Article Excerpt
property | value |
tags | defensive-tradecraft,elastic-stack,kernel,pkm-pocket-pipeline,procedure-syscalls,process-telemetry,summarize-article |
url | |
original_word_count | 0 |
Long Summary
This repository contains a collection of Proof of Concepts (POCs) created by the author for various projects, blogs, and other purposes. The POCs are designed to demonstrate the use of various techniques to impersonate a logged-on user.
The first POC, ImpersonateLoggedOnUser, steals a token from a targeted process and sets the token to the current thread via ImpersonateLoggedOnUser. The second POC, SetThreadToken, also steals a token from a targeted process and sets the token to the current thread, but uses the SetThreadToken method instead.
The third POC, NtfsControlFile, performs named pipe impersonation by creating a named pipe. The fourth POC, CreateProcessSetThreadToken, creates a process and then sets the thread token to impersonate. The fifth POC, InjectImp, creates a remote thread in a target process and then sets the thread token to impersonate.
These POCs demonstrate the use of various techniques to impersonate a logged-on user. They are useful for projects, blogs, and other purposes, and can be used to test the security of a system. By understanding the techniques used in these POCs, developers can create more secure systems and protect against malicious actors.
Short Summary
š Impersonate LoggedOn Users POCs šš½ Repository of Proof of Concepts (POCs) for various projects and blogs. šš½ POCs demonstrate techniques to impersonate a logged-on user. šš½ First POC, ImpersonateLoggedOnUser, uses token stealing to impersonate. šš½ Second POC, SetThreadToken, uses SetThreadToken method to impersonate. šš½ Third POC, NtfsControlFile, performs named pipe impersonation. šš½ Fourth POC, CreateProcessSetThreadToken, creates a process and impersonates. šš½ Fifth POC, InjectImp, creates a remote thread and impersonates. šš½ POCs useful for testing system security and improving development practices. šš½ Exploring POC techniques can create more secure systems. šš½ Protect against malicious actors by understanding and using POC techniques.
š source link: https://github.com/jsecurity101/RandomPOCs
š summarized content: undefined
#ProofOfConcepts #ImpersonateLoggedOnUser #SetThreadToken #NtfsControlFile #CreateProcessSetThreadToken #InjectImp #UserImpersonation #SystemSecurity #MaliciousActors #SecureSystems