Priviledge Escalation Hunting – Scheduled Tasks and Scripts

TLDR: If you have been hunting for privescs before you will know it’s normally not a fast task, you will have a shed ton of data to look at. Sure WINPEAS is good but it’s not a silver bullet.

Here is a really small script which focuses on system administration files/scripts, scheduled tasks and scheduled task history to help you hunt for weaknesses:

Education

Passive Port Scanners & Internet Asset Discovery Platforms

Useful for a range of defensive and offensive purposes, internet asset search platforms enable a range of activities from:

Research & Trend Analysis
Vulnerability Hunting
Attack Surface Mapping
OSINT

Each has its own interfaces, features, dataset sand styles.

I’ve put together a list of the most popular, there may be more that I haven’t listed.

Defense

Combating Cyber Crime: Should we really be charging to…

Sensational Press or Cyber War Mongering?

I do not know Mr Martin, but I would assume that his role at NCSC and GCHQ would have given him a good insight into the realities of cybercrime, cyber terrorism, nation state affairs and how to effectively defend against cyber criminals (and other threat actors) so please read this blog as it is intended, it’s an analysis on the quoted statements and reporting style and general view of mine about current cyber war rhetoric, not an analysis of the person. Why am I writing this? Well, I am seeing an increased level of FUD, snake oil and cyber war rhetoric and I wanted to share some of my thoughts, opinions, and ideas in this space. For it is far too easy to call for war and in cyberspace do we even know what that means? Read more “Combating Cyber Crime: Should we really be charging to cyber war?” →