This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ SEKTOR7net, SEKTOR7 Institute ]
New tool released!
CaFeBiBa - COFF object parser for binaries compiled with MSVC.
Enjoy!
https://t.co/h52wRRdaxY
#redteam #rto
🔗 https://blog.sektor7.net/#!res/2022/cafebiba.md
🐥 [ tweet ]
New tool released!
CaFeBiBa - COFF object parser for binaries compiled with MSVC.
Enjoy!
https://t.co/h52wRRdaxY
#redteam #rto
🔗 https://blog.sektor7.net/#!res/2022/cafebiba.md
🐥 [ tweet ]
😈 [ 0xTriboulet, Santos (Steve) S. ]
Novel @Windows Defender bypass that leverage’s Defender’s inability to detect a malicious executable with a >2MB stack requirement.
1) Make a big payload
2) Put it in main()
3) ???
4) PROFIT
https://t.co/C2dk5EDlVe
🔗 https://steve-s.gitbook.io/0xtriboulet/deceiving-defender/deceiving-defender-the-big-stack-bypass
🐥 [ tweet ]
Novel @Windows Defender bypass that leverage’s Defender’s inability to detect a malicious executable with a >2MB stack requirement.
1) Make a big payload
2) Put it in main()
3) ???
4) PROFIT
https://t.co/C2dk5EDlVe
🔗 https://steve-s.gitbook.io/0xtriboulet/deceiving-defender/deceiving-defender-the-big-stack-bypass
🐥 [ tweet ]
😈 [ bWlrYQ, \` ]
Hello !
I've just released my first blogpost about VLAN Hopping and how to exploit and mitigate it. Post is available in French 🇫🇷 and English 🇬🇧. Feel free to check it out and give me any kind of feedback 😄
https://t.co/GHaR939SV6
🔗 https://bwlryq.net/posts/vlan_hopping/
🐥 [ tweet ]
Hello !
I've just released my first blogpost about VLAN Hopping and how to exploit and mitigate it. Post is available in French 🇫🇷 and English 🇬🇧. Feel free to check it out and give me any kind of feedback 😄
https://t.co/GHaR939SV6
🔗 https://bwlryq.net/posts/vlan_hopping/
🐥 [ tweet ]
😈 [ _RastaMouse, Rasta Mouse ]
[BLOG]
Crappy post on creating custom implicit and explicit C# class conversions.
https://t.co/8DAIkC8QEa
🔗 https://offensivedefence.co.uk/posts/implicit-explicit-conversions/
🐥 [ tweet ]
[BLOG]
Crappy post on creating custom implicit and explicit C# class conversions.
https://t.co/8DAIkC8QEa
🔗 https://offensivedefence.co.uk/posts/implicit-explicit-conversions/
🐥 [ tweet ]
😈 [ _Wra7h, Christian W ]
Wrote a noscript to create a new .csproj for Seatbelt that will build with just the commands/command group you specify. 1/2
https://t.co/DtlM1GNECj
🔗 https://github.com/Wra7h/PowerShell-Scripts/tree/main/Invoke-Retractor
🐥 [ tweet ]
Wrote a noscript to create a new .csproj for Seatbelt that will build with just the commands/command group you specify. 1/2
https://t.co/DtlM1GNECj
🔗 https://github.com/Wra7h/PowerShell-Scripts/tree/main/Invoke-Retractor
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ zux0x3a, Lawrence 勞倫斯 | لورانس ]
I have released Linux/Unix-based binary with the same features
check it out: https://t.co/vVZdsTXNKW
🔗 https://ired.dev/discussion/17/a-pascal-reverse-shell-with-encrypted-traffic-using-the-xor-algorithm-linux#latest
🐥 [ tweet ][ quote ]
I have released Linux/Unix-based binary with the same features
check it out: https://t.co/vVZdsTXNKW
🔗 https://ired.dev/discussion/17/a-pascal-reverse-shell-with-encrypted-traffic-using-the-xor-algorithm-linux#latest
🐥 [ tweet ][ quote ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ zux0x3a, Lawrence 勞倫斯 | لورانس ]
Hey, 2023, a reverse shell with the XOR encryption for the communication between server/client, but now with C#. (converted from Pascal release)
https://t.co/JNVNlzYZ8z
🔗 https://github.com/0xsp-SRD/0xsp.com/tree/main/rev_shell_xor_enc
🐥 [ tweet ]
Hey, 2023, a reverse shell with the XOR encryption for the communication between server/client, but now with C#. (converted from Pascal release)
https://t.co/JNVNlzYZ8z
🔗 https://github.com/0xsp-SRD/0xsp.com/tree/main/rev_shell_xor_enc
🐥 [ tweet ]
😈 [ mpgn_x64, mpgn ]
In addition to a bug fix, i've also pushed an update on the RDP protocol so you can authenticate a user using kerberos 🔥
Thanks to @SkelSec for this amazing aardwolf lib 🫡
Pushed on @porchetta_ind 🪂
🐥 [ tweet ]
In addition to a bug fix, i've also pushed an update on the RDP protocol so you can authenticate a user using kerberos 🔥
Thanks to @SkelSec for this amazing aardwolf lib 🫡
Pushed on @porchetta_ind 🪂
🐥 [ tweet ]
🔥2
😈 [ _RastaMouse, Rasta Mouse ]
[BLOG]
Backdoor .NET applications via startup hooks.
https://t.co/eh8EibTzHv
🔗 https://rastamouse.me/net-startup-hooks/
🐥 [ tweet ]
[BLOG]
Backdoor .NET applications via startup hooks.
https://t.co/eh8EibTzHv
🔗 https://rastamouse.me/net-startup-hooks/
🐥 [ tweet ]
😈 [ ORCx41, ORCA ]
Released a new technique to perform clean indirect syscalls, in which the syscall is executed from within ntdll address space, You can check it here: https://t.co/d7HiRgq1KA
🔗 https://repo.maldevacademy.com/
🐥 [ tweet ]
Released a new technique to perform clean indirect syscalls, in which the syscall is executed from within ntdll address space, You can check it here: https://t.co/d7HiRgq1KA
🔗 https://repo.maldevacademy.com/
🐥 [ tweet ]
👍1
😈 [ an0n_r0, an0n ]
WDAC bypass using InstallUtil today. Nothing new, original research by @tiraniddo from 2017. Recreated the technique using ysoserial[.]NET for InstallState file generation (the original tooling is broken for .NET 4.8+). The formatter+gadget chain for arbitrary .NET exec is below.
🐥 [ tweet ][ quote ]
WDAC bypass using InstallUtil today. Nothing new, original research by @tiraniddo from 2017. Recreated the technique using ysoserial[.]NET for InstallState file generation (the original tooling is broken for .NET 4.8+). The formatter+gadget chain for arbitrary .NET exec is below.
🐥 [ tweet ][ quote ]
😈 [ naksyn, Diego Capriotti ]
Here's a pure Python implementation of MemoryModule technique to load a dll from memory. If using python is an option in your engagement, you can execute your dlls without injection or shellcode.
check it out!
https://t.co/N7yDE061Hs
#redteaming #DYORredteamtip #evasion
🔗 https://github.com/naksyn/PythonMemoryModule/
🐥 [ tweet ]
Here's a pure Python implementation of MemoryModule technique to load a dll from memory. If using python is an option in your engagement, you can execute your dlls without injection or shellcode.
check it out!
https://t.co/N7yDE061Hs
#redteaming #DYORredteamtip #evasion
🔗 https://github.com/naksyn/PythonMemoryModule/
🐥 [ tweet ]
🔥1
😈 [ zer1t0, Eloy ]
I've been playing and implementing HellsGate technique for learning, but found cumbersome to use 2 procedures (HellsGate and HellDescent) for using syscalls, so implemented zsyscall to use syscall in one step. https://t.co/K2sIRzPQwW
🔗 https://gitlab.com/Zer1t0/zsyscall
🐥 [ tweet ]
I've been playing and implementing HellsGate technique for learning, but found cumbersome to use 2 procedures (HellsGate and HellDescent) for using syscalls, so implemented zsyscall to use syscall in one step. https://t.co/K2sIRzPQwW
🔗 https://gitlab.com/Zer1t0/zsyscall
🐥 [ tweet ]
😈 [ pdiscoveryio, ProjectDiscovery.io ]
Did you know that with the v9.3.3 release of nuclei-templates that you can now detect the top 200 WordPress Plugins with @pdnuclei?
A huge THANK YOU to @_ricardomaia from our community for this powerful addition to Nuclei Templates! Learn more: https://t.co/DmnF6znCmK
🔗 https://github.com/projectdiscovery/nuclei-templates/pull/6202
🐥 [ tweet ]
Did you know that with the v9.3.3 release of nuclei-templates that you can now detect the top 200 WordPress Plugins with @pdnuclei?
A huge THANK YOU to @_ricardomaia from our community for this powerful addition to Nuclei Templates! Learn more: https://t.co/DmnF6znCmK
🔗 https://github.com/projectdiscovery/nuclei-templates/pull/6202
🐥 [ tweet ]
😈 [ Nigglxax, weak ]
Today I released Alcaztaz - an x64 binary obfuscator featuring:
- Obfuscation of immediate moves
- Control flow flattening
- Mutation / Obfuscation of certain instructions like MOV, ADD, LEA
- Anti disassembly
- Entry point obfuscation
Read more at: https://t.co/UWMkq1Mt9J
🔗 https://github.com/weak1337/Alcatraz
🐥 [ tweet ]
Today I released Alcaztaz - an x64 binary obfuscator featuring:
- Obfuscation of immediate moves
- Control flow flattening
- Mutation / Obfuscation of certain instructions like MOV, ADD, LEA
- Anti disassembly
- Entry point obfuscation
Read more at: https://t.co/UWMkq1Mt9J
🔗 https://github.com/weak1337/Alcatraz
🐥 [ tweet ]
👹 [ snovvcrash, sn🥶vvcr💥sh ]
Submitted another @hackthebox_eu Endgame write-up to Hackplayers (@CyberVaca_, @OscarAkaElvis) - Odyssey this time. Protected with a concatenation of all the flags in the appropriate order. Check it out!
https://t.co/mftkKN7bUx
🔗 https://github.com/Hackplayers/hackthebox-writeups/pull/281
🐥 [ tweet ]
Submitted another @hackthebox_eu Endgame write-up to Hackplayers (@CyberVaca_, @OscarAkaElvis) - Odyssey this time. Protected with a concatenation of all the flags in the appropriate order. Check it out!
https://t.co/mftkKN7bUx
🔗 https://github.com/Hackplayers/hackthebox-writeups/pull/281
🐥 [ tweet ]
😈 [ daem0nc0re, daem0nc0re ]
Released my CSharp implementation of Phantom DLL Hollowing.
Thanks for your research @_ForrestOrr
https://t.co/kp3OGkauvj
🔗 https://github.com/daem0nc0re/TangledWinExec/tree/main/PhantomDllHollower
🐥 [ tweet ]
Released my CSharp implementation of Phantom DLL Hollowing.
Thanks for your research @_ForrestOrr
https://t.co/kp3OGkauvj
🔗 https://github.com/daem0nc0re/TangledWinExec/tree/main/PhantomDllHollower
🐥 [ tweet ]
😈 [ D1rkMtr, D1rkMtr ]
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
https://t.co/5qaUEFm78N
🔗 https://github.com/D1rkMtr/UnhookingPatch
🐥 [ tweet ]
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
https://t.co/5qaUEFm78N
🔗 https://github.com/D1rkMtr/UnhookingPatch
🐥 [ tweet ]