ITSEC Newsletter
Posts
ITSEC Newsletter 2023-07-20

ITSEC Newsletter 2023-07-20

Red team is best team

Henrik Falk
July 20, 2023

Read memory dumps without a cat.

The aim of this article is to provide an insight in the most hidden secrets of the hacker world and the inner workings of their most holy tools, or maybe it is just an article how to read and parse LSASS memory dumps.

powerseb.github.io/posts/LSASS-parsing-without-a-cat

“The aim of this article is to provide an insight in the most hidden secrets of the hacker world and the inner workings of their most holy tools, or maybe it is just an article how to read and parse LSASS memory dumps.“

Breaking it Down to Build it Up: A Journey Through Reverse Engineering

So, you’ve decided to delve into the world of reverse engineering? That’s super exciting, and we couldn’t be more thrilled to guide you on this thrilling journey. Whether you̵…

www.codelivly.com/a-journey-through-reverse-engineering

“In this guide, we’re about to embark on an epic adventure – from understanding the basics of reverse engineering to mastering the advanced techniques, and even applying these in real-world scenarios. But don’t worry, we’ll walk you through each step of this roadmap, ensuring you understand the concepts, practices, and even the ethical implications involved in reverse engineering.“

The Phantom Menace: Exposing hidden risks through ACLs in Active Directory (Part 1)

The abuse of misconfigured Access Control Lists is nothing new. However, it is still one of the main ways of lateral movement and privilege escalation within an active directory domain.

labs.lares.com/securing-active-directory-via-acls

“In this post, we will discuss, in a general overview, some concepts that will help us understand how Windows handles access relationships and privileges between objects and how to enumerate these relationships.“