Did you know you can interact with LDAP using cURL? How about NTLM, proxy tunneling, or domain sockets?
A deep dive into some less common and advanced features of cURL, including sending POST requests with a payload file, uploading files to a server, exploiting Spring4Shell, and exploiting SQL injection vulnerabilities using cURL.
Resources
Blog
Nate Fair
Blogs by Nate Fair
Offensive operations require evasion techniques to bypass security controls. Testers will often find that their attacks against web applications, Office 365, and other external endpoints are quickly blocked. Read our guide outlining the tools we use here at Sprocket to help us effectively attack our client's infrastructure including Fireprox, proxybroker2 and http-proxy-ipv6-pool.
A basic guide on how Sprocket utilizes Continuous Penetration Testing to rapidly identify and exploit vulnerabilities.
Hey, you love printers right? They’re that reliable, steadfast piece of technology that always seems to work and never gives you any headaches ... right? Well, buckle up.
Microsoft is releasing emergency security patches to address a critical privilege escalation and remote code execution vulnerability found within the Print Spooler service.
