Pentest Team @greenhats.com

27 Followers

Pinned

Pentesters choice: Useful links / software for daily work in IT

Here you will find a current selection of useful websites or open source software that can make everyday life in the IT department easier.

Apr 8

Pentest Team @greenhats.com

Implementing accessed_at to ActiveStorage Blob in Ruby on Rails

Implementing accessed_at in ActiveStorage Blob with Ruby on Rails: Tracking file access and adding authentication for secure downloads…

Sep 9, 2023

Implementing accessed_at to ActiveStorage Blob in Ruby on Rails

Sep 9, 2023

Pentest Team @greenhats.com

Uptime and Network Monitoring While Pentesting: Ensuring Service Continuity and Early Detection

In the realm of penetration testing, it is essential to maintain an overview of the target environment while conducting simulated attacks…

Jul 26, 2023

Uptime and Network Monitoring While Pentesting: Ensuring Service Continuity and Early Detection

Jul 26, 2023

Pentest Team @greenhats.com

Discovery of a reflective XSS vulnerability in ARP Guard software (CVE-2023–39575)

Introduction We recently executed an internal security assessment for a customer. During this engagement we discovered a vulnerability in…

Jun 21, 2023

Jun 21, 2023

Pentest Team @greenhats.com

A short white box code audit of avo

We conducted a two-day penetration test on the product “Avo”, which is a Ruby / Ruby on Rails gem for building administrative interfaces…

Jun 5, 2023

Pentest Team @greenhats.com

Defeat LAPS with NTLMv1-Relay

In our internal pentests, relay attacks that use the NTLMv1 protocol are still successful (unfortunately). Many older systems cannot be…

Oct 13, 2022

Oct 13, 2022

Pentest Team @greenhats.com

LDAP Monitor — Live-Überwachung für Veränderungen an LDAP Objekten

Das ist mal wieder ein klassisches Beispiel für sogenannte “dual use software”. In unserem Pentest-Alltag nutzen wir immer häufiger die…

Oct 19, 2021

LDAP Monitor — Live-Überwachung für Veränderungen an LDAP Objekten

Oct 19, 2021

Pentest Team @greenhats.com

Disable advanced EDR solutions by abusing Microsoft signed kernel driver

In our daily research we discovered an awesome project on Github that focused on killing protected processes, especially modern anti…

Jul 1, 2021

Disable advanced EDR solutions by abusing Microsoft signed kernel driver

Jul 1, 2021

Pentest Team @greenhats.com

Die Handynummer und den Beziehungsstatus vom schönen Mädchen aus der Nachbarschaft gibt es jetzt…

Bereits 2019 wurden die 533 Millionen privaten Facebook Profil-Daten von Hackern über eine Schwachstelle in dem sozialen Netzwerk…

Apr 6, 2021

Die Handynummer und den Beziehungsstatus vom schönen Mädchen aus der Nachbarschaft gibt es jetzt…

Apr 6, 2021

Pentest Team @greenhats.com

TryHackMe - envizon

As the creator of the room we want to publish a clean, complete and intended write-up for the community to share a bit knowlege about…

Nov 29, 2020

Nov 29, 2020