Research

ManageEngine ADAudit - Reverse engineering Windows RPC to find CVEs - part 1 / RPC

Follow along a journey to find vulnerabilities in the RPC functionaliy of ManageEngine ADAudit

ManageEngine ADAudit - Reverse engineering Windows RPC to find CVEs - part 2 / reverse engineering

Part 2 of the ManageEngine ADAudit research focuses on reverse engineering the ADAudit Agent to provide proper input data for the previously built custom RPC client

ManageEngine ADAudit - Reverse engineering Windows RPC to find CVEs - part 3/reverse engineering cryptography

Part 3 of the ManageEngine ADAudit research focuses on how AES encrpytion was implemented in the ADAudit Agent, and how it was bypassed

Reshaper - The guide to the ultimate Burp plugin for advanced shenanigans

Have you ever had issues with CSRF tokens during a web assessment? Or drop data from burp to commandline for parsing? This is the guide to leverage the power of the Reshaper plugin developed by @ddwightx

Microsoft Configuration Manager - New attack paths using ConfigMgr WebService extension

New research into an (legacy) extension for Microsoft Endpoint Configuration Manager/SCCM/ConfigMgr reveal new attack paths for Active Directory domain compromise or elevation of privileges.

Introducing cmloot.py - New tooling for attacking Configuration Manager

cmloot.py introduces new angles to exploit Configuration Manager, which has become the new black in internal security assessments of Active Directory environments.