Lolware Blog

Round three at a website.

kustosentinelhoneytoken
Using Microsoft Sentinel to roll honey tokens on Windows
Proactive incident monitoring
May 09, 20222 mins
CVE-2022-0316Wordpressthemes
Exploit for many Wordpress themes - CVE-2022-0316
Exploit poc
February 04, 20221 mins
onpremactive directorymfa
Using Azure MFA for on premises Active Directory
Protecting assets with Azure MFA without going cloud
December 02, 202111 mins
ransomwarescripts
Neutralising Script Based Ransomware
Neutralising Script based ransomware
July 25, 20213 mins
react. xss
React XSS Protection Cheat Sheet
Secure use of React and XSS
June 20, 20218 mins
autodiscovervulnerabililty
Obtaining Corporate Credentials via the Autodiscover Circus
Obtaining Corporate Credentials via the Autodiscover Circus
September 02, 20204 mins
active directoryjeapam
Secure Active Directory management with PAM and JEA
Active Directory Domain Just Enough Administration and Privileged Administration
July 13, 20199 mins
penetration testingred teamvulnerability
Dumbest pentesting script to ever succeed
Getting service account credentials where you shouldn't
July 09, 20191 mins
googlesafebrowse
Abusing Google Safebrowse for phished credentials URLs
What safebrowse looks for, and finding it yourself
May 12, 20193 mins