rootsecdevNotes From The Field: Exploiting Nagios XI SQL Injection (CVE-2023–40931)This CVE affects Nagios XI 5.11.0 and 5.11.1. It does require authenticated access into the Nagios environment.Jul 4Jul 4
rootsecdevIntroduction to Azure Cloud Token Theft MindMap V1Recently I’ve uploaded a Mind Map to my Azure Red Team repository on Token theft decisioning during authorized penetration test or red team…Jun 121Jun 121
rootsecdevEvading Token Protection For EntraID/M365 (2024 Edition)The topic of using token protection has cropped up on my timeline again recently, so I thought it was necessary to do an updated post on…May 27May 27
rootsecdevUpdated: Adversary Simulation using Azure CLI and Microsoft Graph PowerShellAt one point last year prior to things like GraphRunner coming out, operations to interact with Microsoft Graph PowerShell was a common…Feb 15Feb 15
rootsecdevActive Authentication Administrators in AzureI had this question come up again recently. What are “Active Authentication Administrators” and why are they showing up under regular…Feb 11Feb 11
rootsecdevHacking Active Directory with Sliver C2This box (Access) is well known (or atleast should be) in Offsec Proving grounds. I decided to revisit this active directory box as a…Jul 16, 20231Jul 16, 20231