😈 [ ShitSecure, S3cur3Th1sSh1t ]
Awesome talk by @thefLinkk for all those interested in malware dev 👏:
https://t.co/7BGEVSMiiX
Plus the tool release Lastenzug/SpiderPIC, used that just today and it works like a charm. No socks module in your C2? This can be used as burnable standalone shellcode 🔥 really cool!
🔗 https://m.youtube.com/watch?v=AucQUjJBJuw&list=PL7ZDZo2Xu332DOLSQlWlJPWRRAlpsLZQ-&index=12
🐥 [ tweet ]
Awesome talk by @thefLinkk for all those interested in malware dev 👏:
https://t.co/7BGEVSMiiX
Plus the tool release Lastenzug/SpiderPIC, used that just today and it works like a charm. No socks module in your C2? This can be used as burnable standalone shellcode 🔥 really cool!
🔗 https://m.youtube.com/watch?v=AucQUjJBJuw&list=PL7ZDZo2Xu332DOLSQlWlJPWRRAlpsLZQ-&index=12
🐥 [ tweet ]
🔥1
😈 [ 7h3h4ckv157, 7h3h4ckv157 ]
AD MindMap
#ActiveDirectory #pwn #infosec
https://t.co/4XY5sF1qMR
🔗 https://www.xmind.app/m/874LNH/
🐥 [ tweet ]
AD MindMap
#ActiveDirectory #pwn #infosec
https://t.co/4XY5sF1qMR
🔗 https://www.xmind.app/m/874LNH/
🐥 [ tweet ]
🔥2
😈 [ N4k3dTurtl3, NA ]
My first blog post on our new team website is up. Walking through manually reversing an undocumented struct and getting sleep obfuscation to work in CFG protected processes using NT calls.
https://t.co/BuRWSRwQPi
🔗 https://icebreaker.team/blogs/sleeping-with-control-flow-guard/
🐥 [ tweet ]
My first blog post on our new team website is up. Walking through manually reversing an undocumented struct and getting sleep obfuscation to work in CFG protected processes using NT calls.
https://t.co/BuRWSRwQPi
🔗 https://icebreaker.team/blogs/sleeping-with-control-flow-guard/
🐥 [ tweet ]
😈 [ hashcat, hashcat ]
Official Team Hashcat write-up of this year's @CrackMeIfYouCan contest at @defcon 2022: https://t.co/w2KCfySXrO @CynoPrime @john_users
🔗 https://github.com/hashcat/team-hashcat/blob/main/CMIYC2022/CMIYC2022TeamHashcatWriteup.pdf
🐥 [ tweet ]
Official Team Hashcat write-up of this year's @CrackMeIfYouCan contest at @defcon 2022: https://t.co/w2KCfySXrO @CynoPrime @john_users
🔗 https://github.com/hashcat/team-hashcat/blob/main/CMIYC2022/CMIYC2022TeamHashcatWriteup.pdf
🐥 [ tweet ]
😈 [ n00py1, n00py ]
"Relaying from SMB to the LDAP service ... requires an attacker to specify the –remove-mic flag ... This allows relaying from SMB to the LDAP service to work since NTLMv1 doesn’t include a message integrity code (MIC)."
https://t.co/1o7d6DquoL
@praetorianlabs
🔗 https://www.praetorian.com/blog/ntlmv1-vs-ntlmv2/
🐥 [ tweet ]
"Relaying from SMB to the LDAP service ... requires an attacker to specify the –remove-mic flag ... This allows relaying from SMB to the LDAP service to work since NTLMv1 doesn’t include a message integrity code (MIC)."
https://t.co/1o7d6DquoL
@praetorianlabs
🔗 https://www.praetorian.com/blog/ntlmv1-vs-ntlmv2/
🐥 [ tweet ]
😈 [ mrgretzky, Kuba Gretzky ]
I've just published a new blog post about Discord account hacks in the wild, using JavaScript injection through bookmarklets. I try to propose guidelines to mitigate these kind of attacks.
Thanks to @zh4ck and @buherator for inspiration and ideas!
https://t.co/amkC0Ty09d
🔗 https://breakdev.org/hacked-discord-bookmarklet-attacks/
🐥 [ tweet ]
I've just published a new blog post about Discord account hacks in the wild, using JavaScript injection through bookmarklets. I try to propose guidelines to mitigate these kind of attacks.
Thanks to @zh4ck and @buherator for inspiration and ideas!
https://t.co/amkC0Ty09d
🔗 https://breakdev.org/hacked-discord-bookmarklet-attacks/
🐥 [ tweet ]
😈 [ podalirius_, Podalirius ]
Today with my friend @_Worty we're releasing a technique to coerce an NTLM authentication on #Windows #SQL #Server as the machine account (in most cases). 🥳
A step by step demonstration is here: https://t.co/woCDA1M0Zr
🔗 https://github.com/p0dalirius/MSSQL-Analysis-Coerce
🐥 [ tweet ]
Today with my friend @_Worty we're releasing a technique to coerce an NTLM authentication on #Windows #SQL #Server as the machine account (in most cases). 🥳
A step by step demonstration is here: https://t.co/woCDA1M0Zr
🔗 https://github.com/p0dalirius/MSSQL-Analysis-Coerce
🐥 [ tweet ]
😈 [ r_redteamsec, /r/redteamsec ]
WinAPI and P/Invoke in C# https://t.co/2GL1Fg8udi #redteamsec
🔗 https://crypt0ace.github.io/posts/WinAPI-and-PInvoke-in-CSharp/
🐥 [ tweet ]
WinAPI and P/Invoke in C# https://t.co/2GL1Fg8udi #redteamsec
🔗 https://crypt0ace.github.io/posts/WinAPI-and-PInvoke-in-CSharp/
🐥 [ tweet ]
Forwarded from Внутрянка
Ardent101
Kerberos для специалиста по тестированию на проникновение. Часть 3. Неограниченное делегирование
Вступление Ранее уже было рассмотрено устройство протокола Kerberos и некоторые классические атаки с его использованием в Active Directory. Теперь рассмотрим еще один вид атак на Active Directory, связанный с неограниченным делегированием при помощи Kerberos.…
🔥2
😈 [ 0x6d69636b, Michael Schneider ]
I'm one of the 25%😫 However, I wrote an article about the basic configuration of squid with Kerberos to help those from the 75% who have never done it but need to do it😅 https://t.co/xrlvT9ziNF
🔗 https://www.scip.ch/en/?labs.20220901
🐥 [ tweet ][ quote ]
I'm one of the 25%😫 However, I wrote an article about the basic configuration of squid with Kerberos to help those from the 75% who have never done it but need to do it😅 https://t.co/xrlvT9ziNF
🔗 https://www.scip.ch/en/?labs.20220901
🐥 [ tweet ][ quote ]
В преддверии ИБ-мероприятия от «BSS-Безопасность» и Yandex Cloud и после разговоров про реверсы и пывны в грядущем цЭтЭэФе меня пробило на ностальжи, и я вспомнил про мою провалившуюся попытку найти себе применение в этой области.
Для этого 3 года назад, когда деревья были зеленее, я заставил себя написать цикл из четырёх статей для ][ — «В королевстве PWN» — в надежде, что меня увлечет бинарщина, и что я хоть чему-то смогу тут научиться. Будучи особенным ребенком в семье, я провалил как первый, так и второй таск 🤷🏻♂️
Anyways, мб кто-то сможет извлечь пользу из этого цикла — там можно найти вступительные гайды по разным вариациям срыва стека. А я уже все забыл.
Для этого 3 года назад, когда деревья были зеленее, я заставил себя написать цикл из четырёх статей для ][ — «В королевстве PWN» — в надежде, что меня увлечет бинарщина, и что я хоть чему-то смогу тут научиться. Будучи особенным ребенком в семье, я провалил как первый, так и второй таск 🤷🏻♂️
Anyways, мб кто-то сможет извлечь пользу из этого цикла — там можно найти вступительные гайды по разным вариациям срыва стека. А я уже все забыл.
🔥1😁1
😈 [ PortSwiggerRes, PortSwigger Research ]
Using Hackability to uncover a Chrome infoleak by @garethheyes
https://t.co/8gIjJoAio4
🔗 https://portswigger.net/research/using-hackability-to-uncover-a-chrome-infoleak
🐥 [ tweet ]
Using Hackability to uncover a Chrome infoleak by @garethheyes
https://t.co/8gIjJoAio4
🔗 https://portswigger.net/research/using-hackability-to-uncover-a-chrome-infoleak
🐥 [ tweet ]
😈 [ NicolasHeiniger, Nicolas ]
Today I release my first offensive software. Nothing magic, but I needed a tool to search in SharePoint. I took a lot of inspiration from Snaffler (from @mikeloss and @sh3r4_hax). I borrowed some code from PnP-Tools and here is SnaffPoint: https://t.co/cunDSVsE00
🔗 https://github.com/nheiniger/SnaffPoint
🐥 [ tweet ]
Today I release my first offensive software. Nothing magic, but I needed a tool to search in SharePoint. I took a lot of inspiration from Snaffler (from @mikeloss and @sh3r4_hax). I borrowed some code from PnP-Tools and here is SnaffPoint: https://t.co/cunDSVsE00
🔗 https://github.com/nheiniger/SnaffPoint
🐥 [ tweet ]
😈 [ _Wra7h, Christian W ]
I've been accumulating some stuff over the past couple weeks. Here's a few shellcode execution methods I've found digging through Windows APIs and the Google results after page 2. https://t.co/wj3tBW7Esp
🔗 https://github.com/Wra7h/FlavorTown
🐥 [ tweet ]
I've been accumulating some stuff over the past couple weeks. Here's a few shellcode execution methods I've found digging through Windows APIs and the Google results after page 2. https://t.co/wj3tBW7Esp
🔗 https://github.com/Wra7h/FlavorTown
🐥 [ tweet ]
😈 [ nmap, Nmap Project ]
We're delighted to celebrate Nmap's 25th anniversary with (of course) a new release! https://t.co/WRrRvhJzNo
🔗 https://seclists.org/nmap-announce/2022/1
🐥 [ tweet ]
We're delighted to celebrate Nmap's 25th anniversary with (of course) a new release! https://t.co/WRrRvhJzNo
🔗 https://seclists.org/nmap-announce/2022/1
🐥 [ tweet ]
😈 [ HuskyHacksMK, Matt | HuskyHacks ]
Nim shellcode module incoming
@gray_sec lights the way 🚀🚀🚀
🐥 [ tweet ][ quote ]
Nim shellcode module incoming
@gray_sec lights the way 🚀🚀🚀
🐥 [ tweet ][ quote ]
😈 [ ShitSecure, S3cur3Th1sSh1t ]
Searching for DLL Sideloading binaries? A short Powershell Script in combination with Siofra will give you thousands of possible combinations.
https://t.co/0IIjpd5xN0
Either try to replace any Windows DLL Import with your payload DLL or search for Phantom DLLs.
🔗 https://github.com/Cybereason/siofra
🐥 [ tweet ]
Searching for DLL Sideloading binaries? A short Powershell Script in combination with Siofra will give you thousands of possible combinations.
https://t.co/0IIjpd5xN0
Either try to replace any Windows DLL Import with your payload DLL or search for Phantom DLLs.
🔗 https://github.com/Cybereason/siofra
🐥 [ tweet ]