Chetan (Che) Bhatia’s Post

Managing Director, Aon Cyber Solutions, Stroz Friedberg Digital Forensics & Incident Response

5mo Edited

In a recent post by my colleague Apurva Goenka, we discuss DNSForge, a novel attacker tactic for responding to name resolution requests made to the authoritative DNS server in an internal network landscape, achieving interception and reuse of system credentials without user interaction. Read more and access the GitHub code here: https://aon.io/3ZzNZXC

1 Comment

Scott Unger

Director of Global Channel Account Management, Keeper Security .

5mo

It’s always dns….

1 Reaction

To view or add a comment, sign in

More Relevant Posts

Sprocket Security

3,084 followers
10mo
Report this post
Critical Sprocket finding: NFS Shares World Readable. During a pentest we discovered that the client's NFS server was exporting shares without restricting access based on hostname, IP or IP range. Here's the finding we sent to the client 👇
Like Comment
To view or add a comment, sign in
Jay Longley

Father, Award Winning CEO & Technologist, Cybersecurity and AI Expert, Founder, Board Member, & Seaplane Pilot
1mo Edited
Report this post
Search for your IP to see if it was in the Fortigate breach list, here on my Github. If you find your IP listed, message me, so we can assess your exposure. #belsen #belesn #fortigate

GitHub - tacticalware/belsen-fortigate-leak

github.com
Like Comment
To view or add a comment, sign in
CVE Find

177 followers
7mo
Report this post
[CVE-2024-21552: CRITICAL] All versions of `SuperAGI` are vulnerable to Arbitrary Code Execution due to unsafe use of the ‘eval’ function. An attacker could induce the LLM output to exploit this vulnerability and gain arbitrary code execution on the SuperAGI application server. https://lnkd.in/eY7Ey7r3
Like Comment
To view or add a comment, sign in
Abdullah Rizwan

Security Consultant | OSCP | CREST CRT
7mo
Report this post
Phantom from Vulnlab involved decrypting a veracrypt drive having a vyos configuration file, performing resource based constrained delegation with spn less user. https://lnkd.in/d3EQsrRf

Vulnlab — Phantom

arz101.medium.com
Like Comment
To view or add a comment, sign in
Wilmer Rivera-Fantauzzi

Retired IT Service Management Specialist at Department of Veterans Affairs
9mo Edited
Report this post
My active response bash script with iptables has evolved to 500,000 plus lines of iptables rules. It has a mind of it's own based on set parameters. It will continue to evolve since malicious acts are most common. My blocklist is closer to 700 IP Addresses. I have added redundancy.
Like Comment
To view or add a comment, sign in
Harsh Jindal

CS Undergrad | Fullstack Developer | TypeScript, React, Node.js, Next.js | Building in public🤖
7mo Edited
Report this post
Day 6 with @kirat_tw Cohort 2.0!🚀 ▸ Learned about authentication ▸ Got a brief intro to hashing and encryption ▸ Explored JSON Web Tokens (JWT) used in the authentication process How do you handle security in your applications?🤖
Like Comment
To view or add a comment, sign in
Muhammad Ali Jarral

"Cyber Security Analyst | PEH | ISO/IEC 27001 InfoSec Associate | Junior Penetration Tester | Bug Bounty Hunter | Software Engineering Student | HackTheBox | TryHackMe"
10mo
Report this post
🔒 Just completed a Server-Side Vulnerability Lab: User Role Controlled by Request Parameter! 🛡️ In this lab, I used Burp Suite to intercept and modify requests. By tweaking parameters, I was able to elevate my user role from standard to admin. This allowed me to access the administrator panel and delete an admin profile named Carlos. #WebSecurity #BurpSuite #EthicalHacking PortSwigger

Lab: User role controlled by request parameter | Web Security Academy

portswigger.net
Like Comment
To view or add a comment, sign in
Marian Ilie

"I have no special talent. I am only passionately curious." Albert Einstein
2mo
Report this post
In this video, I demonstrate how I hacked an Active Directory target using 4 attack paths!

4 Active Directory Attacks to become Domain Admin!

https://www.youtube.com/
Like Comment
To view or add a comment, sign in
Slade Griffin
5mo
Report this post
Quick fix: Remove cups-browsed, block UDP port 631

Critical doomsday Linux bug is CUPS-based vulnerability

theregister.com
Like Comment
To view or add a comment, sign in
Ali Gamareldin

Software Developer
10mo
Report this post
hi everyone, in the 0x10. HTTPS SSL project I learned about HTTPS SSL 2 main roles, encrypting traffic and what HAproxy SSL termination means, the first task of the project was about configuring my domain zone so that the subdomain `www` points to my load-balancer IP (lb-01), and write a Bash script that will display information about the subdomains, in this task I used `dig` to fetch the information needed and manipulate it with `awk` command, the second task I create a certificate using `certbot` and configure the `HAproxy` load balancer to accept encrypted traffic for the subdomain `www`. link to the repository: https://lnkd.in/e-dG4uTX Day 1 of #100DaysOfALXSE

2 Comments
Like Comment
To view or add a comment, sign in

5,063 followers

124 Posts

View Profile Follow

Chetan (Che) Bhatia’s Post

More Relevant Posts

4 Active Directory Attacks to become Domain Admin!

https://www.youtube.com/

Explore topics