PinnedPentest Team @greenhats.comPentesters choice: Useful links / software for daily work in ITHere you will find a current selection of useful websites or open source software that can make everyday life in the IT department easier.Apr 8Apr 8
Pentest Team @greenhats.comImplementing accessed_at to ActiveStorage Blob in Ruby on RailsImplementing accessed_at in ActiveStorage Blob with Ruby on Rails: Tracking file access and adding authentication for secure downloads…Sep 9, 2023Sep 9, 2023
Pentest Team @greenhats.comUptime and Network Monitoring While Pentesting: Ensuring Service Continuity and Early DetectionIn the realm of penetration testing, it is essential to maintain an overview of the target environment while conducting simulated attacks…Jul 26, 2023Jul 26, 2023
Pentest Team @greenhats.comDiscovery of a reflective XSS vulnerability in ARP Guard software (CVE-2023–39575)Introduction We recently executed an internal security assessment for a customer. During this engagement we discovered a vulnerability in…Jun 21, 20238Jun 21, 20238
Pentest Team @greenhats.comA short white box code audit of avoWe conducted a two-day penetration test on the product “Avo”, which is a Ruby / Ruby on Rails gem for building administrative interfaces…Jun 5, 2023Jun 5, 2023
Pentest Team @greenhats.comDefeat LAPS with NTLMv1-RelayIn our internal pentests, relay attacks that use the NTLMv1 protocol are still successful (unfortunately). Many older systems cannot be…Oct 13, 2022Oct 13, 2022
Pentest Team @greenhats.comLDAP Monitor — Live-Überwachung für Veränderungen an LDAP ObjektenDas ist mal wieder ein klassisches Beispiel für sogenannte “dual use software”. In unserem Pentest-Alltag nutzen wir immer häufiger die…Oct 19, 2021Oct 19, 2021
Pentest Team @greenhats.comDisable advanced EDR solutions by abusing Microsoft signed kernel driverIn our daily research we discovered an awesome project on Github that focused on killing protected processes, especially modern anti…Jul 1, 2021Jul 1, 2021
Pentest Team @greenhats.comDie Handynummer und den Beziehungsstatus vom schönen Mädchen aus der Nachbarschaft gibt es jetzt…Bereits 2019 wurden die 533 Millionen privaten Facebook Profil-Daten von Hackern über eine Schwachstelle in dem sozialen Netzwerk…Apr 6, 2021Apr 6, 2021
Pentest Team @greenhats.comTryHackMe - envizonAs the creator of the room we want to publish a clean, complete and intended write-up for the community to share a bit knowlege about…Nov 29, 2020Nov 29, 2020