😈 [ 424f424f, rvrsh3ll ]
Minor update to my BOF_Collection to make compiling a bit easier. https://t.co/SP7Bp4QTxg
🔗 https://github.com/rvrsh3ll/BOF_Collection
🐥 [ tweet ]
Minor update to my BOF_Collection to make compiling a bit easier. https://t.co/SP7Bp4QTxg
🔗 https://github.com/rvrsh3ll/BOF_Collection
🐥 [ tweet ]
😈 [ ORCx41, ORCA ]
Ever wanted to run your payload without being boring ? here you go ...
https://t.co/FmMEwiGWKV
🔗 https://github.com/ORCx41/NoRunPI
🐥 [ tweet ]
Ever wanted to run your payload without being boring ? here you go ...
https://t.co/FmMEwiGWKV
🔗 https://github.com/ORCx41/NoRunPI
🐥 [ tweet ]
😈 [ 424f424f, rvrsh3ll ]
A shellcode loader in the @MicrosoftStore ? What could go wrong.
https://t.co/V8M5iqHu9t
🔗 https://apps.microsoft.com/store/detail/shellcode-loader/9P6M7GWNH769
🐥 [ tweet ]
A shellcode loader in the @MicrosoftStore ? What could go wrong.
https://t.co/V8M5iqHu9t
🔗 https://apps.microsoft.com/store/detail/shellcode-loader/9P6M7GWNH769
🐥 [ tweet ]
😈 [ _Wra7h, Christian W ]
Found a reason to write PEResourceInject in C# this weekend. Here's the gist: https://t.co/AmfdkWzFZN
🔗 https://gist.github.com/Wra7h/65f52dc325a215227daa312a2e54a0a5
🐥 [ tweet ]
Found a reason to write PEResourceInject in C# this weekend. Here's the gist: https://t.co/AmfdkWzFZN
🔗 https://gist.github.com/Wra7h/65f52dc325a215227daa312a2e54a0a5
🐥 [ tweet ]
😈 [ bugch3ck, Jonas Vestberg ]
Making an old private project public. No news, just a merge of SweetPotato by @_EthicalChaos_ and SharpSystemTriggers/SharpEfsTrigger by @cube0x0.
https://t.co/EIX4QWoRLP
🔗 https://github.com/bugch3ck/SharpEfsPotato
🐥 [ tweet ]
Making an old private project public. No news, just a merge of SweetPotato by @_EthicalChaos_ and SharpSystemTriggers/SharpEfsTrigger by @cube0x0.
https://t.co/EIX4QWoRLP
🔗 https://github.com/bugch3ck/SharpEfsPotato
🐥 [ tweet ]
😈 [ CaptMeelo, Meelo ]
Got some time over the weekend to make a new post. Here you go.
#redteam #maldev #pentest
https://t.co/Qlyc6A7YEf
🔗 https://captmeelo.com/redteam/maldev/2022/10/17/independent-malware.html
🐥 [ tweet ]
Got some time over the weekend to make a new post. Here you go.
#redteam #maldev #pentest
https://t.co/Qlyc6A7YEf
🔗 https://captmeelo.com/redteam/maldev/2022/10/17/independent-malware.html
🐥 [ tweet ]
😈 [ n00py1, n00py ]
Blue Teams turn for shellz
https://t.co/8L5t9N5w5H
🔗 https://github.com/its-arun/CVE-2022-39197
🐥 [ tweet ]
Blue Teams turn for shellz
https://t.co/8L5t9N5w5H
🔗 https://github.com/its-arun/CVE-2022-39197
🐥 [ tweet ]
😈 [ filip_dragovic, Filip Dragovic ]
PoC for CVE-2022-3368 , arbitrary file move bug I found in Avira Security.
https://t.co/MRewhiDit4
🔗 https://github.com/Wh04m1001/CVE-2022-3368
🐥 [ tweet ]
PoC for CVE-2022-3368 , arbitrary file move bug I found in Avira Security.
https://t.co/MRewhiDit4
🔗 https://github.com/Wh04m1001/CVE-2022-3368
🐥 [ tweet ]
😈 [ dafthack, Beau Bullock ]
Finding cleartext creds in AD user attributes is something that happens more than most might think. Great demo John! Here's a 1-liner to find these while leveraging PowerView:
https://t.co/ZItkN8BjZ9
And here's one for Azure AD:
https://t.co/IcCHRYPrE5
🔗 https://gist.github.com/dafthack/5f8c36f7468fad991e9e1f6d81ec29d4
🐥 [ tweet ][ quote ]
Finding cleartext creds in AD user attributes is something that happens more than most might think. Great demo John! Here's a 1-liner to find these while leveraging PowerView:
https://t.co/ZItkN8BjZ9
And here's one for Azure AD:
https://t.co/IcCHRYPrE5
🔗 https://gist.github.com/dafthack/5f8c36f7468fad991e9e1f6d81ec29d4
🐥 [ tweet ][ quote ]
🔥1
😈 [ n00py1, n00py ]
I made a tool to enumerate fine-grained password policies from Linux.
Not sure how useful it will be as you typically need admin to enumerate it. Either way, here it is!
https://t.co/gGphLCCmgN
🔗 https://github.com/n00py/GetFGPP
🐥 [ tweet ]
I made a tool to enumerate fine-grained password policies from Linux.
Not sure how useful it will be as you typically need admin to enumerate it. Either way, here it is!
https://t.co/gGphLCCmgN
🔗 https://github.com/n00py/GetFGPP
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ 0x09AL, Rio ]
Full analysis of the Cobalt Strike RCE that me and @FuzzySec wrote is now up.
https://t.co/882Xpd3i8x
🔗 https://securityintelligence.com/posts/analysis-rce-vulnerability-cobalt-strike/
🐥 [ tweet ]
Full analysis of the Cobalt Strike RCE that me and @FuzzySec wrote is now up.
https://t.co/882Xpd3i8x
🔗 https://securityintelligence.com/posts/analysis-rce-vulnerability-cobalt-strike/
🐥 [ tweet ]
😈 [ Tarlogic, Tarlogic ]
From #Log4Shell to #Text4Shell. Vulnerability CVE-2022-42889 has once again put Java products in check, albeit with lesser affectation. Our colleagues @TuLkHaXs, @nicovell3, and @joserabal analyze the incident 👇
https://t.co/qGDpUOq3aY
🔗 https://www.tarlogic.com/blog/cve-2022-42889-critical-vulnerability-affects-apache-commons-text/
🐥 [ tweet ]
From #Log4Shell to #Text4Shell. Vulnerability CVE-2022-42889 has once again put Java products in check, albeit with lesser affectation. Our colleagues @TuLkHaXs, @nicovell3, and @joserabal analyze the incident 👇
https://t.co/qGDpUOq3aY
🔗 https://www.tarlogic.com/blog/cve-2022-42889-critical-vulnerability-affects-apache-commons-text/
🐥 [ tweet ]
😈 [ mpgn_x64, mpgn ]
New CrackMapExec module to dump Microsoft Teams cookies thanks to @KuiilSec contribution✌️
You can use them to retrieve informations like users, messages, groups etc or send directly messages in Teams 🔥
Initial discovery by @NoUselessTech 🪂
🐥 [ tweet ]
New CrackMapExec module to dump Microsoft Teams cookies thanks to @KuiilSec contribution✌️
You can use them to retrieve informations like users, messages, groups etc or send directly messages in Teams 🔥
Initial discovery by @NoUselessTech 🪂
🐥 [ tweet ]
😈 [ ShitSecure, S3cur3Th1sSh1t ]
Did not find any Twitter handle for credits but zimawhit3 released a (potential Nim gamechanging) repo. PiC Code over Nim? This would solve a lot of use-cases at least for me. +HalosGate/TargarusGate in Nim.🔥🔥
https://t.co/TQ82rbpwih
🔗 https://github.com/zimawhit3/Bitmancer
🐥 [ tweet ]
Did not find any Twitter handle for credits but zimawhit3 released a (potential Nim gamechanging) repo. PiC Code over Nim? This would solve a lot of use-cases at least for me. +HalosGate/TargarusGate in Nim.🔥🔥
https://t.co/TQ82rbpwih
🔗 https://github.com/zimawhit3/Bitmancer
🐥 [ tweet ]
😈 [ 424f424f, rvrsh3ll ]
Having fun running PowerShell from Python https://t.co/j5g3qzwwlV
🔗 https://github.com/JamesWTruher/PsPython
🐥 [ tweet ]
Having fun running PowerShell from Python https://t.co/j5g3qzwwlV
🔗 https://github.com/JamesWTruher/PsPython
🐥 [ tweet ]
😈 [ ippsec, ippsec ]
#HackTheBox Faculty video is up! Enjoyed abusing the ptrace capability with GDB to inject code into a running process. But my fav was an Unintended SQL Injection in an Update Statement because it teaches an important lesson on how dangerous type can be. https://t.co/y3VHiqHrYw
🔗 https://www.youtube.com/watch?v=LGO-dn7668g
🐥 [ tweet ]
#HackTheBox Faculty video is up! Enjoyed abusing the ptrace capability with GDB to inject code into a running process. But my fav was an Unintended SQL Injection in an Update Statement because it teaches an important lesson on how dangerous type can be. https://t.co/y3VHiqHrYw
🔗 https://www.youtube.com/watch?v=LGO-dn7668g
🐥 [ tweet ]
😈 [ D1rkMtr, D1rkMtr ]
https://t.co/UMTaYerSnT
Force the triggering of a conditional jump inside AmsiOpenSession() to close AMSI scaning session:
The 1st patch by corrupting the Amsi context header.
The 2nd patch by changing the string "AMSI" which will be compared to the Amsi context header to "D1RK".
🔗 https://github.com/D1rkMtr/PatchThatAMSI
🐥 [ tweet ]
https://t.co/UMTaYerSnT
Force the triggering of a conditional jump inside AmsiOpenSession() to close AMSI scaning session:
The 1st patch by corrupting the Amsi context header.
The 2nd patch by changing the string "AMSI" which will be compared to the Amsi context header to "D1RK".
🔗 https://github.com/D1rkMtr/PatchThatAMSI
🐥 [ tweet ]
😈 [ jack_halon, Jack Halon ]
Today I am finally releasing a new 3-part browser exploitation series on Chrome! This was written to help beginners break into the browser exploitation field.
Part 1 covers V8 internals such as objects, properties, and memory optimizations. Enjoy! https://t.co/bbFjOOzlOu
🔗 https://jhalon.github.io/chrome-browser-exploitation-1/
🐥 [ tweet ]
Today I am finally releasing a new 3-part browser exploitation series on Chrome! This was written to help beginners break into the browser exploitation field.
Part 1 covers V8 internals such as objects, properties, and memory optimizations. Enjoy! https://t.co/bbFjOOzlOu
🔗 https://jhalon.github.io/chrome-browser-exploitation-1/
🐥 [ tweet ]
😈 [ mpgn_x64, mpgn ]
CrackMapExec can now retrieve gMSA passwords using LDAP protocol and option --gmsa 🔥 Thanks to @pentest_swissky for this addition into CME 🫡
Also, I probably don't say it enough but thanks to all the sponsors from @porchetta_ind 🪂
🐥 [ tweet ]
CrackMapExec can now retrieve gMSA passwords using LDAP protocol and option --gmsa 🔥 Thanks to @pentest_swissky for this addition into CME 🫡
Also, I probably don't say it enough but thanks to all the sponsors from @porchetta_ind 🪂
🐥 [ tweet ]