😈 [ 0xdeaddood, leandro ]
📝Want to know more? Check out my new blogpost! Forging tickets in 2023 with Impacket 🎟️.
https://t.co/TYEiUMVNEc
🔗 https://0xdeaddood.rocks/2023/05/11/forging-tickets-in-2023/
🐥 [ tweet ]
📝Want to know more? Check out my new blogpost! Forging tickets in 2023 with Impacket 🎟️.
https://t.co/TYEiUMVNEc
🔗 https://0xdeaddood.rocks/2023/05/11/forging-tickets-in-2023/
🐥 [ tweet ]
👍2
😈 [ mariuszbit, mgeeky | Mariusz Banach ]
Game cheaters don't get along with Red Teamers very well 😭
https://t.co/J4cktI3qDg
🔗 https://www.unknowncheats.me/forum/anti-cheat-bypass/587585-terminator.html
🐥 [ tweet ]
Game cheaters don't get along with Red Teamers very well 😭
https://t.co/J4cktI3qDg
🔗 https://www.unknowncheats.me/forum/anti-cheat-bypass/587585-terminator.html
🐥 [ tweet ]
з. ы. комменты в твиттер треде доставляют не меньше комментов на unknowncheats😁4
😈 [ _RastaMouse, Rasta Mouse ]
Dang 600,000...
🐥 [ tweet ]
Dang 600,000...
🐥 [ tweet ]
мы тут такие сесурные, у нас pbkdf2 выставлен в 600к итераций… правда нас ломают через день, но это другое, то-о-очно… убегайте от этих неадекватов на селф-хостед битварден, кстати👍2😁2
😈 [ an0n_r0, an0n ]
poor man's browser pivot through chrome remote debugging.🔥
no need to inject into iexplorer anymore.💪
just came across this awesome solution shared by @NotMedic long ago: https://t.co/oPU8cZnecv
and this is also working with msedge (it shares the same chromium engine)!🎉
🔗 https://gist.github.com/NotMedic/b1ab7809eea94cc05513905b26964663
🐥 [ tweet ]
poor man's browser pivot through chrome remote debugging.🔥
no need to inject into iexplorer anymore.💪
just came across this awesome solution shared by @NotMedic long ago: https://t.co/oPU8cZnecv
and this is also working with msedge (it shares the same chromium engine)!🎉
🔗 https://gist.github.com/NotMedic/b1ab7809eea94cc05513905b26964663
🐥 [ tweet ]
😈 [ ghostlulz1337, ghostlulz ]
If you want to learn more about Internal Pentesting & Red Teaming these are some really good resources
🔗 https://book.hacktricks.xyz/
🔗 https://www.thehacker.recipes/
🔗 https://ppn.snovvcrash.rocks/
🔗 https://cheats.philkeeble.com/
🔗 https://dmcxblue.gitbook.io/
🔗 https://www.vincentyiu.com/
🔗 https://www.ired.team/
🐥 [ tweet ]
If you want to learn more about Internal Pentesting & Red Teaming these are some really good resources
🔗 https://book.hacktricks.xyz/
🔗 https://www.thehacker.recipes/
🔗 https://ppn.snovvcrash.rocks/
🔗 https://cheats.philkeeble.com/
🔗 https://dmcxblue.gitbook.io/
🔗 https://www.vincentyiu.com/
🔗 https://www.ired.team/
🐥 [ tweet ]
🔥9
😈 [ ippsec, ippsec ]
Third part in my Configuring Parrot via Ansible Series is now up. This one configures both Firefox and Burpsuite, and hopefully will serve as a good intro to Jinja2 Templating, which makes customizing noscripts/files a breeze. Check out the video here:
Part 1
🔗 https://youtu.be/2y68gluYTcc
Part 2
🔗 https://youtu.be/VRz_vtPBZzA
Part 3
🔗 https://youtu.be/XDJB0TVKtNk
🐥 [ tweet ]
Third part in my Configuring Parrot via Ansible Series is now up. This one configures both Firefox and Burpsuite, and hopefully will serve as a good intro to Jinja2 Templating, which makes customizing noscripts/files a breeze. Check out the video here:
Part 1
🔗 https://youtu.be/2y68gluYTcc
Part 2
🔗 https://youtu.be/VRz_vtPBZzA
Part 3
🔗 https://youtu.be/XDJB0TVKtNk
🐥 [ tweet ]
🔥3👍1
😈 [ ZephrFish, Andy ]
Great post from @_RayRT on abusing different Active Directory object controls and how to detect them https://t.co/CFQvEuA0Rv #RedTeam #blueteam #purpleteam #cti
🔗 http://labs.lares.com/securing-active-directory-via-acls/
🐥 [ tweet ]
Great post from @_RayRT on abusing different Active Directory object controls and how to detect them https://t.co/CFQvEuA0Rv #RedTeam #blueteam #purpleteam #cti
🔗 http://labs.lares.com/securing-active-directory-via-acls/
🐥 [ tweet ]
👍6
😈 [ an0n_r0, an0n ]
Mini-HOWTO about setting up Full Disk Encryption with unattended auto-unlock using TPM2 w/ Secure Boot on Kali.
Useful for rogue devices (auto-connecting to C2), headless pentest boxes, etc. storing confidential information but lacking physical security.
https://t.co/vOXnlpZcm6
🔗 https://gist.github.com/tothi/c7fdaaca3d61b7e3298863ada358fc1e
🐥 [ tweet ]
Mini-HOWTO about setting up Full Disk Encryption with unattended auto-unlock using TPM2 w/ Secure Boot on Kali.
Useful for rogue devices (auto-connecting to C2), headless pentest boxes, etc. storing confidential information but lacking physical security.
https://t.co/vOXnlpZcm6
🔗 https://gist.github.com/tothi/c7fdaaca3d61b7e3298863ada358fc1e
🐥 [ tweet ]
🔥2
😈 [ virustotal, VirusTotal ]
In late 2022 we started monitoring PyPI, the most important Python repository. In a few weeks, we found dozens of suspicious packages. Here is our deep dive into PyPI hosted malware, by
@alexey_firsh: https://t.co/EdGdlOFw9L
🔗 https://blog.virustotal.com/2023/06/inside-of-wasps-nest-deep-dive-into.html
🐥 [ tweet ]
In late 2022 we started monitoring PyPI, the most important Python repository. In a few weeks, we found dozens of suspicious packages. Here is our deep dive into PyPI hosted malware, by
@alexey_firsh: https://t.co/EdGdlOFw9L
🔗 https://blog.virustotal.com/2023/06/inside-of-wasps-nest-deep-dive-into.html
🐥 [ tweet ]
🔥1
😈 [ d4rksystem, Kyle Cucci ]
Really nice analysis from @voidsec of the vulnerable driver used by Spybot's Terminator tool.
https://t.co/08M2Dr5AMF
🔗 https://voidsec.com/reverse-engineering-terminator-aka-zemana-antimalware-antilogger-driver/
🐥 [ tweet ]
Really nice analysis from @voidsec of the vulnerable driver used by Spybot's Terminator tool.
https://t.co/08M2Dr5AMF
🔗 https://voidsec.com/reverse-engineering-terminator-aka-zemana-antimalware-antilogger-driver/
🐥 [ tweet ]
😈 [ HackingLZ, Justin Elze ]
CS COFFLoader is public now thanks @_snus https://t.co/NIaNFWR47z https://t.co/nFahK7ZZX2
🔗 https://github.com/trustedsec/CS_COFFLoader/
🐥 [ tweet ]
CS COFFLoader is public now thanks @_snus https://t.co/NIaNFWR47z https://t.co/nFahK7ZZX2
🔗 https://github.com/trustedsec/CS_COFFLoader/
🐥 [ tweet ]
👍2
😈 [ k_sec, Kurt Baumgartner ]
we go deeper yet into OpTriangulation...
🔗 https://securelist.com/triangledb-triangulation-implant/110050/
funny thing, it reminds me of a simple string xor decoder that i wrote for purple lambert research a few years ago.
course, many malware families use the same obfuscation...
we go deeper yet into OpTriangulation...
🔗 https://securelist.com/triangledb-triangulation-implant/110050/
funny thing, it reminds me of a simple string xor decoder that i wrote for purple lambert research a few years ago.
course, many malware families use the same obfuscation...
#include <stdio.h>🐥 [ tweet ]
#include <string.h>
int main(int argc, const char* argv[]){
unsigned int i=0;
unsigned char c1, c2, x1;
const int s1[] = {0x76, 0x18, 0x6C, 0x08, 0x64, 0x08, 0x00}; //obfuscated string value here
const int *s2 = malloc(sizeof(s1));
memcpy(s2,s1,sizeof(s1));
// simple xor between current and next value
while (s2[i+1] != '\0') {
c1 = (unsigned char) s1[i];
c2 = (unsigned char) s2[i+1];
x1 = c1 ^ c2;
printf("%c", x1);
i++;
}
printf("\n");
return 0;
}
👍2😁1
😈 [ pfiatde, pfiatde ]
Command detection in Powershell is not easy.
Some words about an obfuscated LSASS dumper command via comsvcs.
Plus some ways to circumvent deletion of the dump.
🔗 https://badoption.eu/blog/2023/06/21/dumpit.html
🔗 https://github.com/powerseb/PowerExtract
🐥 [ tweet ]
Command detection in Powershell is not easy.
Some words about an obfuscated LSASS dumper command via comsvcs.
Plus some ways to circumvent deletion of the dump.
🔗 https://badoption.eu/blog/2023/06/21/dumpit.html
🔗 https://github.com/powerseb/PowerExtract
🐥 [ tweet ]
👍1
😈 [ pdnuclei, nuclei ]
If you're not writing custom Nuclei templates, you're missing out! 😢
⚛️ In this blog post, we explore the power of nuclei custom templates and how creating your own is beneficial for users!
Don't miss out, read this 👇
🔗 https://blog.projectdiscovery.io/if-youre-not-writing-custom-nuclei-templates-youre-missing-out/
🐥 [ tweet ]
If you're not writing custom Nuclei templates, you're missing out! 😢
⚛️ In this blog post, we explore the power of nuclei custom templates and how creating your own is beneficial for users!
Don't miss out, read this 👇
🔗 https://blog.projectdiscovery.io/if-youre-not-writing-custom-nuclei-templates-youre-missing-out/
🐥 [ tweet ]
😈 [ R0h1rr1m, Furkan Göksel ]
I developed a Fileless Lateral Movement tool called NimExec. It changes service configuration to execute the payload via manually crafted RPC packets. It's the improved version of @JulioUrena 's SharpNoPSExec with Pass the Hash support. Enjoy!
#infosec
https://t.co/G6xeyHVmnf
🔗 https://github.com/frkngksl/NimExec
🐥 [ tweet ]
I developed a Fileless Lateral Movement tool called NimExec. It changes service configuration to execute the payload via manually crafted RPC packets. It's the improved version of @JulioUrena 's SharpNoPSExec with Pass the Hash support. Enjoy!
#infosec
https://t.co/G6xeyHVmnf
🔗 https://github.com/frkngksl/NimExec
🐥 [ tweet ]
😈 [ BlWasp_, BlackWasp ]
New tool in Rust. To learn this langage, and the basics of Windows internals, I have coded a TLS over TCP reverse shell with advanced integrated features like load a PE or a shellcode, download/upload files, bypass the AMSI, or autopwn the world...
https://t.co/DQShWQbeRw
🔗 https://github.com/BlWasp/rs-shell
🐥 [ tweet ]
New tool in Rust. To learn this langage, and the basics of Windows internals, I have coded a TLS over TCP reverse shell with advanced integrated features like load a PE or a shellcode, download/upload files, bypass the AMSI, or autopwn the world...
https://t.co/DQShWQbeRw
🔗 https://github.com/BlWasp/rs-shell
🐥 [ tweet ]
https://github.com/BlWasp/rs-shell/blob/main/src/autopwn.rs 🗿This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ 0gtweet, Grzegorz Tworek ]
Netsh.exe relies on extensions taken from Registry, which means it may be used as a persistence.
And what, if you go one step further, extending netsh with a DLL allowing you to do whatever you want? Kinda #LOLBin 😎
Enjoy the C code and DLL, as usual: https://t.co/xfm1Mxaf4F
🔗 https://github.com/gtworek/PSBits/tree/master/NetShRun
🐥 [ tweet ]
Netsh.exe relies on extensions taken from Registry, which means it may be used as a persistence.
And what, if you go one step further, extending netsh with a DLL allowing you to do whatever you want? Kinda #LOLBin 😎
Enjoy the C code and DLL, as usual: https://t.co/xfm1Mxaf4F
🔗 https://github.com/gtworek/PSBits/tree/master/NetShRun
🐥 [ tweet ]
👍4
Немного кодгольфа для парсинга вывода pypykatz 🤪
🔗 https://gist.github.com/snovvcrash/d77a3ea5401498da95e1fab840122bea
pypykatz lsa minidump lsass.dmp 2>/dev/null | python3 <(wget -qO- https://gist.github.com/snovvcrash/d77a3ea5401498da95e1fab840122bea/raw/554b5621eed33be158c1583a17d50448964cefa8/pypyparse.py)
🔗 https://gist.github.com/snovvcrash/d77a3ea5401498da95e1fab840122bea
👍4😁3🥱1
😈 [ HakaiOffsec, Hakai Offsec ]
After some hard work, coffee has been released! Our newest Rust COFF Loader!
If you want to check it out:
Don’t forget to check our blog post for more details:
🔗 https://github.com/hakaioffsec/coffee
🔗 https://labs.hakaioffsec.com/coffee-a-coff-loader-made-in-rust/
🐥 [ tweet ]
After some hard work, coffee has been released! Our newest Rust COFF Loader!
If you want to check it out:
Don’t forget to check our blog post for more details:
🔗 https://github.com/hakaioffsec/coffee
🔗 https://labs.hakaioffsec.com/coffee-a-coff-loader-made-in-rust/
🐥 [ tweet ]
👍1