Лень подводить итоги года по типу «я много всего сделяль, я крутой, кхм, пук…», поэтому просто немного арта от ][
Всех с наступающим! 🎄🎅🏻
EDIT. А, ну да, меня уже поправили, главная ачивка - это @fuckushitbitch. Я думал, это и так очевидно 🤷🏻♂️
Всех с наступающим! 🎄🎅🏻
EDIT. А, ну да, меня уже поправили, главная ачивка - это @fuckushitbitch. Я думал, это и так очевидно 🤷🏻♂️
🔥14
😈 [ jack_halon, Jack Halon ]
To wrap up 2022, I'm releasing the final part of my 3-part browser exploitation series on Chrome!
In this post, we demonstrate the practical use of the concepts we've learned throughout the series by analyzing and exploiting CVE-2018-17463.
Enjoy!
https://t.co/Xhrnh4fqNB
🔗 https://jhalon.github.io/chrome-browser-exploitation-3/
🐥 [ tweet ]
To wrap up 2022, I'm releasing the final part of my 3-part browser exploitation series on Chrome!
In this post, we demonstrate the practical use of the concepts we've learned throughout the series by analyzing and exploiting CVE-2018-17463.
Enjoy!
https://t.co/Xhrnh4fqNB
🔗 https://jhalon.github.io/chrome-browser-exploitation-3/
🐥 [ tweet ]
😈 [ zux0x3a, Lawrence 勞倫斯 | لورانس ]
Created A Pascal Reverse Shell with Encrypted Traffic Using the XOR Algorithm to encrypt the network communications between client/server. The current PoC demonstrates the ability to reduce the static detection ratio.
https://t.co/1dHcFDGB1F
🔗 https://ired.dev/discussion/16/a-pascal-reverse-shell-with-encrypted-traffic-using-the-xor-algorithm/
🐥 [ tweet ]
Created A Pascal Reverse Shell with Encrypted Traffic Using the XOR Algorithm to encrypt the network communications between client/server. The current PoC demonstrates the ability to reduce the static detection ratio.
https://t.co/1dHcFDGB1F
🔗 https://ired.dev/discussion/16/a-pascal-reverse-shell-with-encrypted-traffic-using-the-xor-algorithm/
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ SEKTOR7net, SEKTOR7 Institute ]
New tool released!
CaFeBiBa - COFF object parser for binaries compiled with MSVC.
Enjoy!
https://t.co/h52wRRdaxY
#redteam #rto
🔗 https://blog.sektor7.net/#!res/2022/cafebiba.md
🐥 [ tweet ]
New tool released!
CaFeBiBa - COFF object parser for binaries compiled with MSVC.
Enjoy!
https://t.co/h52wRRdaxY
#redteam #rto
🔗 https://blog.sektor7.net/#!res/2022/cafebiba.md
🐥 [ tweet ]
😈 [ 0xTriboulet, Santos (Steve) S. ]
Novel @Windows Defender bypass that leverage’s Defender’s inability to detect a malicious executable with a >2MB stack requirement.
1) Make a big payload
2) Put it in main()
3) ???
4) PROFIT
https://t.co/C2dk5EDlVe
🔗 https://steve-s.gitbook.io/0xtriboulet/deceiving-defender/deceiving-defender-the-big-stack-bypass
🐥 [ tweet ]
Novel @Windows Defender bypass that leverage’s Defender’s inability to detect a malicious executable with a >2MB stack requirement.
1) Make a big payload
2) Put it in main()
3) ???
4) PROFIT
https://t.co/C2dk5EDlVe
🔗 https://steve-s.gitbook.io/0xtriboulet/deceiving-defender/deceiving-defender-the-big-stack-bypass
🐥 [ tweet ]
😈 [ bWlrYQ, \` ]
Hello !
I've just released my first blogpost about VLAN Hopping and how to exploit and mitigate it. Post is available in French 🇫🇷 and English 🇬🇧. Feel free to check it out and give me any kind of feedback 😄
https://t.co/GHaR939SV6
🔗 https://bwlryq.net/posts/vlan_hopping/
🐥 [ tweet ]
Hello !
I've just released my first blogpost about VLAN Hopping and how to exploit and mitigate it. Post is available in French 🇫🇷 and English 🇬🇧. Feel free to check it out and give me any kind of feedback 😄
https://t.co/GHaR939SV6
🔗 https://bwlryq.net/posts/vlan_hopping/
🐥 [ tweet ]
😈 [ _RastaMouse, Rasta Mouse ]
[BLOG]
Crappy post on creating custom implicit and explicit C# class conversions.
https://t.co/8DAIkC8QEa
🔗 https://offensivedefence.co.uk/posts/implicit-explicit-conversions/
🐥 [ tweet ]
[BLOG]
Crappy post on creating custom implicit and explicit C# class conversions.
https://t.co/8DAIkC8QEa
🔗 https://offensivedefence.co.uk/posts/implicit-explicit-conversions/
🐥 [ tweet ]
😈 [ _Wra7h, Christian W ]
Wrote a noscript to create a new .csproj for Seatbelt that will build with just the commands/command group you specify. 1/2
https://t.co/DtlM1GNECj
🔗 https://github.com/Wra7h/PowerShell-Scripts/tree/main/Invoke-Retractor
🐥 [ tweet ]
Wrote a noscript to create a new .csproj for Seatbelt that will build with just the commands/command group you specify. 1/2
https://t.co/DtlM1GNECj
🔗 https://github.com/Wra7h/PowerShell-Scripts/tree/main/Invoke-Retractor
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ zux0x3a, Lawrence 勞倫斯 | لورانس ]
I have released Linux/Unix-based binary with the same features
check it out: https://t.co/vVZdsTXNKW
🔗 https://ired.dev/discussion/17/a-pascal-reverse-shell-with-encrypted-traffic-using-the-xor-algorithm-linux#latest
🐥 [ tweet ][ quote ]
I have released Linux/Unix-based binary with the same features
check it out: https://t.co/vVZdsTXNKW
🔗 https://ired.dev/discussion/17/a-pascal-reverse-shell-with-encrypted-traffic-using-the-xor-algorithm-linux#latest
🐥 [ tweet ][ quote ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ zux0x3a, Lawrence 勞倫斯 | لورانس ]
Hey, 2023, a reverse shell with the XOR encryption for the communication between server/client, but now with C#. (converted from Pascal release)
https://t.co/JNVNlzYZ8z
🔗 https://github.com/0xsp-SRD/0xsp.com/tree/main/rev_shell_xor_enc
🐥 [ tweet ]
Hey, 2023, a reverse shell with the XOR encryption for the communication between server/client, but now with C#. (converted from Pascal release)
https://t.co/JNVNlzYZ8z
🔗 https://github.com/0xsp-SRD/0xsp.com/tree/main/rev_shell_xor_enc
🐥 [ tweet ]
😈 [ mpgn_x64, mpgn ]
In addition to a bug fix, i've also pushed an update on the RDP protocol so you can authenticate a user using kerberos 🔥
Thanks to @SkelSec for this amazing aardwolf lib 🫡
Pushed on @porchetta_ind 🪂
🐥 [ tweet ]
In addition to a bug fix, i've also pushed an update on the RDP protocol so you can authenticate a user using kerberos 🔥
Thanks to @SkelSec for this amazing aardwolf lib 🫡
Pushed on @porchetta_ind 🪂
🐥 [ tweet ]
🔥2
😈 [ _RastaMouse, Rasta Mouse ]
[BLOG]
Backdoor .NET applications via startup hooks.
https://t.co/eh8EibTzHv
🔗 https://rastamouse.me/net-startup-hooks/
🐥 [ tweet ]
[BLOG]
Backdoor .NET applications via startup hooks.
https://t.co/eh8EibTzHv
🔗 https://rastamouse.me/net-startup-hooks/
🐥 [ tweet ]
😈 [ ORCx41, ORCA ]
Released a new technique to perform clean indirect syscalls, in which the syscall is executed from within ntdll address space, You can check it here: https://t.co/d7HiRgq1KA
🔗 https://repo.maldevacademy.com/
🐥 [ tweet ]
Released a new technique to perform clean indirect syscalls, in which the syscall is executed from within ntdll address space, You can check it here: https://t.co/d7HiRgq1KA
🔗 https://repo.maldevacademy.com/
🐥 [ tweet ]
👍1
😈 [ an0n_r0, an0n ]
WDAC bypass using InstallUtil today. Nothing new, original research by @tiraniddo from 2017. Recreated the technique using ysoserial[.]NET for InstallState file generation (the original tooling is broken for .NET 4.8+). The formatter+gadget chain for arbitrary .NET exec is below.
🐥 [ tweet ][ quote ]
WDAC bypass using InstallUtil today. Nothing new, original research by @tiraniddo from 2017. Recreated the technique using ysoserial[.]NET for InstallState file generation (the original tooling is broken for .NET 4.8+). The formatter+gadget chain for arbitrary .NET exec is below.
🐥 [ tweet ][ quote ]
😈 [ naksyn, Diego Capriotti ]
Here's a pure Python implementation of MemoryModule technique to load a dll from memory. If using python is an option in your engagement, you can execute your dlls without injection or shellcode.
check it out!
https://t.co/N7yDE061Hs
#redteaming #DYORredteamtip #evasion
🔗 https://github.com/naksyn/PythonMemoryModule/
🐥 [ tweet ]
Here's a pure Python implementation of MemoryModule technique to load a dll from memory. If using python is an option in your engagement, you can execute your dlls without injection or shellcode.
check it out!
https://t.co/N7yDE061Hs
#redteaming #DYORredteamtip #evasion
🔗 https://github.com/naksyn/PythonMemoryModule/
🐥 [ tweet ]
🔥1