ITSEC Newsletter
Posts
ITSEC Newsletter 2023-08-10

ITSEC Newsletter 2023-08-10

Red team is best team

Henrik Falk
August 10, 2023

An Introduction to Exploit Reliability

Earlier this year I was invited to give a talk at University of California San Diego (UCSD) for Nadia Heninger's CSE 127 ("Intro to Computer Security"). I chose to talk about modern exploit development, stepping through the process of finding and exploiting some of the memory corruption bugs that the

blog.isosceles.com/an-introduction-to-exploit-reliability

"One interesting effect of planning a talk about exploit development in an academic setting is remembering how un-referenceable large parts of exploit development really are. These days you can find some great resources for the parts about finding a good bug and building a proof-of-concept exploit, but there's not much beyond that. Turning a proof-of-concept into a fully-fledged product that can be packaged up and sold as a capability is something entirely different, and that work is mostly done in secret. A big consideration when you're writing exploits professionally is exploit reliability. Exploit reliability hasn't traditionally been a big focus area in the defensive community's thinking about security, so the purpose of this blog post is to explore the concept in more detail, but from a primarily defensive point of view."

Challenges In Post-Exploitation Workflows

In our previous post, we talked about the problem of structured data in the post-exploitation community. We touched on the existing…

posts.specterops.io/challenges-in-post-exploitation-workflows-2b3469810fe9

"This post shifts gears a bit and demonstrates some of our current challenges in post-exploitation workflows, some of which could be helped with structured data."

Hook, Line, and Phishlet: Conquering AD FS with Evilginx

A detailed walkthrough of the process and hurdles faced in leveraging Evilginx3 to conduct a successful phishing campaign on a AD FS protected domain.

research.aurainfosec.io/pentest/hook-line-and-phishlet

"Despite my efforts to find a detailed write-up on how to successfully phish a target where AD FS is being used, I couldn’t find a technical post covering this topic. So I saw this as an opportunity to learn something new and hopefully pass on some knowledge."

The LOL Isn’t So Funny When It Bites You in the BAS - Pentera

LOLBAS (Living Off the Land Binaries And Scripts) is an attack method that uses binaries and scripts that are already part of the system for malicious

pentera.io/blog/the-lol-isnt-so-funny-when-it-bites-you-in-the-bas

"Since LOLBAS are one of the growing trends in cyber-security attacks and they are also very hard for security solutions to detect, we set out to find new official LOLBAS. In this blog post, we’ll show how we found 12 new LOLBAS that security professionals should protect against."