😈 [ SEKTOR7net, SEKTOR7 Institute ]

If you happen to click on non-existing Microsoft KB link, do not despair, @betaarchive's got your back.

Huge repository containing old and recent KB articles and lots of other good info.

Check it out!

https://t.co/To0dcuqUYx

🔗 https://www.betaarchive.com/wiki/index.php?noscript=Microsoft_KB_Archive

🐥 [ tweet ]

😈 [ HuskyHacksMK, Matt | HuskyHacks ]

🔬A new, FREE PMAT section is now available on my blog!

It attempts to answer a common question that I get about the PMAT Host Only lab set up and offers steps to configure an Internal Network malware analysis network

You spoke, I listened ♥

https://t.co/XKdwWmlRn2

🔗 https://notes.huskyhacks.dev/blog/malware-analysis-labs-internal-network-vs-host-only

🐥 [ tweet ]

😈 [ M4yFly, Mayfly ]

Let's have some fun with MSSQL in GOAD this time 😁
https://t.co/x7exgnliAS

🔗 https://mayfly277.github.io/posts/GOADv2-pwning-part7/

🐥 [ tweet ]

😈 [ C5pider, 5pider ]

Talon
A (demo) 3rd party agent for the Havoc Framework.
https://t.co/BGmHOXkSCD

🔗 https://github.com/HavocFramework/Talon

🐥 [ tweet ]

😈 [ SEKTOR7net, SEKTOR7 Institute ]

Here we go!

Pre-sale of RTO: MalDev Advanced (Vol.1) is now open
Pre-sale end: Sep 27th
Course release date: Sep 28th

Userland rootkit tech, building MSVC COFFs, custom "RPC" instrumentation and more...

You can't miss it!
https://t.co/nEYFgyS0pE

#RTO #redteam #onlinelearning

🔗 https://institute.sektor7.net/rto-maldev-adv1

🐥 [ tweet ]

😈 [ m8sec, Mike Brown ]

Current state of infosec Twitter...

🐥 [ tweet ]

😈 [ BushidoToken, Will ]

Hey @MicrosoftTeams

🐥 [ tweet ]

так жизненно прастите

😈 [ netero_1010, Chris Au ]

Having some fun to re-implement indirect syscall in C#.
https://t.co/7E0Ebk0Uub

🔗 https://www.netero1010-securitylab.com/evasion/indirect-syscall-in-csharp

🐥 [ tweet ]

😈 [ TrimarcSecurity, Trimarc ]

If you happened to miss our webinar back in June on 10 Ways to Secure AD Quickly, @JimSycurity wrote you a whitepaper on how to do the very things we talked about. He's a champion.

It's available for download right now:
https://t.co/3wPehRbWP5

🔗 https://www.hub.trimarcsecurity.com/post/ten-ways-to-improve-ad-security-quickly

🐥 [ tweet ]

😈 [ gentilkiwi, 🥝 Benjamin Delpy ]

Always fabulous to see editors low the Windows Security level

When Citrix SSO is enabled... passwords are stored in *user processes* (in addition to system ones)

Ho yeah, *even if you have Credential Guard*
Yeah, that's what Citrix is calling "SSO"

> Will be in #mimikatz 3 🥝

🐥 [ tweet ]

😈 [ TrustedSec, TrustedSec ]

Does crack[.]sh being offline got you down? 😔 Don't worry, you have options.
Find out how @n00py1 uses two different techniques to exploit systems that allow for the NTLMv1 authentication protocol.

https://t.co/eMqdnbZHLP

🔗 https://hubs.la/Q01mpY-j0

🐥 [ tweet ]

😈 [ SkelSec, SkelSec ]

Python. Asyncio. SSH. Client. (library)
Don't use it if you need security, use it when you want to test security :)
Public, MIT license.
As usual, thank you for all supporters of @porchetta_ind

https://t.co/hc6izOo6Xd

🔗 https://github.com/skelsec/amurex

🐥 [ tweet ]

😈 [ zux0x3a, Lawrence 勞倫斯 ]

Imagine you are 18 years old and accidentally putting your life and future on the edge just because you want to hack/show fame !? For what? Being a criminal is not a smart move, and in the end, you will be caught.

🐥 [ tweet ]

true

👹 [ snovvcrash, sn🥶vvcr💥sh ]

Being on a vacation I couldn’t resist from playing with a slightly modified example of internal credential phishing by @zux0x3a (which is not as complex as the CredentialPhisher from @foxit). Below is a quick demo of invoking a credential dialog with CME, DInjector and donut 🍩

🔗 https://github.com/0xsp-SRD/0xsp.com/tree/main/creds_hunt

🐥 [ tweet ]