The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,862 other subscribers

Archive for the ‘Red team’ Category

« Previous Entries
Next Entries »

Miguel de Icaza on Twitter: “This is so beautiful – SQL Injection attacks but for GPT-3 and other AI text models.” / Twitter

Posted by jpluimers on 2025/03/06

2.5 years after Miguel summarised the state of AI text models, and given SQL Injection (because of mixing control and data channels) still is a thing in the 2020’s, I wonder both how much improvement there has been on the AI side of things and how much it is used in pen testing.

So I archived the below tweets to be able to read back and figure out on the current state.

[Wayback/Archive] Miguel de Icaza on Twitter: “This is so beautiful – SQL Injection attacks but for GPT-3 and other AI text models.”:

Read the rest of this entry »

Posted in AI and ML; Artificial Intelligence & Machine Learning, Blue team, Database Development, Development, Pen Testing, Power User, Red team, Security, Software Development, SQL | Leave a Comment »

Payload Box

Posted by jpluimers on 2025/02/11

For my link archive: [Wayback/Archive] Payload Box.

It has lots of examples on payloads for various kinds of injections that are excellent teaching material.

Covered are Cross Site Scripting (XSS), SQL Injection, Server Side Template Injection, RFI/LFI, Command Injection, CSV Injection, Directory, Open Redirect and XML External Entity (XXE) Injection.

Got there when inspired by:

Read the rest of this entry »

Posted in Blue team, Database Development, Development, Power User, Red team, Security, Software Development, SQL, Web Development | Leave a Comment »

Refrain from hacking all the things (:

Posted by jpluimers on 2025/02/10

It’s hard to not hack all the things…

–jeroen

Posted in LifeHacker, Power User, Red team, Security | Leave a Comment »

Mimikatz and password dumps | Ivan’s IT learning blog

Posted by jpluimers on 2025/01/17

Having had to use Mimikatz a few times in the past, I was not aware of the history.

So I was glad to find this elaborate article [Wayback/Archive] Mimikatz and password dumps | Ivan’s IT learning blog and the video (embedded after the signature).Β [Wayback/Archive] How to fix mimikatz null password in Windows 10 | WORKING 2019!!! – YouTube

Besides the history, it also explains why sometimes you only get hashes and other times you do get plain text passwords.

Recommended reading.

--jeroen

Read the rest of this entry »

Posted in Power User, Red team, Security, Windows, Windows 10, Windows 11, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 | Leave a Comment »

Dumpsterdiving for network access :: Jilles.com

Posted by jpluimers on 2025/01/06

[Wayback/Archive] Dumpsterdiving for network access :: Jilles.com

Just scaring people by telling them I could simply login to your network when you throw away you broken Smart light was not veryΒ credible. And eventhough people were kindly speaking up for me I would still like to illustrate how simple it is.

Read the rest of this entry »

Posted in Power User, Red team, Security | Leave a Comment »

HInvoke and avoiding PInvoke | drakonia’s blog

Posted by jpluimers on 2024/12/26

On my research list [Wayback/Archive] HInvoke and avoiding PInvoke | drakonia’s blog.

A very minimalistic approach of calling .net runtime functions or accessing properties using only hashes as identifiers. It does not leave any strings or import references since we dynamically resolve the required member from the mscorlib assembly on runtime.

Read the rest of this entry »

Posted in .NET, C#, Development, Encryption, Hashing, Power User, Red team, Security, Software Development | Tagged: , , , , , , , | Leave a Comment »

Evade Windows Defender Mimikatz detection by patching the amsi.dll | by Nol White Hat | Jul, 2022 | System Weakness

Posted by jpluimers on 2024/12/16

For my link archive: [Wayback/Archive] Evade Windows Defender Mimikatz detection by patching the amsi.dll | by Nol White Hat | Jul, 2022 | System Weakness

Via:Β [Wayback/Archive] rootsecdev on Twitter: “β€œEvade Windows Defender Mimikatz detection by patching the amsi.dll” by Nol White Hat”

–jeroen

Posted in Blue team, Pen Testing, Power User, Red team, Security | Leave a Comment »

Link archive: Windows PSBits/PasswordStealing/NPPSpy at master Β· gtworek/PSBits

Posted by jpluimers on 2024/12/12

Simple (but fully working) code for NPLogonNotify(). The function obtains logon data, including cleartext password.

[Wayback/Archive] PSBits/PasswordStealing/NPPSpy at master Β· gtworek/PSBits has been used in the wild since about 2022 (the code is from 2020).

The code is a ~100 line C file resulting in a DLL exporting the NPGetCaps() and NPLogonNotify() functions.

Background/related:

Read the rest of this entry »

Posted in .NET, Blue team, C, CommandLine, Development, Power User, PowerShell, PowerShell, Red team, Scripting, Security, Software Development, Windows Development | Tagged: | 1 Comment »

Hijack Libs

Posted by jpluimers on 2024/12/04

Interesting for both red teams and blue teams: [Wayback/Archive] Hijack Libs

This project provides an curated list of DLL Hijacking candidates. A mapping between DLLs and vulnerable executables is kept and can be searched via this website. Additionally, further metadata such as resources provide more context.

Read the rest of this entry »

Posted in Blue team, Development, Power User, Red team, Security, Software Development, Windows Development | Leave a Comment »

Jilles preparing for a Red Team training event

Posted by jpluimers on 2024/08/01

Remember to adapt what you pack and tailor it for each red team training event as the blue team should expect the unexpected. Believable pretext is key.

[Wayback/Archive] jilles.com πŸ”œ MCH2022 πŸ³οΈβ€πŸŒˆπŸ³οΈβ€βš§οΈ on Twitter: “Need to pack enough breaking and entering stuff to pull a good show during the RedTeam training but not too much to get arrested on my way to work. Then again, I might pull it off when I put YMCA on in a loop, in case I get pulled over. “

[Wayback/Archive] jilles.com πŸ”œ MCH2022 πŸ³οΈβ€πŸŒˆπŸ³οΈβ€βš§οΈ on Twitter: “This will do for now ;-)”

Read the rest of this entry »

Posted in Blue team, Power User, Red team, Security, Uncategorized | Leave a Comment »

« Previous Entries
Next Entries »