Posts

Showing posts from 2020

Symantec Protection Engine (SPE) - ICAP bypass

-
 Hello folks! A couple of weeks ago I found a security issue on Symantec Protection Engine which could lead to ICAP inspection bypass. Check it out here !
Post a Comment
Read more

Hash Spraying Attack

-
Hello folks, A couple of weeks ago I put together a Medium Story about the Hash Spraying Attack . Enjoy it!
Post a Comment
Read more

Microsoft Office 365 user enumeration and Burp Suite: a how to guide

-
Hello folks, I've put together a quick how to guide on how to perform user enumeration on Microsoft Office 365. Enjoy it here !
Post a Comment
Read more

Google Cloud Security - Enumeration using curl

-
Hello folks, It is been a while since my last post. Recently the GitLab Red Team published a pretty comprehensive material about privilege escalation and post exploitation tactics on the Google Cloud Platform (GCP). I've made a fork of their enumeration tool and added a few enumerations to it. Aside of it, I've also created a second enumeration tool which is totally independent on the Google Cloud SDK being installed on the target machine, requiring only curl. Check it out here !
Post a Comment
Read more