😈 [ Alh4zr3d, Alh4zr3d ]

Red Teamers: Signed code tends to be scrutinized less. Sign your code with a fake cert: https://t.co/8MZ8pkuv4s. Or, clone the cert from a valid DLL for sneaker DLL hijacking: https://t.co/S4wn2X0to1. Caution with this against ATP, though: Microsoft knows its own certs. #redteam

🔗 https://github.com/Tylous/Limelighter
🔗 https://github.com/jfmaes/Invoke-DLLClone

🐥 [ tweet ]

😈 [ ippsec, ippsec ]

Just uploaded a video showing off the Sensitive Commands Token Canary Token https://t.co/V1C0IU6X2N - It's a pretty simple video but I really wanted to talk about the phrase "So much offense in my defense" from this blog post: https://t.co/H83n0HnTQi

🔗 https://youtu.be/xFlH3DV0J7I
🔗 https://blog.thinkst.com/2022/09/sensitive-command-token-so-much-offense.html

🐥 [ tweet ]

😈 [ SEKTOR7net, SEKTOR7 Institute ]

If you happen to click on non-existing Microsoft KB link, do not despair, @betaarchive's got your back.

Huge repository containing old and recent KB articles and lots of other good info.

Check it out!

https://t.co/To0dcuqUYx

🔗 https://www.betaarchive.com/wiki/index.php?noscript=Microsoft_KB_Archive

🐥 [ tweet ]

😈 [ HuskyHacksMK, Matt | HuskyHacks ]

🔬A new, FREE PMAT section is now available on my blog!

It attempts to answer a common question that I get about the PMAT Host Only lab set up and offers steps to configure an Internal Network malware analysis network

You spoke, I listened ♥

https://t.co/XKdwWmlRn2

🔗 https://notes.huskyhacks.dev/blog/malware-analysis-labs-internal-network-vs-host-only

🐥 [ tweet ]

😈 [ M4yFly, Mayfly ]

Let's have some fun with MSSQL in GOAD this time 😁
https://t.co/x7exgnliAS

🔗 https://mayfly277.github.io/posts/GOADv2-pwning-part7/

🐥 [ tweet ]

😈 [ C5pider, 5pider ]

Talon
A (demo) 3rd party agent for the Havoc Framework.
https://t.co/BGmHOXkSCD

🔗 https://github.com/HavocFramework/Talon

🐥 [ tweet ]

😈 [ SEKTOR7net, SEKTOR7 Institute ]

Here we go!

Pre-sale of RTO: MalDev Advanced (Vol.1) is now open
Pre-sale end: Sep 27th
Course release date: Sep 28th

Userland rootkit tech, building MSVC COFFs, custom "RPC" instrumentation and more...

You can't miss it!
https://t.co/nEYFgyS0pE

#RTO #redteam #onlinelearning

🔗 https://institute.sektor7.net/rto-maldev-adv1

🐥 [ tweet ]

😈 [ m8sec, Mike Brown ]

Current state of infosec Twitter...

🐥 [ tweet ]

😈 [ BushidoToken, Will ]

Hey @MicrosoftTeams

🐥 [ tweet ]

так жизненно прастите

😈 [ netero_1010, Chris Au ]

Having some fun to re-implement indirect syscall in C#.
https://t.co/7E0Ebk0Uub

🔗 https://www.netero1010-securitylab.com/evasion/indirect-syscall-in-csharp

🐥 [ tweet ]

😈 [ TrimarcSecurity, Trimarc ]

If you happened to miss our webinar back in June on 10 Ways to Secure AD Quickly, @JimSycurity wrote you a whitepaper on how to do the very things we talked about. He's a champion.

It's available for download right now:
https://t.co/3wPehRbWP5

🔗 https://www.hub.trimarcsecurity.com/post/ten-ways-to-improve-ad-security-quickly

🐥 [ tweet ]

😈 [ gentilkiwi, 🥝 Benjamin Delpy ]

Always fabulous to see editors low the Windows Security level

When Citrix SSO is enabled... passwords are stored in *user processes* (in addition to system ones)

Ho yeah, *even if you have Credential Guard*
Yeah, that's what Citrix is calling "SSO"

> Will be in #mimikatz 3 🥝

🐥 [ tweet ]

😈 [ TrustedSec, TrustedSec ]

Does crack[.]sh being offline got you down? 😔 Don't worry, you have options.
Find out how @n00py1 uses two different techniques to exploit systems that allow for the NTLMv1 authentication protocol.

https://t.co/eMqdnbZHLP

🔗 https://hubs.la/Q01mpY-j0

🐥 [ tweet ]