Here’s a few of the interesting and useful articles and tools that I’ve come across last week.
Articles and news:
A report by RiskIQ into the ba.com data breach
A write up of how initial OSINT gathered the right information that resulted in DA compromise.
This series is for people who’ve used Windows but haven’t worked on Active Directory. This blog will be focusing primarily on understanding AD environment so that we can perform AD enumeration and simulate AD attacks as one would do when doing a Red Team Assessment
A huge list of OSINT resources.
Tools and tech:
Simple Bash Script To Take A Long List Of Domains And Return Only Ones With Webpages.
dirsearch is a simple command line tool designed to brute force directories and files in websites.
web-based tool to find subdomains. Useful for when you do not have access to your usual tools.
A low cost RFID Field Detector that can be used to identify the presence of an rfid field. You can easily identify the frequency and unknown reader is operating at.
A fast CORS misconfiguration vulnerabilities scanner