😈 [ thefLinkk, thefLink ]
Today we published a new tool to tamper with Sysmon.
Uses handle elevation and a SACL bypass to remain difficult to observe using Sysmon itself or Windows Event logs.
https://t.co/OZ4tkgNOAD
🔗 https://github.com/codewhitesec/SysmonEnte
🐥 [ tweet ][ quote ]
Today we published a new tool to tamper with Sysmon.
Uses handle elevation and a SACL bypass to remain difficult to observe using Sysmon itself or Windows Event logs.
https://t.co/OZ4tkgNOAD
🔗 https://github.com/codewhitesec/SysmonEnte
🐥 [ tweet ][ quote ]
😈 [ Six2dez1, Six2dez ]
I've packed in GitHub an @obsdmd's Vault for web pentesting assessments, it's still pretty simple but I included my Web Pentest Checklist updated, so feel free to contribute!
Here it is:
https://t.co/jx4a9UB2wT
#Pentesting #Web #Obsidian #Markdown #Hacking
🔗 https://github.com/six2dez/obsidian-pentesting-vault
🐥 [ tweet ]
I've packed in GitHub an @obsdmd's Vault for web pentesting assessments, it's still pretty simple but I included my Web Pentest Checklist updated, so feel free to contribute!
Here it is:
https://t.co/jx4a9UB2wT
#Pentesting #Web #Obsidian #Markdown #Hacking
🔗 https://github.com/six2dez/obsidian-pentesting-vault
🐥 [ tweet ]
😈 [ M4yFly, Mayfly ]
Let's continue to pwn GOAD for fun and no profit :)
We will have fun with ADCS this time, thanks a lot to @ly4k_ for the certify tool 🙏
https://t.co/QwIsA0ipM2
🔗 https://mayfly277.github.io/posts/GOADv2-pwning-part6/
🐥 [ tweet ]
Let's continue to pwn GOAD for fun and no profit :)
We will have fun with ADCS this time, thanks a lot to @ly4k_ for the certify tool 🙏
https://t.co/QwIsA0ipM2
🔗 https://mayfly277.github.io/posts/GOADv2-pwning-part6/
🐥 [ tweet ]
😈 [ mpgn_x64, mpgn ]
A much needed module during internal pentest will be added to CrackMapExec tonight 🌛
Why scan a /16 when you can get all ip/dns records of the domain using get-network module ? 🔥
Thanks to @_dirkjan (this module is adidnsdump as module) and @snovvcrash for the cidr trick !
🐥 [ tweet ]
A much needed module during internal pentest will be added to CrackMapExec tonight 🌛
Why scan a /16 when you can get all ip/dns records of the domain using get-network module ? 🔥
Thanks to @_dirkjan (this module is adidnsdump as module) and @snovvcrash for the cidr trick !
🐥 [ tweet ]
😈 [ subtee, Casey Smith ]
Quick/easy alert if someone runs..
adfind.exe
qwinsta.exe
nltest.exe
tasklist.exe
seatbelt.exe
procdump64.exe
or _other_ odd, rare commands?
Give this a try?
❤️feedback, ways to improve.
It's not perfect, we know.
Help us improve/refine it.
https://t.co/tJ3buUL49E
🔗 https://github.com/thinkst/canarytokens
🐥 [ tweet ]
Quick/easy alert if someone runs..
adfind.exe
qwinsta.exe
nltest.exe
tasklist.exe
seatbelt.exe
procdump64.exe
or _other_ odd, rare commands?
Give this a try?
❤️feedback, ways to improve.
It's not perfect, we know.
Help us improve/refine it.
https://t.co/tJ3buUL49E
🔗 https://github.com/thinkst/canarytokens
🐥 [ tweet ]
😈 [ awakecoding, Marc-André Moreau ]
Get-RdpLogonEvent: extract the list of recent RDP logons from the event viewer and become a magician 🧙♀️ that can answer impossible questions like "is it really using Kerberos (nope), or did it downgrade to NTLM (again)"? 👇 https://t.co/1TKpLfZB5w
🔗 https://gist.github.com/awakecoding/5fda938a5fd2d29ebffb31eb023fe51c
🐥 [ tweet ]
Get-RdpLogonEvent: extract the list of recent RDP logons from the event viewer and become a magician 🧙♀️ that can answer impossible questions like "is it really using Kerberos (nope), or did it downgrade to NTLM (again)"? 👇 https://t.co/1TKpLfZB5w
🔗 https://gist.github.com/awakecoding/5fda938a5fd2d29ebffb31eb023fe51c
🐥 [ tweet ]
😈 [ ShitSecure, S3cur3Th1sSh1t ]
Still so much stuff to learn. Can really recommend going through the posts of @EmericNasi when some free timeslot is available 🔥
https://t.co/XeJ7MoxxPj
🔗 https://blog.sevagas.com/
🐥 [ tweet ]
Still so much stuff to learn. Can really recommend going through the posts of @EmericNasi when some free timeslot is available 🔥
https://t.co/XeJ7MoxxPj
🔗 https://blog.sevagas.com/
🐥 [ tweet ]
😈 [ HuskyHacksMK, Matt | HuskyHacks ]
🚀🌠 Landed!
Happy to announce my PR for Nim shellcode generation support has been merged into the Metasploit Framework/MSFVenom!
huge thank you to @gray_sec whose PR for Go shellcode support lit the path. and thank you to the @rapid7 team for their help with the process!
💖✌
🐥 [ tweet ]
🚀🌠 Landed!
Happy to announce my PR for Nim shellcode generation support has been merged into the Metasploit Framework/MSFVenom!
huge thank you to @gray_sec whose PR for Go shellcode support lit the path. and thank you to the @rapid7 team for their help with the process!
💖✌
🐥 [ tweet ]
😈 [ C5pider, 5pider ]
Open sourced the "assembly execute" and "powerpick" module/command. Have fun.
https://t.co/tn87aai7nY
🔗 https://github.com/HavocFramework/Modules
🐥 [ tweet ]
Open sourced the "assembly execute" and "powerpick" module/command. Have fun.
https://t.co/tn87aai7nY
🔗 https://github.com/HavocFramework/Modules
🐥 [ tweet ]
😈 [ mariuszbit, mgeeky | Mariusz Banach ]
Nice! LNK-ISO polyglot weaponisation idea:
1. Create LNK that copies & renames itself to ISO
2. Create LNK-ISO polyglot with @angealbertini Mitra
3. Double-click on LNK -> will pop with ISO's contents
4. Rename polyglot back to poly.lnk
Double-click & ISO pops up ✨
@domchell
🐥 [ tweet ]
Nice! LNK-ISO polyglot weaponisation idea:
1. Create LNK that copies & renames itself to ISO
2. Create LNK-ISO polyglot with @angealbertini Mitra
3. Double-click on LNK -> will pop with ISO's contents
4. Rename polyglot back to poly.lnk
Double-click & ISO pops up ✨
@domchell
🐥 [ tweet ]
😈 [ httpyxel, yxel ]
Single stub direct and indirect syscalling rust library for windows :)
* Single stub
* One single line for all your syscalls
* Function name hashing at compilation time
* x86_64, WOW64 and x86 native support
https://t.co/e9VW04M1bK
🔗 https://github.com/janoglezcampos/rust_syscalls
🐥 [ tweet ]
Single stub direct and indirect syscalling rust library for windows :)
* Single stub
* One single line for all your syscalls
* Function name hashing at compilation time
* x86_64, WOW64 and x86 native support
https://t.co/e9VW04M1bK
🔗 https://github.com/janoglezcampos/rust_syscalls
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ x86matthew, x86matthew ]
WriteProcessMemoryAPC - Write memory to a remote process using APC calls
Another alternative to WriteProcessMemory!
https://t.co/JIzWS927Uc
🔗 https://www.x86matthew.com/view_post?id=writeprocessmemory_apc
🐥 [ tweet ]
WriteProcessMemoryAPC - Write memory to a remote process using APC calls
Another alternative to WriteProcessMemory!
https://t.co/JIzWS927Uc
🔗 https://www.x86matthew.com/view_post?id=writeprocessmemory_apc
🐥 [ tweet ]
😈 [ ippsec, ippsec ]
Just uploaded my favorite way to detect Password Sprays and Kerberoasting on a budget by combining Event Log Filters, Scheduled Tasks, and CanaryTokens. The ability to create scheduled tasks that fire upon specific eventlog events is super powerful. https://t.co/ek3qh1O8Gl
🔗 https://youtu.be/BT9pT1tAmX8
🐥 [ tweet ]
Just uploaded my favorite way to detect Password Sprays and Kerberoasting on a budget by combining Event Log Filters, Scheduled Tasks, and CanaryTokens. The ability to create scheduled tasks that fire upon specific eventlog events is super powerful. https://t.co/ek3qh1O8Gl
🔗 https://youtu.be/BT9pT1tAmX8
🐥 [ tweet ]