by edward | Dec 21, 2023 | PowerShell, SharpKiller, Windows Defender
I am constantly testing defender and other Anti-Virus products on what they detect and came across this nice tool called SharpKiller. Here is the link to the GitHub Repository where you can read all about it: https://wwwgithub.com/S1lkys/SharpKiller Windows Defender...
by edward | Dec 13, 2023 | Exchange 2019, PowerShell
If you are an Exchange Admin, you may have inherited Exchange Servers and are not sure what version you are running or you are simply managing Exchange but need to check Control Panel for installed updates to see what version you are on. If you have a few hundred or...
by edward | Dec 5, 2023 | Exchange 2019, Kali Linux, Metasploit
Many admins save credentials in text, log, and other format files on servers, this can be a once off thing where they are troubleshooting something or they saved it there, thinking it is in a safe place and because nobody has access to servers generally, only...
by edward | Dec 4, 2023 | Exchange 2019, BurpSuite
BurpSuite has a scanner builtin that allows you to scan a URL or URLs and this will give you an output of what is vulnerabilities or misconfigurations are set. A simple thing may be the SSL certificate on your Exchange server, while you may think this is not...
by edward | Dec 2, 2023 | Exchange 2016, CVE-2021-33766, Exchange 2019, Kali Linux, ProxyToken
In three of my previous blog posts, we looked at exploiting unpatched/vulnerable Exchange servers with “ProxyLogon”, “ProxyShell” and “ProxyNotShell”. As the exploit lists keep growing, we will look at the “ProxyToken”...
