Jake Smith

icon indicating a website link https://metactf.com icon indicating an email [email protected]

icon company MetaCTF icon location I build things and hack things in order to secure all of the things.

Results 23 issues of Jake Smith

--CollectAllProperties Flag doesn't appear to be working

1 comment

On the README, the `--collectallproperties` flag claims to "Collect all LDAP properties from objects"; however, this does not actually appear to be the case. Test Scenario: * Create a new...

Add coverage map to RTD & update project link on github/wiki pages

1 comment

once the docs get merged into develop

type/enhancement
difficulty/easy

Setup project donation buttons

type/enhancement
difficulty/easy

Search for Windows Telemetry persistence

https://github.com/Imanfeng/Telemetry https://www.trustedsec.com/blog/abusing-windows-telemetry-for-persistence/

type/enhancement
module/configuration
priority/high
module/file-system
difficulty/easy
lang/c++
mode/hunt
platform/client

Search for malicious NPLogonNotifiers

https://github.com/gtworek/PSBits/tree/master/PasswordStealing/NPPSpy

type/enhancement
module/configuration
module/file-system
difficulty/easy
lang/c++
mode/hunt
platform/client

Look through techniques to identify new hunts

https://docs.rapid7.com/insightidr/windows-suspicious-process

Actively detect llmnr / wpad poisoning

"detect netbios/LLMNR poisoning by having your endpoint agent issue a request for a non-existent resource. Tools like Responder would respond to this request, giving themselves away. I can say from...

type/enhancement
module/configuration
difficulty/hard
lang/c++
mode/hunt
platform/client

Create python bindings for key functions in BLUESPAWN DLL

type/enhancement
priority/high
difficulty/hard
lang/c++
platform/client
integration/agent7

Create vcxproj for building BLUESPAWN as a DLL for agent7 integration

type/enhancement
priority/high
difficulty/easy
lang/c++
platform/client
integration/agent7

Create initial Client-Server Communication

1 comment