Other Articles
A Quick and Simple Guide to Nmap and the Nmap Scripting Engine
NMAP and NMAP scripting Engine Introduction Nmap, short for Network Mapper, is a powerful and versatile open-source network scanning tool used for security auditing and network exploration. It allows users to discover hosts, services, and vulnerabilities on a network,...
How to Enable Cached Mode in Outlook and the Pros and Cons of Running Cached Mode
Outlook is a popular email client that offers various features and settings to enhance productivity and efficiency. One of these settings is Cached Mode, which allows users to access their mailbox data offline. In this article, we will guide you through the process of...
Exchange 2019:- CVE-2023-23397 Exploit (Affecting the Outlook Thick Client)
In my Exchange 2019 lab, I tested out this exploit and it works which is scary. The POC listed Outlook 2013 and 2016 but it also worked for me on Outlook 2019. If you want to read about this POC, head over to GitHub here:...
Secure Exchange 2019 OWA with a Google Captcha option.
In one of my recent blog posts, we covered brute forcing of the OWA page in Exchange 2019, this also applies to Exchange 2016 and Exchange 2013. If an attacker successfully gains access, they might access an account that has elevated privileges or given enough time,...
Quickly patch all your PowerShell sessions with SharpKiller but beware of Defender.
I am constantly testing defender and other Anti-Virus products on what they detect and came across this nice tool called SharpKiller. Here is the link to the GitHub Repository where you can read all about it: https://wwwgithub.com/S1lkys/SharpKiller Windows Defender...
Exchange 2019:- Get the Version with Product Name in PowerShell
If you are an Exchange Admin, you may have inherited Exchange Servers and are not sure what version you are running or you are simply managing Exchange but need to check Control Panel for installed updates to see what version you are on. If you have a few hundred or...
Exchange 2019:- Finding hidden credentials after obtaining a shell
Many admins save credentials in text, log, and other format files on servers, this can be a once off thing where they are troubleshooting something or they saved it there, thinking it is in a safe place and because nobody has access to servers generally, only...
Exchange 2019:- Running BurpSuite against your server to identify potential issues
BurpSuite has a scanner builtin that allows you to scan a URL or URLs and this will give you an output of what is vulnerabilities or misconfigurations are set. A simple thing may be the SSL certificate on your Exchange server, while you may think this is not...
Exchange 2019:- ProxyToken Exploit
In three of my previous blog posts, we looked at exploiting unpatched/vulnerable Exchange servers with "ProxyLogon", "ProxyShell" and "ProxyNotShell". As the exploit lists keep growing, we will look at the "ProxyToken" exploit. One of my many Exchange 2019 lab servers...
Windows Server 2022:- Bypassing Windows Defender with Nim
This article is about a YouTube video by "Tyler Ramsbey" that I used in my own environment to get a Reverse Shell from a Windows 2022 Server that is fully patched and Windows Defender did not detect me. All credit goes to "Tyler" and to "Sn1r" that created the Nim...