😈 [ 0xdf_, 0xdf ]
There's a new(ish) technique for exploiting PHP LFI to get RCE without uploading a webshell. I showed it in Beyond Root on UpDown, but wanted to go into more detail. We'll look at LFI2RCE and how it uses PHP filters to generate executed PHP from nothing.
https://t.co/dp3YYcPxks
🔗 https://www.youtube.com/watch?v=TnLELBtmZ24
🐥 [ tweet ]
There's a new(ish) technique for exploiting PHP LFI to get RCE without uploading a webshell. I showed it in Beyond Root on UpDown, but wanted to go into more detail. We'll look at LFI2RCE and how it uses PHP filters to generate executed PHP from nothing.
https://t.co/dp3YYcPxks
🔗 https://www.youtube.com/watch?v=TnLELBtmZ24
🐥 [ tweet ]
😈 [ _zblurx, Thomas Seigneuret ]
New technique to dump NTDS remotely WITHOUT DSRUAPI: https://t.co/pMY2mwtB8N (Golden Certificates + UnPAC the hash automation)
Thanks @ly4k_ for certipy, which my noscript heavily relies on.
🔗 https://github.com/zblurx/certsync
🐥 [ tweet ]
New technique to dump NTDS remotely WITHOUT DSRUAPI: https://t.co/pMY2mwtB8N (Golden Certificates + UnPAC the hash automation)
Thanks @ly4k_ for certipy, which my noscript heavily relies on.
🔗 https://github.com/zblurx/certsync
🐥 [ tweet ]
😈 [ JoelGMSec, Joel GM ]
Nueva herramienta (con la colaboración de @3v4Si0N) y entrada en el #blog!😋
Transfiriendo ficheros en entornos restringidos con #InvokeTransfer
https://t.co/rJYxbvdOgm
https://t.co/0ZEgI0TTK2
#Darkbyte #Hacking #PowerShell #Clipboard #DataTransfer
🔗 https://darkbyte.net/transfiriendo-ficheros-en-entornos-restringidos-con-invoke-transfer
🔗 https://github.com/JoelGMSec/Invoke-Transfer
🐥 [ tweet ]
Nueva herramienta (con la colaboración de @3v4Si0N) y entrada en el #blog!😋
Transfiriendo ficheros en entornos restringidos con #InvokeTransfer
https://t.co/rJYxbvdOgm
https://t.co/0ZEgI0TTK2
#Darkbyte #Hacking #PowerShell #Clipboard #DataTransfer
🔗 https://darkbyte.net/transfiriendo-ficheros-en-entornos-restringidos-con-invoke-transfer
🔗 https://github.com/JoelGMSec/Invoke-Transfer
🐥 [ tweet ]
😈 [ _nwodtuhs, Charlie Bromberg “Shutdown” ]
✅ I nominated @_dirkjan @exploitph and @SkelSec for their awesome contributions and guidance in the past months and years. I wished I could nominate other awesome contributors like @snovvcrash @ly4k_ @mpgn_x64 @_wald0 @podalirius_ @elad_shamir and more, but I was limited to 3
🐥 [ tweet ]
✅ I nominated @_dirkjan @exploitph and @SkelSec for their awesome contributions and guidance in the past months and years. I wished I could nominate other awesome contributors like @snovvcrash @ly4k_ @mpgn_x64 @_wald0 @podalirius_ @elad_shamir and more, but I was limited to 3
🐥 [ tweet ]
когда тебя тегают в одном твите с топовыми ресерчерами, просыпается синдром самозванца 😅🔥3😁2
😈 [ Octoberfest73, Octoberfest7 ]
I came accross @the_bit_diddler 's github and he has an impressive collection of CobaltStrike BOF's that are worth checking out. I've already found a few functions within some of their projects I can envision a use for in mine. https://t.co/bLijq0fNDv
🔗 https://github.com/EspressoCake
🐥 [ tweet ]
I came accross @the_bit_diddler 's github and he has an impressive collection of CobaltStrike BOF's that are worth checking out. I've already found a few functions within some of their projects I can envision a use for in mine. https://t.co/bLijq0fNDv
🔗 https://github.com/EspressoCake
🐥 [ tweet ]
Псс, гайс, слышали об уязвимости CVE-2022-48109? Вот и я нет до сегодняшнего дня, а ведь это CVE ID моего инфосек-братишки @Acrono! Хочу первым поздравить Пашу с потерей цвйешной девственности – ура-ура! Ждем от него покорения новых вершин на поприще киберсесурити 💪🏻
Следите за каналом @APT_Notes, чтобы узнать подробности 😉
Следите за каналом @APT_Notes, чтобы узнать подробности 😉
🔥10
😈 [ D1rkMtr, D1rkMtr ]
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table
https://t.co/xRLFL7cUZR
🔗 https://github.com/TheD1rkMtr/NTDLLReflection
🐥 [ tweet ]
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table
https://t.co/xRLFL7cUZR
🔗 https://github.com/TheD1rkMtr/NTDLLReflection
🐥 [ tweet ]
😈 [ irsdl, Soroush Dalili 🗹 ]
Burp Suite #Sharpener v3.0 is out in the GitHub repo: https://t.co/jB9KLTlora
Some bugs have been fixed and icons sizes are now bearable!
This is only compatible with Burp v2023.1 (early adaptor currently) as it is based on the new Montoya API v1.0.
🔗 https://github.com/mdsecresearch/BurpSuiteSharpener/tree/main/release
🐥 [ tweet ]
Burp Suite #Sharpener v3.0 is out in the GitHub repo: https://t.co/jB9KLTlora
Some bugs have been fixed and icons sizes are now bearable!
This is only compatible with Burp v2023.1 (early adaptor currently) as it is based on the new Montoya API v1.0.
🔗 https://github.com/mdsecresearch/BurpSuiteSharpener/tree/main/release
🐥 [ tweet ]
ИКОНКИ ДЛЯ БУРПА ЛЮДИ ПОЧЕМУ У МЕНЯ ЭТО ЕЩЕ НЕ УСТАНОВЛЕНО😈 [ nikhil_mitt, Nikhil Mittal ]
[Blog] My non-tech post on "Our vision for Red Team Labs, Platform and Certifications (CRTP, CRTE, CARTP and more)"
#AlteredSecurity
https://t.co/D4fFL6RcwG
🔗 https://www.alteredsecurity.com/post/redlabs
🐥 [ tweet ]
[Blog] My non-tech post on "Our vision for Red Team Labs, Platform and Certifications (CRTP, CRTE, CARTP and more)"
#AlteredSecurity
https://t.co/D4fFL6RcwG
🔗 https://www.alteredsecurity.com/post/redlabs
🐥 [ tweet ]
IMG_5582.PNG
3.4 MB
😈 [ last0x00, last - @last0x00@infosec.exchange ]
I was today years old when I found out there is a #CrackMapExec reference in graphical PNG format with a resolution of more than 7000x10000 hosted here👇
https://t.co/Q7HgNqDK9Q
🔗 https://raw.githubusercontent.com/Ignitetechnologies/Mindmap/main/Crackmapexec/Crackmapexec%20HD.png
🐥 [ tweet ]
I was today years old when I found out there is a #CrackMapExec reference in graphical PNG format with a resolution of more than 7000x10000 hosted here👇
https://t.co/Q7HgNqDK9Q
🔗 https://raw.githubusercontent.com/Ignitetechnologies/Mindmap/main/Crackmapexec/Crackmapexec%20HD.png
🐥 [ tweet ]
🤯2🔥1
IMG_5583.PNG
2 MB
😈 [ Jenaye_fr, Jenaye ]
Hello everyone ! 👋
I would like to share with you a mindmap (v1) about bypassing AV/EDR.
In Redteam setup, I suggest the manual mode only.
Thanks to @Zabannn for his contribution
Link : https://t.co/2eOWcBMXzc
#BypassAV #BypassEDR #RT
🔗 https://github.com/CMEPW/BypassAV
🐥 [ tweet ]
Hello everyone ! 👋
I would like to share with you a mindmap (v1) about bypassing AV/EDR.
In Redteam setup, I suggest the manual mode only.
Thanks to @Zabannn for his contribution
Link : https://t.co/2eOWcBMXzc
#BypassAV #BypassEDR #RT
🔗 https://github.com/CMEPW/BypassAV
🐥 [ tweet ]
🔥2
😈 [ 0x0SojalSec, Md Ismail Šojal ]
Nuclei Automation.⚔️
https://t.co/CDes83cCD0
Full Nuclei automation noscript with logic explanation
#bugbountytips #infosec #nuclei #automation
🔗 https://github.com/iamthefrogy/nerdbug
🐥 [ tweet ]
Nuclei Automation.⚔️
https://t.co/CDes83cCD0
Full Nuclei automation noscript with logic explanation
#bugbountytips #infosec #nuclei #automation
🔗 https://github.com/iamthefrogy/nerdbug
🐥 [ tweet ]
🔥1😁1
👹 [ snovvcrash, sn🥶vvcr💥sh ]
[#HackTip ⚒️] One idea for NTDS on-site dumping without VSS: NTFSCopy (thx @RedCursorSec) + #impacket’s RemoteOperations.getBootKey() + secretsdump[.]py (e.g., via a pre-compiled binary or @naksyn’s awesome Pyramid) 🤪
https://t.co/0UATJuJ1ob
🔗 https://ppn.snovvcrash.rocks/pentest/infrastructure/ad/credentials-dump/ntds#raw-ntds.dit-copy
🐥 [ tweet ][ quote ]
[#HackTip ⚒️] One idea for NTDS on-site dumping without VSS: NTFSCopy (thx @RedCursorSec) + #impacket’s RemoteOperations.getBootKey() + secretsdump[.]py (e.g., via a pre-compiled binary or @naksyn’s awesome Pyramid) 🤪
https://t.co/0UATJuJ1ob
🔗 https://ppn.snovvcrash.rocks/pentest/infrastructure/ad/credentials-dump/ntds#raw-ntds.dit-copy
🐥 [ tweet ][ quote ]
😈 [ filip_dragovic, Filip Dragovic ]
Another way to abuse SeImpersonate privilege.
This time using RasMan service.
https://t.co/FmWTBrKkCy
🔗 https://github.com/crisprss/RasmanPotato
🐥 [ tweet ]
Another way to abuse SeImpersonate privilege.
This time using RasMan service.
https://t.co/FmWTBrKkCy
🔗 https://github.com/crisprss/RasmanPotato
🐥 [ tweet ]
🥱1
😈 [ pdiscoveryio, ProjectDiscovery.io ]
Learn all about SSL and TLS certificates in our hacker's guide! Get up to speed with TLSx from ProjectDiscovery, the fast & configurable tool for finding vulnerabilities & reconnaissance. #hackwithautomation #cybersecuritytips
https://t.co/uKhaSB90Nq
🔗 https://blog.projectdiscovery.io/a-hackers-guide-to-ssl-certificates-featuring-tlsx/
🐥 [ tweet ]
Learn all about SSL and TLS certificates in our hacker's guide! Get up to speed with TLSx from ProjectDiscovery, the fast & configurable tool for finding vulnerabilities & reconnaissance. #hackwithautomation #cybersecuritytips
https://t.co/uKhaSB90Nq
🔗 https://blog.projectdiscovery.io/a-hackers-guide-to-ssl-certificates-featuring-tlsx/
🐥 [ tweet ]