Out of Band NTLM Relay Using Outlook CVE-2023–23397 VulnerabilityIn this article we will be focusing on an out-of-band lateral movement attack chain with the help of recent Outlook vulnerability…Apr 4, 2023Apr 4, 2023
Building a Comprehensive Lab Environment for Cybersecurity Research Part-1: Introduction & DesignIn this series I will design a small but comprehensive lab environment for cybersecurity research with different technologies and features.Feb 16, 2021Feb 16, 2021
Building a Comprehensive Lab Environment for Cybersecurity Research Part-2: Setting Up NetworksIn this write-up we are going to discuss the network design of our lab environment and the simulated WAN infrastructure.Feb 16, 20211Feb 16, 20211
Defeating RunAsPPL: Utilizing Vulnerable Drivers to Read Lsass with MimikatzIn this article we review methods to extract credentials from lsass process memory despite LSA protection and RunAsPPL registry settings.Mar 9, 2020Mar 9, 2020
Active Directory Yapısına Zincirleme Saldırı Senaryoları #3Bölüm 3: Forest’lar Arası Yatay Hareket ve Hedef Sisteme erişimJan 1, 2020Jan 1, 2020
Active Directory Yapısına Zincirleme Saldırı Senaryoları #2Bölüm 2: Forest İçerisinde Yetki YükseltmeDec 29, 2019Dec 29, 2019
Active Directory Yapısına Zincirleme Saldırı Senaryoları #1Bölüm 1: Domain İçerisinde Yetki YükseltmeDec 25, 2019Dec 25, 2019
Cobalt Strike ile Siber Saldırı Simülasyonu: Malleable Profile Kullanımı #3Cobalt Strike Malleable Profile kullanımı ve C2-Ajan arası iletişimin zararsız web trafiğine benzetilmesi üzerine bir yazı.Sep 23, 2019Sep 23, 2019
SharePoint CVE-2019–0604 RCE ExploitationThis RCE vulnerability affects Microsoft SharePoint 2019, 2016, 2013 and 2010. Patch Internet facing SharePoint servers as soon as…May 9, 20191May 9, 20191
SharePoint CVE-2019–0604 İstismarı ile Uzaktan Komut Çalıştırmaİnternet üzerinden erişim sağlanan sharepoint sunucularına ivedilikle Microsoft’un çıkarmış olduğu yamalar geçilmesi önerilmektedir.May 9, 2019May 9, 2019