😈 [ NinjaParanoid, Chetan Nayak (Brute Ratel C4 Author) ]
Heres all the nighthawk samples which mdsec tried to hide by blasting VT with fake samples. Enjoy hunting TAs! Sharing for attribution purposes!
https://t.co/Nrlr6CU7TF
https://t.co/7V8r5QObeP
https://t.co/lWNZctPTy8
https://t.co/aIg3QecyTg
https://t.co/ERvg61wELk
🔗 https://anonfiles.com/H1N4XbIby5/f3bba2bfd4ed48b5426e36eba3b7613973226983a784d24d7a20fcf9df0de74e_exe
🔗 https://anonfiles.com/IbN5X4Ify4/b775a8f7629966592cc7727e2081924a7d7cf83edd7447aa60627a2b67d87c94_exe
🔗 https://anonfiles.com/JfN1XcIfy1/9a57919cc5c194e28acd62719487c563a8f0ef1205b65adbe535386e34e418b8_exe
🔗 https://anonfiles.com/K3N4X0Iby5/0551ca07f05c2a8278229c1dc651a2b1273a39914857231b075733753cb2b988_exe
🔗 https://anonfiles.com/E7tdy5J0y4/ea7a1363c5f304c206bc8450ed1d4b14d76eb492a1011b8f2c1d2f218de8c770
🐥 [ tweet ]
Heres all the nighthawk samples which mdsec tried to hide by blasting VT with fake samples. Enjoy hunting TAs! Sharing for attribution purposes!
https://t.co/Nrlr6CU7TF
https://t.co/7V8r5QObeP
https://t.co/lWNZctPTy8
https://t.co/aIg3QecyTg
https://t.co/ERvg61wELk
🔗 https://anonfiles.com/H1N4XbIby5/f3bba2bfd4ed48b5426e36eba3b7613973226983a784d24d7a20fcf9df0de74e_exe
🔗 https://anonfiles.com/IbN5X4Ify4/b775a8f7629966592cc7727e2081924a7d7cf83edd7447aa60627a2b67d87c94_exe
🔗 https://anonfiles.com/JfN1XcIfy1/9a57919cc5c194e28acd62719487c563a8f0ef1205b65adbe535386e34e418b8_exe
🔗 https://anonfiles.com/K3N4X0Iby5/0551ca07f05c2a8278229c1dc651a2b1273a39914857231b075733753cb2b988_exe
🔗 https://anonfiles.com/E7tdy5J0y4/ea7a1363c5f304c206bc8450ed1d4b14d76eb492a1011b8f2c1d2f218de8c770
🐥 [ tweet ]
😈 [ _nwodtuhs, Charlie Bromberg “Shutdown” ]
Updated the DACL abuse mindmap. New dark theme, used BloodHound's iconography, added the ACE inheritance path for Containers and Organizational Unit.
🧑🍳 The Hacker Recipes https://t.co/iMrOGWv63j
🔗 https://www.thehacker.recipes/ad/movement/dacl
🐥 [ tweet ]
Updated the DACL abuse mindmap. New dark theme, used BloodHound's iconography, added the ACE inheritance path for Containers and Organizational Unit.
🧑🍳 The Hacker Recipes https://t.co/iMrOGWv63j
🔗 https://www.thehacker.recipes/ad/movement/dacl
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ OutflankNL, Outflank ]
New BOF released to our OST customers: Coercer
Coercer triggers a novel and non-public coercion method that forces SMB authentication from the computer account on workstations. From there on, you can for example relay to ADCS for generating a computer certificate.
🐥 [ tweet ]
New BOF released to our OST customers: Coercer
Coercer triggers a novel and non-public coercion method that forces SMB authentication from the computer account on workstations. From there on, you can for example relay to ADCS for generating a computer certificate.
🐥 [ tweet ]
😈 [ _RastaMouse, Rasta Mouse ]
[BLOG]
Short post on alternate ways to impersonate access tokens in C#, including in other threads. Thanks @GuhnooPlusLinux for providing the inspiration.
https://t.co/TRdI5zuR5j
🔗 https://rastamouse.me/token-impersonation-in-csharp/
🐥 [ tweet ]
[BLOG]
Short post on alternate ways to impersonate access tokens in C#, including in other threads. Thanks @GuhnooPlusLinux for providing the inspiration.
https://t.co/TRdI5zuR5j
🔗 https://rastamouse.me/token-impersonation-in-csharp/
🐥 [ tweet ]
😈 [ 0xdf_, 0xdf ]
Support is the 4th box I've released on @hackthebox_eu! It retires today. Light .NET reverseing, LDAP enumeration, and genericall on the DC -> a fake machine AD attack.
Inspiration for the box comes from a @7minsec "tales of pentest pwnage" episode.
https://t.co/79G4EUS7Nt
🔗 https://0xdf.gitlab.io/2022/12/17/htb-support.html
🐥 [ tweet ]
Support is the 4th box I've released on @hackthebox_eu! It retires today. Light .NET reverseing, LDAP enumeration, and genericall on the DC -> a fake machine AD attack.
Inspiration for the box comes from a @7minsec "tales of pentest pwnage" episode.
https://t.co/79G4EUS7Nt
🔗 https://0xdf.gitlab.io/2022/12/17/htb-support.html
🐥 [ tweet ]
🔥3
😈 [ Idov31, Ido Veltzman ]
I'm happy to release Venom - A C++ single header file for evasive network communication which using a stolen browser's socket to perform all of its network activities and by that can make it hard to trace it back to the process.
https://t.co/AVxQbNru3Z
#infosec #CyberSecurity
🔗 https://github.com/Idov31/Venom
🐥 [ tweet ]
I'm happy to release Venom - A C++ single header file for evasive network communication which using a stolen browser's socket to perform all of its network activities and by that can make it hard to trace it back to the process.
https://t.co/AVxQbNru3Z
#infosec #CyberSecurity
🔗 https://github.com/Idov31/Venom
🐥 [ tweet ]
😈 [ an0n_r0, an0n ]
1. remove disk from target laptop
2. virtualize system (VBoxManage convertfromraw)
3. abuse local admin (chntpw using alt booted system)
4. run mimikatz by reflective loading (bypass ESET :) )
5. extract machine cert / secrets
NEVER deploy company laptop without BitLocker.
🐥 [ tweet ]
1. remove disk from target laptop
2. virtualize system (VBoxManage convertfromraw)
3. abuse local admin (chntpw using alt booted system)
4. run mimikatz by reflective loading (bypass ESET :) )
5. extract machine cert / secrets
NEVER deploy company laptop without BitLocker.
🐥 [ tweet ]
😁5🔥2🥱1
😈 [ namazso, namazso ]
After being asked for it a few times in DMs, I decided to just publish my ptrace-less injector for x64 Linux
https://t.co/zqsP0xiJdZ
(via @namazso@mastodon.cloud)
🔗 https://github.com/namazso/linux_injector
🐥 [ tweet ]
After being asked for it a few times in DMs, I decided to just publish my ptrace-less injector for x64 Linux
https://t.co/zqsP0xiJdZ
(via @namazso@mastodon.cloud)
🔗 https://github.com/namazso/linux_injector
🐥 [ tweet ]
😈 [ _nwodtuhs, Charlie Bromberg “Shutdown” ]
🎅 xmas contribution to one of the tools I used most in 2022. #BloodHound
https://t.co/KqJYEOfzOs
🔗 https://github.com/BloodHoundAD/BloodHound/pull/625
🐥 [ tweet ]
🎅 xmas contribution to one of the tools I used most in 2022. #BloodHound
https://t.co/KqJYEOfzOs
🔗 https://github.com/BloodHoundAD/BloodHound/pull/625
🐥 [ tweet ]
😈 [ IKalendarov, Ilan Kalendarov ]
New research of mine about using hardware breakpoint for EDR evasion. Thanks to @rad9800 for the inspiration on this topic.
https://t.co/Ax2IZkSOI2
🔗 https://cymulate.com/blog/blindside-a-new-technique-for-edr-evasion-with-hardware-breakpoints?utm_campaign=Oktopost-Research&utm_content=Oktopost-Twitter&utm_medium=Twitter&utm_source=Organic_Social
🐥 [ tweet ]
New research of mine about using hardware breakpoint for EDR evasion. Thanks to @rad9800 for the inspiration on this topic.
https://t.co/Ax2IZkSOI2
🔗 https://cymulate.com/blog/blindside-a-new-technique-for-edr-evasion-with-hardware-breakpoints?utm_campaign=Oktopost-Research&utm_content=Oktopost-Twitter&utm_medium=Twitter&utm_source=Organic_Social
🐥 [ tweet ]
😈 [ mariuszbit, mgeeky | Mariusz Banach ]
☢️ Recently we started seeing Threat Actors abusing MSI Windows Installation files for Initial Access & code execution
🔥 I now release Part 1 insights into how MSIs can be abused, PoCs for 🔴 & dissection utility for 🔵
🦠 Let me know what you think!
https://t.co/X7vi6BGQg5
🔗 https://mgeeky.tech/msi-shenanigans-part-1/
🔗 https://github.com/mgeeky/msi-shenanigans
🔗 https://github.com/mgeeky/msidump
🐥 [ tweet ]
☢️ Recently we started seeing Threat Actors abusing MSI Windows Installation files for Initial Access & code execution
🔥 I now release Part 1 insights into how MSIs can be abused, PoCs for 🔴 & dissection utility for 🔵
🦠 Let me know what you think!
https://t.co/X7vi6BGQg5
🔗 https://mgeeky.tech/msi-shenanigans-part-1/
🔗 https://github.com/mgeeky/msi-shenanigans
🔗 https://github.com/mgeeky/msidump
🐥 [ tweet ]
X (formerly Twitter)
mgeeky | Mariusz Banach (@mariuszbit) on X
🔴 Red Team operator, ex-MWR/F-Secure pentester, ex-AV engine developer @ESET, green tea addict. 🫖 @mgeeky@infosec.exchange
😈 [ _RastaMouse, Rasta Mouse ]
I've been trying to get NtCreateUserProcess working in C#, but no joy yet. If anyone wants to take a stab at fixing the code, it's here:
https://t.co/ma3iuCSFjj
🔗 https://gist.github.com/rasta-mouse/2f6316083dd2f38bb91f160cca2088df
🐥 [ tweet ]
I've been trying to get NtCreateUserProcess working in C#, but no joy yet. If anyone wants to take a stab at fixing the code, it's here:
https://t.co/ma3iuCSFjj
🔗 https://gist.github.com/rasta-mouse/2f6316083dd2f38bb91f160cca2088df
🐥 [ tweet ]
😈 [ M4yFly, Mayfly ]
Finally, the last part of GOAD writeups is done ! 🥳
Part 12 : Trusts
https://t.co/q6XDr8GTUD
🔗 https://mayfly277.github.io/posts/GOADv2-pwning-part12/
🐥 [ tweet ]
Finally, the last part of GOAD writeups is done ! 🥳
Part 12 : Trusts
https://t.co/q6XDr8GTUD
🔗 https://mayfly277.github.io/posts/GOADv2-pwning-part12/
🐥 [ tweet ]
Писал тут на коленке скрипт для энума существующих емейлов на Mail.ru через Tor. Текстом не отдам, придется переписывать 😆
🔥6
😈 [ sprocket_ed, ed ]
Not bad - https://t.co/RdbIsLfGRy
🔗 https://github.com/m1guelpf/plz-cli
🐥 [ tweet ]
Not bad - https://t.co/RdbIsLfGRy
🔗 https://github.com/m1guelpf/plz-cli
🐥 [ tweet ]
🔥4
😈 [ an0n_r0, an0n ]
what a wonderful technique for stealing chrome/edge cookies without knowing the user password via chrome debug mode by @mangopdf:
https://t.co/T2ct1WI6e3
have not known it before (what a shame😄), although it is 4+ yrs old and still working.
here it is, demo using Sliver C2.🔥
🔗 https://mango.pdf.zone/stealing-chrome-cookies-without-a-password
🐥 [ tweet ]
what a wonderful technique for stealing chrome/edge cookies without knowing the user password via chrome debug mode by @mangopdf:
https://t.co/T2ct1WI6e3
have not known it before (what a shame😄), although it is 4+ yrs old and still working.
here it is, demo using Sliver C2.🔥
🔗 https://mango.pdf.zone/stealing-chrome-cookies-without-a-password
🐥 [ tweet ]