We just reached 100+ subscribers in the @FuzzingLabs Telegram channel 🎉
t.me/fuzzinglabs
It's basically a feed where I'm posting, on a daily basis, all the latest news/blogposts about fuzzing and vulnerability research.
New pypykatz version 0.4.0 is out. Not on pip yet, as despite weeks of testing I still treat it as beta.
What's new:
1. new ASCII logo thanks to @thugcrowd 2. kerberos live functions thanks to @harmj0y (rubeus) 3. new DPAPI with Chrome and WIFI secrets 1/N
github.com/skelsec/pypykatz
A story on how I gained RCE against Microsoft Exchange Online using CVE-2020-16875 and bypassed their patches twice over. Latest patch bypass is unpatched against on-premise deployments!
Making Clouds Rain - Remote Code Execution in Microsoft Office 365: srcincite.io/blog/2021/01/12…