😈 [ joehowwolf, William Burgess ]
My first blog at CS - Dynamically spoofing call stacks with timers: https://t.co/qxsVkesDWZ
PoC: https://t.co/QB1I9R3zI3
🔗 https://www.cobaltstrike.com/blog/behind-the-mask-spoofing-call-stacks-dynamically-with-timers/
🔗 https://github.com/Cobalt-Strike/CallStackMasker
🐥 [ tweet ]
My first blog at CS - Dynamically spoofing call stacks with timers: https://t.co/qxsVkesDWZ
PoC: https://t.co/QB1I9R3zI3
🔗 https://www.cobaltstrike.com/blog/behind-the-mask-spoofing-call-stacks-dynamically-with-timers/
🔗 https://github.com/Cobalt-Strike/CallStackMasker
🐥 [ tweet ]
👹 [ snovvcrash, sn🥶vvcr💥sh ]
[BLOG 📝] Some notes on how to automate the generation of Position Independent Shellcodes (without msfvenom windows/x64/exec) from object files in memory (by @NinjaParanoid) to be used in Threadless Process Injection (by @_EthicalChaos_) ⬇️
https://t.co/OFdHn7lR7I
🔗 https://snovvcrash.rocks/2023/02/14/pic-generation-for-threadless-injection.html
🐥 [ tweet ]
[BLOG 📝] Some notes on how to automate the generation of Position Independent Shellcodes (without msfvenom windows/x64/exec) from object files in memory (by @NinjaParanoid) to be used in Threadless Process Injection (by @_EthicalChaos_) ⬇️
https://t.co/OFdHn7lR7I
🔗 https://snovvcrash.rocks/2023/02/14/pic-generation-for-threadless-injection.html
🐥 [ tweet ]
🔥6
😈 [ Threatlabz, Zscaler ThreatLabz ]
🕵️Zscaler ThreatLabz has observed a campaign targeting a government organization with a new post exploitation framework named #Havoc. During this attack, the threat actors have made several #opsec failures: https://t.co/TcupRUwAYi
IOCs are available here: https://t.co/PD8vP73AKV
🔗 https://www.zscaler.com/blogs/security-research/havoc-across-cyberspace
🔗 https://github.com/threatlabz/iocs/tree/main/havoc
🐥 [ tweet ]
🕵️Zscaler ThreatLabz has observed a campaign targeting a government organization with a new post exploitation framework named #Havoc. During this attack, the threat actors have made several #opsec failures: https://t.co/TcupRUwAYi
IOCs are available here: https://t.co/PD8vP73AKV
🔗 https://www.zscaler.com/blogs/security-research/havoc-across-cyberspace
🔗 https://github.com/threatlabz/iocs/tree/main/havoc
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ D1rkMtr, D1rkMtr ]
Github as C2 Demonstration , free API = free C2 Infrastructure
https://t.co/cZc2RtAJxn
🔗 https://github.com/TheD1rkMtr/GithubC2
🐥 [ tweet ]
Github as C2 Demonstration , free API = free C2 Infrastructure
https://t.co/cZc2RtAJxn
🔗 https://github.com/TheD1rkMtr/GithubC2
🐥 [ tweet ]
😈 [ PortSwiggerRes, PortSwigger Research ]
Server-side prototype pollution: Black-box detection without the DoS
https://t.co/6guKOcUmdS
🔗 https://portswigger.net/research/server-side-prototype-pollution
🐥 [ tweet ]
Server-side prototype pollution: Black-box detection without the DoS
https://t.co/6guKOcUmdS
🔗 https://portswigger.net/research/server-side-prototype-pollution
🐥 [ tweet ]
😈 [ _zblurx, Thomas Seigneuret ]
https://t.co/1AxsR43O5Z
In order to learn Rust, I made a complete rewrite of @Defte_ Impersonate in plain Rust, and thanks to @g0h4n_0 it is now also usable as a dependency in your Rust projects (and he also made my code readable tho).
🔗 https://github.com/zblurx/impersonate-rs
🐥 [ tweet ]
https://t.co/1AxsR43O5Z
In order to learn Rust, I made a complete rewrite of @Defte_ Impersonate in plain Rust, and thanks to @g0h4n_0 it is now also usable as a dependency in your Rust projects (and he also made my code readable tho).
🔗 https://github.com/zblurx/impersonate-rs
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ EmpireC2Project, Empire ]
How about pop-out windows and a process tab? Only 6 more days until Empire 5.0.
🐥 [ tweet ]
How about pop-out windows and a process tab? Only 6 more days until Empire 5.0.
🐥 [ tweet ]
выглядит круто, конечно, но такой он «игрушечный» все-таки👹 [ snovvcrash, sn🥶vvcr💥sh ]
Feeling guilty about steeling #DInvoke version of #RunPE from @_RastaMouse’s #SharpC2 for DInjector, but man this looks so 🔥🤤
🐥 [ tweet ][ quote ]
Feeling guilty about steeling #DInvoke version of #RunPE from @_RastaMouse’s #SharpC2 for DInjector, but man this looks so 🔥🤤
🐥 [ tweet ][ quote ]
🔥5
😈 [ 0x6d69636b, Michael Schneider ]
I wrote about the Microsoft Defender configuration with Microsoft Intune and what's different compared to GPO.
Surprise: Non-admin users can read exclusion lists! https://t.co/50zkrFKkSC
🔗 https://www.scip.ch/en/?labs.20230216
🐥 [ tweet ]
I wrote about the Microsoft Defender configuration with Microsoft Intune and what's different compared to GPO.
Surprise: Non-admin users can read exclusion lists! https://t.co/50zkrFKkSC
🔗 https://www.scip.ch/en/?labs.20230216
🐥 [ tweet ]
😈 [ decoder_it, ap ]
Short blog post on security issue in Windows group policy processing, fixed in CVE-2022-37955 https://t.co/fhoYftdOhQ
🔗 http://decoder.cloud/2023/02/16/eop-via-arbitrary-file-write-overwite-in-group-policy-client-gpsvc-cve-2022-37955/
🐥 [ tweet ]
Short blog post on security issue in Windows group policy processing, fixed in CVE-2022-37955 https://t.co/fhoYftdOhQ
🔗 http://decoder.cloud/2023/02/16/eop-via-arbitrary-file-write-overwite-in-group-policy-client-gpsvc-cve-2022-37955/
🐥 [ tweet ]
😈 [ pdiscoveryio, ProjectDiscovery.io ]
Our very own @olearycrew is new to the security engineering game - but he was able to use ProjectDiscovery tools to get his first bug bounty (from a Fortune 50 company no less).
Learn how: https://t.co/G64avj7AFM
#hackwithautomation #pdteam
🔗 https://blog.projectdiscovery.io/using-pd-tools-to-find-my-first-subdomain-takeover/
🐥 [ tweet ]
Our very own @olearycrew is new to the security engineering game - but he was able to use ProjectDiscovery tools to get his first bug bounty (from a Fortune 50 company no less).
Learn how: https://t.co/G64avj7AFM
#hackwithautomation #pdteam
🔗 https://blog.projectdiscovery.io/using-pd-tools-to-find-my-first-subdomain-takeover/
🐥 [ tweet ]
😈 [ biskopp3n, biskopp3n ]
Released a new Backup Operator to Domain Admin tool. It contains 4 different methods for escalation, more methods will be added: https://t.co/UytiiAipIO
🔗 https://github.com/improsec/BackupOperatorToolkit
🐥 [ tweet ]
Released a new Backup Operator to Domain Admin tool. It contains 4 different methods for escalation, more methods will be added: https://t.co/UytiiAipIO
🔗 https://github.com/improsec/BackupOperatorToolkit
🐥 [ tweet ]
😈 [ 0x0SojalSec, Md Ismail Šojal ]
#oneliner
✅ Subdomain enumeration
✅ Full port scan
✅ HTTP web server detection
#security #bugbountytips #portscan #subdomain #chaos
🐥 [ tweet ]
#oneliner
✅ Subdomain enumeration
✅ Full port scan
✅ HTTP web server detection
#security #bugbountytips #portscan #subdomain #chaos
🐥 [ tweet ]
😈 [ _RastaMouse, Rasta Mouse ]
ThreadlessInject updated with Nt APIs
https://t.co/GFghBMLedm
🔗 https://github.com/CCob/ThreadlessInject
🐥 [ tweet ]
ThreadlessInject updated with Nt APIs
https://t.co/GFghBMLedm
🔗 https://github.com/CCob/ThreadlessInject
🐥 [ tweet ]
😈 [ bugch3ck, Jonas Vestberg ]
Disclosed today at @Disobey_fi - psexec from #impacket expose the target system for authenticated command execution as SYSTEM. That means any user that can authenticate over the network (usually Domain Users) can run code as SYSTEM over the network.
🐥 [ tweet ]
Disclosed today at @Disobey_fi - psexec from #impacket expose the target system for authenticated command execution as SYSTEM. That means any user that can authenticate over the network (usually Domain Users) can run code as SYSTEM over the network.
🐥 [ tweet ]