all InfoSec news
DEF CON 31 - #NoFilter Abusing Windows Filtering Platform for privilege escalation - Ron Ben Yizhak
Sept. 15, 2023, 9:29 p.m. | DEFCONConference
DEFCONConference www.youtube.com
Today, there are multiple offensive tools in the wild that can execute code as “NT AUTHORITY\SYSTEM” (Meterpreter, CobaltStrike, Potato tools), and they all usually do so by duplicating tokens and manipulating services in some way or another. This talk will show an evasive and undetected privilege escalation technique that abuses the Windows Filtering Platform (WFP). This platform processes network traffic and allow configuring filters that permit or block communication. …
abusing attack attack vector authority ben cobaltstrike code con def def con def con 31 escalation meterpreter nofilter offensive platform privilege privilege escalation ron services system today tokens tools windows windows filtering platform windows os
More from www.youtube.com / DEFCONConference
DEF CON 31 - There Are No Mushroom Clouds in Cyberwar - Mieke Eoyang
7 months, 2 weeks ago |
www.youtube.com
DEF CON 31 - The GitHub Actions Worm - Asi Greenholts
7 months, 2 weeks ago |
www.youtube.com
DEF CON 31 - Defeating VPN Always On - Maxime Clementz
7 months, 2 weeks ago |
www.youtube.com
DEF CON 31 Car Hacking Village - Abusing CAN Bus Spec for DoS in Embedded …
7 months, 2 weeks ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
Lead Security Specialist
@ Fujifilm | Holly Springs, NC, United States
Security Operations Centre Analyst
@ Deliveroo | Hyderabad, India (Main Office)
CISOC Analyst
@ KCB Group | Kenya
Lead Security Engineer – Red Team/Offensive Security
@ FICO | Work from Home, United States
Cloud Security SME
@ Maveris | Washington, District of Columbia, United States - Remote
SOC Analyst (m/w/d)
@ Bausparkasse Schwäbisch Hall | Schwäbisch Hall, DE