域渗透之滥用SPN mappings
在刚刚结束的N1CTF中, 我出了一道很简短的域渗透题目, 其中第三关个人感觉比较有意思, 单独抽出来分享一下.
Aggregator
域渗透之滥用SPN mappings
5 years 2 months ago
在刚刚结束的N1CTF中, 我出了一道很简短的域渗透题目, 其中第三关个人感觉比较有意思, 单独抽出来分享一下.
域渗透之滥用SPN mappings
5 years 2 months ago
在刚刚结束的N1CTF中, 我出了一道很简短的域渗透题目, 其中第三关个人感觉比较有意思, 单独抽出来分享一下.
2020 DDoS Extortion Campaign -- A Sequel More Thrilling Than the Original
5 years 2 months ago
As the go-to enterprise distributed denial-of-service (DDoS) mitigation experts, our phones have been "ringing off the hook" since the release of the global extortion DDoS campaign sequel. This latest installment of the cybersecurity saga is bigger, badder, and features a broader cast of criminal characters than seen previously with last year's extortion-related activity.
Susan McReynolds
What does an offensive security team actually do?
5 years 2 months ago
There is a lot of discussion around terms such as red team, attack team, pentest, adversarial engineering or offensive security team and similar ones.
I typically stay away from the (sometimes passionate) discussions that ensue whenever this topic comes up.
Personally, I think a good strategy is to define programs and teams who operate in this space by what services the team (or teams) provide(s) to the organization.
The business groups, blue team, developers, engineers, employees and clients are the customers.
Can Edge Computing Exist Without the Edge? Part 1: The Edge
5 years 2 months ago
If the title sounds like a trick question, it really depends on who you ask. Semantically, it seems clear that if you take the "edge" and combine it with "computing" you get edge computing. But if you have been reading headlines, you would be justified in having doubts that the answer is that simple.
Ari Weil
浅谈大规模红蓝对抗攻与防
5 years 2 months ago
浅谈大规模红蓝对抗攻与防
5 years 2 months ago
浅谈大规模红蓝对抗攻与防
5 years 2 months ago
浅谈大规模红蓝对抗攻与防
5 years 2 months ago
浅谈大规模红蓝对抗攻与防
5 years 2 months ago
VMware Workstation 通过 DHCP 分配静态 IP
5 years 2 months ago
其实 VMware 自带的 DHCP 服务器就是随处可见的 ISC DHCP 服务器(dhcpd)。每个 VMware 接口都有一份 dhcpd 配置,并且用户可以像配置普通 dhcpd 一样编写这些配置来自定义 dhcpd 的行为。在此篇教程中我将记述如何通过更改该 VMware 的 DHCP 配置文件来手动分配访客网卡的 IP 地址。
Xcheck之Golang安全检查引擎
5 years 2 months ago
Golang安全检查引擎Go语言近几年开始越来越流行,凭借其强大的性能和跨平台的优势,对web和后台开发都是
Xcheck之Golang安全检查引擎
5 years 2 months ago
Golang安全检查引擎Go语言近几年开始越来越流行,凭借其强大的性能和跨平台的优势,对web和后台开发都是
Xcheck之Golang安全检查引擎
5 years 2 months ago
Golang安全检查引擎Go语言近几年开始越来越流行,凭借其强大的性能和跨平台的优势,对web和后台开发都是
DDoS Extortion Examination
5 years 2 months ago
In terms of the Distributed Denial of Service (DDoS) landscape, 2020 was almost boring prior to the beginning of August. The excitement from the record peak Gbps and Mpps seen in early summer had worn off, and we weren't seeing...
Tom Emmons
CVE-2020-8566
5 years 2 months ago
Ceph RBD adminSecrets exposed in logs when loglevel >= 4
CVE-2020-8565
5 years 2 months ago
Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9
CVE-2020-8564
5 years 2 months ago
Docker config secrets leaked when file is malformed and log level >= 4
CVE-2020-8563
5 years 2 months ago
Secret leaks in kube-controller-manager when using vSphere provider