Security News:

2020/01/14: CryptoAPI issue

Exploit proof of concept and test:



From Zero to Lateral Movement in 36 Minutes


2019/10/09: New Microsoft NTLM Flaws May Allow Full Domain Compromise


2019/09/24: Windows update zero-day



Two critical vulnerabilities in Microsoft’s NTLM authentication protocol consisting of three logical flaws make it possible for attackers to run remote code and authenticate on machines running any Windows version.



Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, which used to find the Availability of a host on an Internet Protocol (IP) network.



Corporate firewalls can block reverse and bind TCP connections.However, corporate firewalls are behind internal networks.So we can use PING ICMP Shell:



Exploiting Malwarebytes antimalware!


2019/01/24: redteam

Koadic, or COM Command & Control, is a Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. The major difference is that Koadic does most of its operations using Windows Script Host (a.k.a. JScript/VBScript):