope. Steer clear! ☝️Have you run into attacks like this before? Or maybe you've got some other sneaky Windows tricks up your sleeve? Drop 'em in the comments!<a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentest</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ZeroDay</a>

ThexNumb (Ali Mousavi)assume that in a pentest project arrive to a xml file that may leads us to compromised the system so beside of regular attacks what we can do? <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a>

LMG SecurityLearn how to pentest your own network in our new step-by-step guide from Senior Cybersecurity Consultant Bryan Bijonowski Jr. Bryan explains why penetration testing is crucial for identifying weaknesses before attackers do, then guides IT professionals through the process of pentesting their own networks to strengthen their organization's defenses and significantly reduce cybersecurity risks!Check it out: <a href="https://www.lmgsecurity.com/how-to-pentest-your-own-network-a-7-step-guide-for-it-pros/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.lmgsecurity.com/how-to-pentest-your-own-network-a-7-step-guide-for-it-pros/</a><a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentest</a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentesting</a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DFIR</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://infosec.exchange/tags/riskmanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#riskmanagement</a> <a href="https://infosec.exchange/tags/ITsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ITsecurity</a> <a href="https://infosec.exchange/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IT</a> <a href="https://infosec.exchange/tags/CISO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CISO</a>

kingthorin_rm📰 <a href="https://infosec.exchange/@zaproxy" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@zaproxy</a> ⚡ release 2.16.1 just landed: <a href="https://www.zaproxy.org/blog/2025-03-25-zap-2-16-1/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.zaproxy.org/blog/2025-03-25-zap-2-16-1/</a><a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/WebAppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAppSec</a> <a href="https://infosec.exchange/tags/BugBountyTips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BugBountyTips</a> <a href="https://infosec.exchange/tags/PenTest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PenTest</a> <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevSecOps</a>

Iceman🚀 Proxmark3 v4.20142 "Blue Ice" is live! 🎉 With 20,000 commits, this community-driven release brings powerful new features for RFID security. Huge thanks to all contributors! 🔓🔧 <a href="https://chaos.social/tags/RFIDHacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RFIDHacking</a> <a href="https://chaos.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://chaos.social/tags/PenTest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PenTest</a> <a href="https://chaos.social/tags/Proxmark3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Proxmark3</a> <a href="https://chaos.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://chaos.social/tags/RedTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RedTeam</a><a href="https://github.com/RfidResearchGroup/proxmark3/releases" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/RfidResearchGroup/proxmark3/releases</a>

0x40kWhoa, things are really popping off! 🤯 Raspberry Robin's at it again. They've found 200 *new* C2 domains? It's like battling a hydra – chop off one head, and boom, two more appear. 🐍These Initial Access Brokers (IABs) are seriously nasty. They're basically opening the floodgates for other malware. And get this, USB drives are the gateway? Seriously, who still falls for that? But, I guess sometimes the old-school methods are, unfortunately, effective. 🤦‍♂️It makes you wonder: how many companies *actually* have a clue what's happening on their network? For real, would they even notice this kind of threat spreading? 🤔Here's my take: keep a close eye on network traffic. Plus, it's time to rethink that USB policy, and be extra careful with Discord downloads. And, for crying out loud, stop plugging in every random USB drive you find! ☝️So, what wild IAB stories have *you* encountered? Let's hear 'em!<a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentest</a> <a href="https://infosec.exchange/tags/RaspberryRobin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RaspberryRobin</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a>

Lenin alevski 🕵️💻New Open-Source Tool Spotlight 🚨🚨🚨CrackMapExec is a post-exploitation tool for penetration testers. It automates tasks like credential validation, lateral movement, and Active Directory enumeration on Windows environments. Built on Python, it supports SMB, WinRM, and other protocols. Extremely useful for red team assessments. <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/PenTest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PenTest</a>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> 👉 <a href="https://github.com/byt3bl33d3r/CrackMapExec" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/byt3bl33d3r/CrackMapExec</a><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Software</a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Technology</a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#News</a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CTF</a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecuritycareer</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#blueteam</a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#purpleteam</a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tips</a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloudsecurity</a>— ✨ 🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

0x40kHey everyone, does this sound familiar? You install a Python package and suddenly feel like you've been robbed blind? 😂Right now, there's a nasty campaign going on targeting PyPI, and it's misusing "time" utilities to swipe cloud credentials. Get this – it's already had over 14,000 downloads! The malware hides in packages that are *supposed* to just check the time. But instead, they're snatching cloud keys (AWS, Azure, the works) and sending them straight to the bad guys.Honestly, it reminds me of a pentest we did where we *almost* missed a similar camouflage trick. Seriously creepy! So, heads up: Double-check your dependencies, run those scans, review your cloud configurations, and above all, be suspicious! And hey, just a friendly reminder: automated scans are no substitute for a manual pentest!Have you run into anything similar? What tools are you using to beef up your security? Let's chat about it!<a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#python</a> <a href="https://infosec.exchange/tags/pypi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pypi</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloudsecurity</a>

r1cksecA Windows standalone executable tool that allows you to change the password of user/computer accounts in Active Directory (AD) via MS-SAMR protocol🕵️‍♂️ <a href="https://github.com/decoder-it/ChgPass" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/decoder-it/ChgPass</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a>

r1cksecAn article about the security implications of abandoned third-party JavaScript libraries🕵️‍♂️ <a href="https://blog.fraktal.fi/examining-external-dependencies-in-web-applications-0846894cecdd" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.fraktal.fi/examining-external-dependencies-in-web-applications-0846894cecdd</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/web" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#web</a> <a href="https://infosec.exchange/tags/javascript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#javascript</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a>

0x40kAttack graphs, cool stuff, right? 😎 They basically map out potential attack pathways into your network. Think of it as an interactive GPS, but for cyber attackers navigating your system.A lot of folks figure a simple pentest is enough... Wrong! Attack graphs are way more dynamic. They show you the possible attack paths *before* an incident even happens. It’s preventative pentesting, essentially. 🤓Here's a crucial point: don't *just* look at CVSS scores! Attack graphs reveal which vulnerabilities are truly dangerous *because* they can be chained together. *That's* where the real value lies! 🔥So, are you already leveraging attack graphs? Or are you sticking with more traditional vulnerability scans? 🤔<a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/attackgraph" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#attackgraph</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a>

r1cksecChrome browser extension-based Command & Control🕵️‍♂️ <a href="https://github.com/Darkrain2009/RedExt" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/Darkrain2009/RedExt</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a> <a href="https://infosec.exchange/tags/browser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#browser</a>

0x40kHey Android folks, listen up! 👀 Google just dropped a crucial security update that you seriously need to check out. It might just be relevant to your phone. Word on the street is, two of the patched vulnerabilities are already being exploited in the wild. Crazy, right? 😬This reminds me of those chats I have with clients: "So, Android's secure, yeah?" Well... Privilege Escalation basically means an attacker can snag more permissions on your device. In short: hackers can potentially grab your data! 😱They've squashed a whopping 44 vulnerabilities in this March update. CVE-2024-43093 & CVE-2024-50302 are seriously critical. Apparently, CVE-2024-50302 was even leveraged by Cellebrite to get into an activist's phone. Wild stuff! 😳Go ahead and check your Android version and smash that update button ASAP (look for 2025-03-01 or 2025-03-05)! Also, be extra careful with apps from sources you don't know. Regular security checks are a must, even on your smartphone.Have you already installed the update? Any thoughts or experiences with Android security? 🤔<a href="https://infosec.exchange/tags/AndroidSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AndroidSecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a>

Shawn Hooper (he/him)Looking for a good Canadian pen tester for a web application. Specifically one who bills in CAD. Any recommendations? <a href="https://fosstodon.org/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#appsec</a> <a href="https://fosstodon.org/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://fosstodon.org/tags/canada" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#canada</a>

r1cksecExploitation of the container runtime socket to move laterally or to escalate privileges🕵️‍♂️ <a href="https://thegreycorner.com/2025/02/12/containerd-socket-exploitation-part-1.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://thegreycorner.com/2025/02/12/containerd-socket-exploitation-part-1.html</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#docker</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a>

r1cksecSoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts🕵️‍♂️ <a href="https://github.com/logangoins/SoaPy" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/logangoins/SoaPy</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/activedirectory" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#activedirectory</a> <a href="https://infosec.exchange/tags/windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#windows</a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#redteam</a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a>

Recent searches

Search options

Administered by:

Server stats:

#pentest