Pentest Team @greenhats.com – Medium

Pentest Team @greenhats.com

Pinned

Pentest Team @greenhats.com

Discovery of a reflective XSS vulnerability in ARP Guard software (CVE-2023–39575)

Introduction We recently executed an internal security assessment for a customer. During this engagement we discovered a vulnerability in…

3 min readJun 21, 2023

--

Typical GET request on the login page

--

Pentest Team @greenhats.com

Useful links / software for daily work in IT

2 min readApr 8, 2024

--

--

Pentest Team @greenhats.com

Implementing accessed_at to ActiveStorage Blob in Ruby on Rails

Implementing accessed_at in ActiveStorage Blob with Ruby on Rails: Tracking file access and adding authentication for secure downloads…

4 min readSep 9, 2023

--

Implementing accessed_at to ActiveStorage Blob in Ruby on Rails

--

Pentest Team @greenhats.com

Uptime and Network Monitoring While Pentesting: Ensuring Service Continuity and Early Detection

In the realm of penetration testing, it is essential to maintain an overview of the target environment while conducting simulated attacks…

3 min readJul 26, 2023

--

Uptime and Network Monitoring While Pentesting: Ensuring Service Continuity and Early Detection

--

Pentest Team @greenhats.com

A short white box code audit of avo

We conducted a two-day penetration test on the product “Avo”, which is a Ruby / Ruby on Rails gem for building administrative interfaces…

2 min readJun 5, 2023

--

--

Pentest Team @greenhats.com

Defeat LAPS with NTLMv1-Relay

In our internal pentests, relay attacks that use the NTLMv1 protocol are still successful (unfortunately). Many older systems cannot be…

3 min readOct 13, 2022

--

Defeat LAPS with NTLMv1-Relay

--

Pentest Team @greenhats.com

LDAP Monitor — Live-Überwachung für Veränderungen an LDAP Objekten

Das ist mal wieder ein klassisches Beispiel für sogenannte “dual use software”. In unserem Pentest-Alltag nutzen wir immer häufiger die…

1 min readOct 19, 2021

--

LDAP Monitor — Live-Überwachung für Veränderungen an LDAP Objekten

--

Pentest Team @greenhats.com

Disable advanced EDR solutions by abusing Microsoft signed kernel driver

In our daily research we discovered an awesome project on Github that focused on killing protected processes, especially modern anti…

2 min readJul 1, 2021

--

Disable advanced EDR solutions by abusing Microsoft signed kernel driver

--

Pentest Team @greenhats.com

Die Handynummer und den Beziehungsstatus vom schönen Mädchen aus der Nachbarschaft gibt es jetzt…

Bereits 2019 wurden die 533 Millionen privaten Facebook Profil-Daten von Hackern über eine Schwachstelle in dem sozialen Netzwerk…

2 min readApr 6, 2021

--

Die Handynummer und den Beziehungsstatus vom schönen Mädchen aus der Nachbarschaft gibt es jetzt…

--

Pentest Team @greenhats.com

TryHackMe - envizon

As the creator of the room we want to publish a clean, complete and intended write-up for the community to share a bit knowlege about…

6 min readNov 29, 2020

--

TryHackMe - envizon

--

Pentest Team @greenhats.com

Pentest Team @greenhats.com

evait security GmbH (aka pentest team of greenhats): full time white hacking / pentesting company who always stays on bleeding edge - https://www.greenhats.com

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams