-
OpenAI, ChatGPT & beyond: Implications for future work, tech and everything
Like many I have been working with ChatGPT from OpenAI. For those who don’t know it yet, the following article is recommended: https://en.wikipedia.org/wiki/ChatGPT and https://javascript.plainenglish.io/13-best-examples-of-chatgpt-on-the-internet-so-far-316876466d1c Basically it’s a user can ask anything and it will come up with more or less meaningful answers. Some examples are very impressive. Homeworks and texts can be created with […]
-
Slides Black Hat USA 2019
This time I prepared some slides, download here: BHUSA19_Arsenal_AVET
-
Slides – Introduction to AVET
Florian and I were at the root.cologne meet-up for giving an introduction to AVET: Slides: avet introduction – root cologne Interesting talks afterwards, nice location and pizza! Now looking forward to black hat :).
-
Wifi Hotspot with Windows 7
More a short note to myself… but might also be interesting for other folks. You can make a Wifi Hotspot with Windows 7 with som cmd foo, but also with the programm Virtual Router Manager, which is easier: Download: https://softfamous.com/virtual-router-manager/ https://www.pcwelt.de/downloads/Virtual-Router-Manager-583195.html Or search on google…
-
Windows 7 IE Developer SSH Server
Recently I played with one of the Windows 7 32Bit IE Developer VMs (IE11.Win7.VirtualBox.zip) from here. I can remember two exploitation classes where these machines are being used. I found an SSH server installed within the machine, it is not hidden or something, but on the other side no one I asked was aware about […]
-
A new project: welearnsecurity.com
Here is my new project: https://welearnsecurity.com/. I love to write for career starters and also working with them. Since the content is too different from this blog I decided to split the content. The blog will go from personal career experience to idealized career paths, hopefully articles or interviews from/with other successful security experts, recommendations […]
-
Antivirus Evasion on OSX
A few months ago I did some research on antivirus (evasion) on OSX and now I decided to write a blog post about it. Scope * build executables that are not recognized by Antivirus Mac OSX * for building Mac OSX executables you need Mac OSX * shellcode/payload with MSF * developed with C & […]
-
Review EDX Course Security in Office 365 (Microsoft CLD245x)
Recently I took the course Security in Office 365 using the free Audit Access, the final exam and the Certificate are missing here. Link: https://www.edx.org/course/security-in-office-365-1 The sections of the course are: Threats and data breaches targeting your data Office 365 Advanced Threat Protection Office 365 Threat Intelligence Auditing, alerting and reporting in Office 365 Advanced Security Management […]
-
Testing some hashdump and lateral movement techniques
Some time ago I tested some techniques, now published quick & dirty as a note to whom it might be interesting. Test WCE Source: http://www.ampliasecurity.com E:\wce_v1_42beta_x32>wce WCE v1.42beta (Windows Credentials Editor) – (c) 2010-2013 Amplia Security – by Hernan Ochoa (hernan@ampliasecurity.com) Use -h for help. Administrator:ACME:E52CAC67419A9A224A3B10XXXXXXXXXX:8846F7EAEE8FB118AB06BDXXXXXXXXXX dax:DAX-RYMZ48Z3EYO:E52CAC67419A9A224A3B10XXXXXXXXXX:8846F7EAEE8FB118AB06BDXXXXXXXXXX DAX-RYMZ48Z3EYO$:ACME:00000000000000000000000000000000:4460E0BCB8CCF37D8A9E81XXXXXXXXXX E:\wce_v1_42beta_x32>wce -s Administrator:ACME:E52CAC67419A9A224A3B10XXXXXXXXXX:8846F7EAEE8FB118AB06BDXXXXXXXXXX WCE v1.42beta (Windows Credentials […]
-
Recommended Talks for the New Year (mainly 35C3)
Like last here here some recommendations for starting into 2019. Mainly from 35C3 and one from Bluehat. See the original thread from twitter here (It’s a bit messed up, but should be complete): A deep dive into the world of DOS viruses by @Benjojo12https://t.co/ufSYk5Bcs8 — Daniel Sauder (@DanielX4v3r) January 4, 2019 What The Fax?! by […]