• sensepost/ruler🔍
• Outlook home page – another ruler vector🔍
• Outlook forms and shells🔍
• Mapi over http and mailrule pwnage🔍
• ruler command🔍
• Ruler is Amazing🔍
• Pass the hash with ruler🔍
• Hacktool Ruler🔍

sensepost/ruler: A tool to abuse Exchange services - GitHub

Ruler is a tool that allows you to interact with Exchange servers remotely, through either the MAPI/HTTP or RPC/HTTP protocol.

Outlook home page – another ruler vector - SensePost

The homepage allows you to customise the default view for any folder in Outlook. This allows specifying a URL to be loaded and displayed whenever a folder is ...

Outlook forms and shells - SensePost

This attack has typically relied on using Outlook Rules to trigger the shell execution. Although Ruler makes accomplishing this really easy, it ...

Mapi over http and mailrule pwnage - SensePost

A quick search revealed that Exchange traditionally relies on Outlook Anywhere to do most synchronisation tasks. However, some deeper inspection ...

ruler command - github.com/sensepost/ruler - Go Packages

Ruler is a tool that allows you to interact with Exchange servers remotely, through either the MAPI/HTTP or RPC/HTTP protocol.

Ruler, Software S0358 | MITRE ATT&CK®

Ruler is a tool to abuse Microsoft Exchange services. It is publicly available on GitHub and the tool is executed via the command line.

Ruler is Amazing, got creds get a shell - 1337red

by @myexploit OK this is a quick post, if you want to lab ruler, I'm sorry to say that the prereqs are painful, but it is 100% worth the pain.

Ruler: A tool to abuse Exchange services - Tidal Cyber

SensePost. (2016, August 18). Ruler: A tool to abuse Exchange services. Retrieved February 4, 2019. Tags. Notes. Techniques (1) Groups (0) Software (1)

Ruler - A Tool To Abuse Exchange Services - KitPloit

Ruler is a tool that allows you to interact with Exchange servers through the MAPI/HTTP protocol. The main aim is abuse the client-side Outlook mail rules.

Pass the hash with ruler - SensePost

We are taking Ruler and the abuse of Exchange on a road trip to Germany in March. Troopers have accepted our talk, “Ruler – Pivoting through ...

Hacktool Ruler - Detection.FYI

A tool to abuse Exchange services. Contribute to sensepost/ruler development by creating an account on GitHub.

Outlook | Pentester's Promiscuous Notebook

Copy $ ./ruler -k --nocache --url https://autodiscover.megacorp.com/autodiscover/autodiscover.xml -d megacorp.com -u 'snovvcrash' -p ...

Windows: Hacktool Ruler

FortiSIEM Rules. Windows: Hacktool Ruler. Rule ID. PH_Rule_SIGMA_13. Default Status. Enabled. Description. This events that ...

Notruler – turning offence into defence - SensePost

We've spent a lot of time creating Ruler and turning it into, what we think, is a useful attack tool. The goal behind the project was to ...

NotRuler - The opposite of Ruler, provides blue teams ... - Tidal Cyber

SensePost. (2017, September 21). NotRuler - The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

autodiscover package - github.com/sensepost/ruler/autodiscover

BruteForce function takes a domain/URL, file path to users and filepath to passwords whether to use BASIC auth and to trust insecure SSL And whether to stop ...

Issues · sensepost/ruler - GitHub

A tool to abuse Exchange services. Contribute to sensepost/ruler development by creating an account on GitHub.

OVERRULED: Containing a Potentially Destructive Adversary

FireEye assesses APT33 may be behind a series of intrusions and attempted intrusions within the engineering industry.

Hacktool Ruler - Jupyter Notebooks Gallery

... Ruler by Sensepost author: Florian Roth date: 2017/05/31 modified: 2019/07/26 references: - https://github.com/sensepost/ruler - https://github.com/sensepost/ ...

ruler - Penetration Testing Tools

List of all available tools for penetration testing. ruler Summary. Description: A tool to abuse Exchange services. Category: webapp ...