I’m a ethical hacker with a couple years of experience and i’m enthusiastic to learn a lot more about different hacking topics, especially Windows Active Directory and other Microsoft Services. I’m eager to learn and really like to take courses related to cyber security.

Affiliate links

• TCM Security

Projects

• RedTeaming Cheatsheet
• Manual on how to build a vulnerable Active Directory Lab
• Writing a mini EDR kernel driver

Tools

• Active Directory audit tool - A tool for auditing security misconfigurations within Active Directory, automating many AD checks I did as a penetration tester.
• EnumEDRs - Enumerates running EDRs by enumerating running processes and drivers loaded.
• EnumMitigations - Enumerate Driver, LSASS and other security services mitigations applied on a machine.
• BYOVD EDRKiller POCS - POC code for abusing BYOVD to kill EDR defenses through vulnerable ZwTerminateProcess driver.
• BYOVD Read Write Primitive POCS - POC tools for leveraging a kernel-level read/write primitive to bypass security mechanisms such as LSASS’s RunasPPL protection and to enumerate and remove EDR telemetry via kernel callback manipulation.
• BlockEDRTRaffic - Two tools that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows Filtering Platform (WFP).

CVE’s

• Danfoss
  • Link to DIVD Case, BlogPost
  • CVE-2023-22583 SQL Injection
  • CVE-2023-22584 Cleartext credentials
  • CVE-2023-22585 Reflected Cross-Site Scripting
  • CVE-2023-22586 Local File Inclusion
  • CVE-2023-25911 OS Command Injection
  • CVE-2023-25912 Webreport disclosure
  • CVE-2023-25913 Authentication Bypass

Contributions

• Seclists dutch common wordlist and dutch passwordlist.