😈 [ _nwodtuhs, Charlie Bromberg “Shutdown” ]

Thank you @BlWasp_ for contributing to The Hacker Tools, documenting Impacket's ping, ping6, GetNPUsers and GetUserSPNs example noscripts
- https://t.co/h3gTvWV4ia
- https://t.co/PRR2wdZkcT
- https://t.co/tApF0oAmBx
- https://t.co/GM1yyW78sF

https://t.co/PjOo8FoZ0p

🔗 https://tools.thehacker.recipes/impacket/examples/ping.py
🔗 https://tools.thehacker.recipes/impacket/examples/ping6.py
🔗 https://tools.thehacker.recipes/impacket/examples/getnpusers.py
🔗 https://tools.thehacker.recipes/impacket/examples/getuserspns.py
🔗 https://tools.thehacker.recipes/impacket/examples

🐥 [ tweet ]

😈 [ NinjaParanoid, Chetan Nayak (Brute Ratel C4 Author) ]

Heres all the nighthawk samples which mdsec tried to hide by blasting VT with fake samples. Enjoy hunting TAs! Sharing for attribution purposes!
https://t.co/Nrlr6CU7TF
https://t.co/7V8r5QObeP
https://t.co/lWNZctPTy8
https://t.co/aIg3QecyTg
https://t.co/ERvg61wELk

🔗 https://anonfiles.com/H1N4XbIby5/f3bba2bfd4ed48b5426e36eba3b7613973226983a784d24d7a20fcf9df0de74e_exe
🔗 https://anonfiles.com/IbN5X4Ify4/b775a8f7629966592cc7727e2081924a7d7cf83edd7447aa60627a2b67d87c94_exe
🔗 https://anonfiles.com/JfN1XcIfy1/9a57919cc5c194e28acd62719487c563a8f0ef1205b65adbe535386e34e418b8_exe
🔗 https://anonfiles.com/K3N4X0Iby5/0551ca07f05c2a8278229c1dc651a2b1273a39914857231b075733753cb2b988_exe
🔗 https://anonfiles.com/E7tdy5J0y4/ea7a1363c5f304c206bc8450ed1d4b14d76eb492a1011b8f2c1d2f218de8c770

🐥 [ tweet ]

😈 [ _nwodtuhs, Charlie Bromberg “Shutdown” ]

Updated the DACL abuse mindmap. New dark theme, used BloodHound's iconography, added the ACE inheritance path for Containers and Organizational Unit.

🧑‍🍳 The Hacker Recipes https://t.co/iMrOGWv63j

🔗 https://www.thehacker.recipes/ad/movement/dacl

🐥 [ tweet ]

😈 [ OutflankNL, Outflank ]

New BOF released to our OST customers: Coercer

Coercer triggers a novel and non-public coercion method that forces SMB authentication from the computer account on workstations. From there on, you can for example relay to ADCS for generating a computer certificate.

🐥 [ tweet ]

😈 [ _RastaMouse, Rasta Mouse ]

[BLOG]
Short post on alternate ways to impersonate access tokens in C#, including in other threads. Thanks @GuhnooPlusLinux for providing the inspiration.

https://t.co/TRdI5zuR5j

🔗 https://rastamouse.me/token-impersonation-in-csharp/

🐥 [ tweet ]

😈 [ 0xdf_, 0xdf ]

Support is the 4th box I've released on @hackthebox_eu! It retires today. Light .NET reverseing, LDAP enumeration, and genericall on the DC -> a fake machine AD attack.

Inspiration for the box comes from a @7minsec "tales of pentest pwnage" episode.

https://t.co/79G4EUS7Nt

🔗 https://0xdf.gitlab.io/2022/12/17/htb-support.html

🐥 [ tweet ]

😈 [ Idov31, Ido Veltzman ]

I'm happy to release Venom - A C++ single header file for evasive network communication which using a stolen browser's socket to perform all of its network activities and by that can make it hard to trace it back to the process.

https://t.co/AVxQbNru3Z

#infosec #CyberSecurity

🔗 https://github.com/Idov31/Venom

🐥 [ tweet ]

😈 [ an0n_r0, an0n ]

1. remove disk from target laptop
2. virtualize system (VBoxManage convertfromraw)
3. abuse local admin (chntpw using alt booted system)
4. run mimikatz by reflective loading (bypass ESET :) )
5. extract machine cert / secrets

NEVER deploy company laptop without BitLocker.

🐥 [ tweet ]

😈 [ namazso, namazso ]

After being asked for it a few times in DMs, I decided to just publish my ptrace-less injector for x64 Linux

https://t.co/zqsP0xiJdZ

(via @namazso@mastodon.cloud)

🔗 https://github.com/namazso/linux_injector

🐥 [ tweet ]

Ля, почему это так орно

😈 [ _nwodtuhs, Charlie Bromberg “Shutdown” ]

🎅 xmas contribution to one of the tools I used most in 2022. #BloodHound

https://t.co/KqJYEOfzOs

🔗 https://github.com/BloodHoundAD/BloodHound/pull/625

🐥 [ tweet ]

😈 [ IKalendarov, Ilan Kalendarov ]

New research of mine about using hardware breakpoint for EDR evasion. Thanks to @rad9800 for the inspiration on this topic.

https://t.co/Ax2IZkSOI2

🔗 https://cymulate.com/blog/blindside-a-new-technique-for-edr-evasion-with-hardware-breakpoints?utm_campaign=Oktopost-Research&utm_content=Oktopost-Twitter&utm_medium=Twitter&utm_source=Organic_Social

🐥 [ tweet ]

😈 [ mariuszbit, mgeeky | Mariusz Banach ]

☢️ Recently we started seeing Threat Actors abusing MSI Windows Installation files for Initial Access & code execution

🔥 I now release Part 1 insights into how MSIs can be abused, PoCs for 🔴 & dissection utility for 🔵

🦠 Let me know what you think!

https://t.co/X7vi6BGQg5

🔗 https://mgeeky.tech/msi-shenanigans-part-1/
🔗 https://github.com/mgeeky/msi-shenanigans
🔗 https://github.com/mgeeky/msidump

🐥 [ tweet ]

😈 [ _RastaMouse, Rasta Mouse ]

I've been trying to get NtCreateUserProcess working in C#, but no joy yet. If anyone wants to take a stab at fixing the code, it's here:

https://t.co/ma3iuCSFjj

🔗 https://gist.github.com/rasta-mouse/2f6316083dd2f38bb91f160cca2088df

🐥 [ tweet ]

😈 [ M4yFly, Mayfly ]

Finally, the last part of GOAD writeups is done ! 🥳
Part 12 : Trusts

https://t.co/q6XDr8GTUD

🔗 https://mayfly277.github.io/posts/GOADv2-pwning-part12/

🐥 [ tweet ]

Писал тут на коленке скрипт для энума существующих емейлов на Mail.ru через Tor. Текстом не отдам, придется переписывать 😆

😈 [ sprocket_ed, ed ]

Not bad - https://t.co/RdbIsLfGRy

🔗 https://github.com/m1guelpf/plz-cli

🐥 [ tweet ]

😈 [ an0n_r0, an0n ]

what a wonderful technique for stealing chrome/edge cookies without knowing the user password via chrome debug mode by @mangopdf:

https://t.co/T2ct1WI6e3

have not known it before (what a shame😄), although it is 4+ yrs old and still working.

here it is, demo using Sliver C2.🔥

🔗 https://mango.pdf.zone/stealing-chrome-cookies-without-a-password

🐥 [ tweet ]