CCyvisoryincyvisory.hashnode.dev·Aug 2, 2023 · 5 min readObscurities with MS Teams part 3This time we look mostly at the accounts used for phishing. tl;dr When phishing via Teams, an attacker controls the source AAD. Therefore, he can set every username he wants. This opens some possibilities. E-Mail as username Suffix the Username to ...00
CCyvisoryincyvisory.hashnode.dev·Aug 2, 2023 · 6 min readObscurities with MS Teams part 2Some features of MS Teams are only validated in the frontend and not in the backend, allowing us to tamper with some messages and functions, by directly interacting with the endpoints. Everything combined might increase the plausibility of social eng...00
CCyvisoryincyvisory.hashnode.dev·Aug 1, 2023 · 14 min readHow much is the phishWithin this article, I would like to talk/write about phishing to bring up new ideas and perspectives to the good old phishing. Please note this article will not be that technical, so don´t expect a new tool or technique. But I want to answer the 25-...00
CCyvisoryincyvisory.hashnode.dev·Jul 19, 2023 · 7 min readZipJar, a little bit unexpected attack chainThe upcoming .zip TLDs from Google brought some discussion about attack vectors. Most of those attack vectors are not completely new, like using an "@" to split between username and host. While playing a little bit around, an unexpected attack chain ...00
CCyvisoryincyvisory.hashnode.dev·Jul 14, 2023 · 14 min readRead memory dumps without a cat.The aim of this article is to provide an insight in the most hidden secrets of the hacker world and the inner workings of their most holy tools, or maybe it is just an article how to read and parse LSASS memory dumps. TL; DR A PowerShell based tool t...00