CVE-2013-3900

STIG and SCAP Compliance for Windows 10 & 11 VMs Description In this project, I applied the Security Technical Implementation Guide (STIG) to two virtual machines, one running Windows 10 and the other running Windows 11 To automate portions of this process, I utilized the Security Content Automation Protocol (SCAP) tool from the DoD Cyber Exchange website This tool

Implementing Federation Between Azure and Okta Description Vulnerability management is essential for organizations to identify and mitigate security vulnerabilities in their systems and networks This project aims to explore the various stages of the vulnerability management lifecycle using Nessus Essentials and an insecure Windows 10 system Nessus is a powerful tool that prov

Nessus Vulnerability Management and Analysis Description Vulnerability management is essential for organizations to identify and mitigate security vulnerabilities in their systems and networks This project aims to explore the various stages of the vulnerability management lifecycle using Nessus Essentials and an insecure Windows 10 system Nessus is a powerful tool that provid

Vulnerability Assessment Description In this project, I utilized Tenable Nessus, a renowned vulnerability assessment tool, to conduct a comprehensive security scan on a Windows 10 virtual machine The aim was to identify potential vulnerabilities and security issues within a controlled environment The virtual machine was configured with a minimal set of applications, specifi

WinVerifyTrust Signature Mitigation Script This script can be deployed to mitigate the issue with CVE-2013-3900 Microsoft MSRC Script adds two registry keys and a dword key, if the machine is x64 it will double this

Packer template for Windows Server 2019 UEFI and secure boot using vSphere-ISO provider Note: this code is compatible with Packer v19x or later This repository contains HashiCorp Packer templates to deploy Windows Server 2019 UEFI and secure boot in VMware vSphere (with vCenter), using the vsphere-iso builder These templates creates the Template (or VM) directly on the vSph

NESSUS-Vulnerability Management Description In this lab I will cover vulnerability scanning and vulnerability remediation I will be using Nessus Essentials to scan local VMs hosted on VMWare Workstation in order run credentialed scans to discover vulnerabilities, remediate some of the vulnerabilities, then perform a rescan to verify remediation Technologies Used VMWare Works

Append a custom data payload to a digitally signed NSIS .exe installer

Append Payload to Signed NSIS Executable Installer File This program allows you to embed a payload containing custom user data into an executable generated by NSIS (Nullsoft Scripted Installer System) and signed with Microsoft SignToolexe (or similar) This is tested and working with the NSIS ReadCustomerData Function Windows recognizes the original digital signature since we

Weaponized HellsGate/SigFlip

SignatureGate Weaponized version of HellsGate, bypassing AV/EDR/EPPs by abusing opt-in-fix CVE-2013-3900 Most code is from githubcom/am0nsec/SharpHellsGate and githubcom/med0x2e/SigFlip Disclaimer: The information/files provided in this repository are strictly intended for educational and ethical purposes only The techniques and tools are intended to be use

The objective of this lab exercise was to improve my familiarity with Vulnerability Management I chose Nessus to do this lab because I already had some experience with Nessus during my time at University and with TryHackme, so I wanted to further my skills on Nessus The setup featured Nessus Essentials software, VMWare Workstation Player, and a Windows 10 ISO I followed the

Fix WinVerifyTrust Signature Validation Vulnerability, CVE-2013-3900, QID-378332

Fix-WinVerifyTrustSignatureValidationVuln Fix WinVerifyTrust Signature Validation Vulnerability, CVE-2013-39001, QID-3783322 This Fix is intended for 64-bit Windows Computers This PowerShell code is one way to fix the vulnerability - aside from creating a reg file and using reg import <filereg> to import the new registry key Full Packaged Script: If HKLM:\Softw

Proof of concept code for injecting content into MSI files without breaking Authenticode

MsiAuthenticodeInject This project demonstrates a proof of concept bypass to Microsoft's optional patch of CVE-2013-3900 How it works? Microsoft's MSI files have Authenticode signatures stored in their \x05DigitalSignature entry Using the same strategy used in CVE-2013-3900, we can append data to the end of the stream, updating the relevant fields from the MSI (size

Vulnerability Management Description The project consists of vulnerability scanning and vulnerability remediation These are two of the main steps in the Vulnerability Management Lifecycle I will use Nessus Essentials to scan local VMs hosted on VMWare Workstation to run credentialed scans to discover vulnerabilities, research, and remediate vulnerabilities, then perform a res

Vulnerability Assessment Description In this project, I utilized Tenable Nessus, a renowned vulnerability assessment tool, to conduct a comprehensive security scan on a Windows 10 virtual machine The aim was to identify potential vulnerabilities and security issues within a controlled environment The virtual machine was configured with a minimal set of applications, specifi

Proof of concept code for injecting content into MSI files without breaking Authenticode

MsiAuthenticodeInject This project demonstrates a proof of concept bypass to Microsoft's optional patch of CVE-2013-3900 How it works? Microsoft's MSI files have Authenticode signatures stored in their \x05DigitalSignature entry Using the same strategy used in CVE-2013-3900, we can append data to the end of the stream, updating the relevant fields from the MSI (size