akde/infosec

Information security is ultimately about managing risk

Video: Elevating your Windows Privileges Like a Boss! — Jake Williams

  • Pen­testers love 0days and cool exploits.
  • There are FAR more mis­con­fig­u­ra­tions than vulns.”
  • Vulns will be detect­ed and patch­es by Nes­sus, Nex­pose, etc.”
  • Mis­con­fig­u­ra­tions typ­i­cal­ly are missed by scanners.”
  • You want to increase secu­ri­ty? Go to your boss and change the job descrip­tions of admins to include con­fi­den­tial­ty and integri­ty. That mat­ters more than any­thing else.”
  • If you want to be caught, espe­cial­ly in a enter­prise envi­ron­ment, use PowerShell.”

Leave a Reply

About

Personal collection of some infosec stuff. Primary purpose of this site is to collect and organize for myself.

Note: Some content is not publicly visible due to copyright issues. Therefore, some links could be broken.

Checklists

Categories

Checklists: Ports

python -c 'import pty;pty.spawn("/bin/bash")';

python3 -c 'import pty;pty.spawn("/bin/bash")';