😈 [ splinter_code, Antonio Cocomazzi ]
#JuicyPotato is back! 🔥
Get instant SYSTEM access if you have SeImpersonate or SeAssignPrimaryToken privs!
Checkout our new #JuicyPotatoNG 👇
https://t.co/mqB9dZ3YCA
cc @decoder_it
🔗 https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong
🐥 [ tweet ]
#JuicyPotato is back! 🔥
Get instant SYSTEM access if you have SeImpersonate or SeAssignPrimaryToken privs!
Checkout our new #JuicyPotatoNG 👇
https://t.co/mqB9dZ3YCA
cc @decoder_it
🔗 https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong
🐥 [ tweet ]
😈 [ ORCx41, ORCA ]
ever wanted to replace FindResource, LoadResource, LockResource, SizeofResource...
well, now you can :
https://t.co/Xl9F56pd4p
🔗 https://github.com/ORCx41/ManualRsrcDataFetching
🐥 [ tweet ]
ever wanted to replace FindResource, LoadResource, LockResource, SizeofResource...
well, now you can :
https://t.co/Xl9F56pd4p
🔗 https://github.com/ORCx41/ManualRsrcDataFetching
🐥 [ tweet ]
😈 [ mariuszbit, mgeeky | Mariusz Banach ]
🦠If you wish to understand what's causing your AMSI detection - whether VBA or WSH, you might check out Matt Graeber's @mattifestation AMSITools.ps1.
I crafted up HOWTO and a helper noscript that uses his brilliant work to pull AMSI events:
https://t.co/gOjTGuXUSZ
🔗 https://github.com/mgeeky/Penetration-Testing-Tools/tree/master/red-teaming/AMSITools
🐥 [ tweet ]
🦠If you wish to understand what's causing your AMSI detection - whether VBA or WSH, you might check out Matt Graeber's @mattifestation AMSITools.ps1.
I crafted up HOWTO and a helper noscript that uses his brilliant work to pull AMSI events:
https://t.co/gOjTGuXUSZ
🔗 https://github.com/mgeeky/Penetration-Testing-Tools/tree/master/red-teaming/AMSITools
🐥 [ tweet ]
Не могу не порекомендовать подписываться на @s0i37_channel, так как уже предчувствую годноту от @s0i37. К сожалению, мы не знакомы лично, но его работы восхищают.
Мое любимое – это:
- https://xakep.ru/2020/06/17/windows-mitm/
- https://github.com/s0i37/lateral
Мое любимое – это:
- https://xakep.ru/2020/06/17/windows-mitm/
- https://github.com/s0i37/lateral
🔥4😁2
😈 [ Six2dez1, Six2dez ]
This is a superb article for pentesting Cisco networks
https://t.co/spiVfvLyQm
🔗 https://medium.com/@in9uz/cisco-nightmare-pentesting-cisco-networks-like-a-devil-f4032eb437b9
🐥 [ tweet ]
This is a superb article for pentesting Cisco networks
https://t.co/spiVfvLyQm
🔗 https://medium.com/@in9uz/cisco-nightmare-pentesting-cisco-networks-like-a-devil-f4032eb437b9
🐥 [ tweet ]
🔥3
😈 [ NationalCyberS1, National Cyber Security Services ]
LinWinPwn:- A bash noscript that automates a number of Active Directory Enumeration and Vulnerability checks.
Link:https://t.co/pR8suEn8PZ
#hacking #bugbountytips #informationsecurity #cybersecurity #infosec #cybersecuritytips #Ethicalhacking #Pentesting
https://t.co/uJj502OabP
🔗 https://github.com/lefayjey/linWinPwn
🔗 https://ncybersecurity.com
🐥 [ tweet ]
LinWinPwn:- A bash noscript that automates a number of Active Directory Enumeration and Vulnerability checks.
Link:https://t.co/pR8suEn8PZ
#hacking #bugbountytips #informationsecurity #cybersecurity #infosec #cybersecuritytips #Ethicalhacking #Pentesting
https://t.co/uJj502OabP
🔗 https://github.com/lefayjey/linWinPwn
🔗 https://ncybersecurity.com
🐥 [ tweet ]
😈 [ HackerOtter, OtterHacker ]
Muscle up your game with Kerberos. Abuse tickets and Kerberos extensions to elevate your privileges.
I've built a small lab around the S4U2Self Abuse :
https://t.co/8GSnJuLJcf
Find all you need here :
https://t.co/hXkRocpkSX
Thanks @pentest_swissky for the help on ansible !
🔗 https://github.com/OtterHacker/LabS4U2Self
🔗 https://otterhacker.github.io/Pentest/Services/Kerberos.html
🐥 [ tweet ]
Muscle up your game with Kerberos. Abuse tickets and Kerberos extensions to elevate your privileges.
I've built a small lab around the S4U2Self Abuse :
https://t.co/8GSnJuLJcf
Find all you need here :
https://t.co/hXkRocpkSX
Thanks @pentest_swissky for the help on ansible !
🔗 https://github.com/OtterHacker/LabS4U2Self
🔗 https://otterhacker.github.io/Pentest/Services/Kerberos.html
🐥 [ tweet ]
😈 [ redteamfieldman, RTFM ]
Doing some end of the week research on command and control platforms and ran across a couple great resources. @c2_matrix #C2 #RedTeam
https://t.co/3VPtAFW9sK
https://t.co/SV1nZkJuD7
🔗 https://www.thec2matrix.com/matrix
🔗 https://github.com/tcostam/awesome-command-control
🐥 [ tweet ]
Doing some end of the week research on command and control platforms and ran across a couple great resources. @c2_matrix #C2 #RedTeam
https://t.co/3VPtAFW9sK
https://t.co/SV1nZkJuD7
🔗 https://www.thec2matrix.com/matrix
🔗 https://github.com/tcostam/awesome-command-control
🐥 [ tweet ]
😈 [ an0n_r0, an0n ]
EVERYTHING about relaying attacks by @vendetce. Just scrolled through the slides (here: https://t.co/c4187R98AQ), still watching the video, awesome content. Thanks for this broad comprehensive presentation! 👍👍👍 https://t.co/MMIgE6xboY
🔗 https://www.blackhillsinfosec.com/wp-content/uploads/2022/09/Coercions-and-Relays-The-First-Cred-is-the-Deepest.pdf
🔗 https://youtu.be/b0lLxLJKaRs
🐥 [ tweet ][ quote ]
EVERYTHING about relaying attacks by @vendetce. Just scrolled through the slides (here: https://t.co/c4187R98AQ), still watching the video, awesome content. Thanks for this broad comprehensive presentation! 👍👍👍 https://t.co/MMIgE6xboY
🔗 https://www.blackhillsinfosec.com/wp-content/uploads/2022/09/Coercions-and-Relays-The-First-Cred-is-the-Deepest.pdf
🔗 https://youtu.be/b0lLxLJKaRs
🐥 [ tweet ][ quote ]
Offensive Xwitter
😈 [ an0n_r0, an0n ] EVERYTHING about relaying attacks by @vendetce. Just scrolled through the slides (here: https://t.co/c4187R98AQ), still watching the video, awesome content. Thanks for this broad comprehensive presentation! 👍👍👍 https://t.co/MMIgE6xboY…
Coercions-and-Relays-The-First-Cred-is-the-Deepest.pdf
2.6 MB
😈 [ _nwodtuhs, Charlie “Shutdown” ]
✨ The Hacker Recipes presents GoldenGMSA 🪙
Shoutout to @Dramelac_ for preparing the recipe and @volker_carstein for initial review and changes.
Shoutout to the awesome work by @SemperisTech and @YuG0rd for the research and tooling
https://t.co/SzTykUrPJw
🔗 https://www.thehacker.recipes/ad/persistence/goldengmsa
🐥 [ tweet ]
✨ The Hacker Recipes presents GoldenGMSA 🪙
Shoutout to @Dramelac_ for preparing the recipe and @volker_carstein for initial review and changes.
Shoutout to the awesome work by @SemperisTech and @YuG0rd for the research and tooling
https://t.co/SzTykUrPJw
🔗 https://www.thehacker.recipes/ad/persistence/goldengmsa
🐥 [ tweet ]
😈 [ lkarlslund, Lars Karlslund ]
Cool LDAP utility for Red Teamers! Easy to do simple lookups and some modifications - it has great potential and I'm sure more features will come. I had a similar tool planned, but never found the time to do it - fortunately @synzack21 did!
https://t.co/LhOsVPTbV8
🔗 https://github.com/Synzack/ldapper
🐥 [ tweet ]
Cool LDAP utility for Red Teamers! Easy to do simple lookups and some modifications - it has great potential and I'm sure more features will come. I had a similar tool planned, but never found the time to do it - fortunately @synzack21 did!
https://t.co/LhOsVPTbV8
🔗 https://github.com/Synzack/ldapper
🐥 [ tweet ]
😈 [ theluemmel, ADCluemmelSec ]
You didn't ask for it, but I don't care :D
ADCS PWN Blog:
https://t.co/iWvY9hbjZm
All abuse steps for ESC1-10 + Certifried, with pics, snippets, guides and more.
Big thx to:
@harmj0y, @tifkin_, @ly4k_, @_nwodtuhs,@snovvcrash, +forgotten ones for your awesome work on this topic
🔗 https://luemmelsec.github.io/Skidaddle-Skideldi-I-just-pwnd-your-PKI/
🐥 [ tweet ]
You didn't ask for it, but I don't care :D
ADCS PWN Blog:
https://t.co/iWvY9hbjZm
All abuse steps for ESC1-10 + Certifried, with pics, snippets, guides and more.
Big thx to:
@harmj0y, @tifkin_, @ly4k_, @_nwodtuhs,@snovvcrash, +forgotten ones for your awesome work on this topic
🔗 https://luemmelsec.github.io/Skidaddle-Skideldi-I-just-pwnd-your-PKI/
🐥 [ tweet ]