😈 [ ed @sprocket_ed ]
Blog coming soon... #ffuf
🔗 https://github.com/puzzlepeaches/ffufw
🐥 [ tweet ]
Blog coming soon... #ffuf
🔗 https://github.com/puzzlepeaches/ffufw
🐥 [ tweet ]
что-то интересное..?🥱3🤔1
😈 [ Akamai Security Intelligence Group @akamai_research ]
Did you hear that?
Akamai researcher @nachoskrnl has discovered two vulnerabilities within Windows.
Leveraging the infamous custom reminder sound feature, these can be chained together to achieve full 0-click RCE against Outlook.
Full write-up:
🔗 https://www.akamai.com/blog/security-research/2023/dec/chaining-vulnerabilities-to-achieve-rce-part-one
🐥 [ tweet ]
Did you hear that?
Akamai researcher @nachoskrnl has discovered two vulnerabilities within Windows.
Leveraging the infamous custom reminder sound feature, these can be chained together to achieve full 0-click RCE against Outlook.
Full write-up:
🔗 https://www.akamai.com/blog/security-research/2023/dec/chaining-vulnerabilities-to-achieve-rce-part-one
🐥 [ tweet ]
Нравится dns-тулкит многоуважаемого @s0i37, но я все время забываю, как там правильно настраивать записи и что менять в коде, поэтому форкнул с QoL-модами для dns_upload.py:
* Домен можно указывать в виде аргумента.
* Добавил кредл на PS, потому что спавнить 100500 child-процессов
* В идеале лучше обращаться к стороннему серверу для резолва, потому что клиенты могут кешировать записи от корпоративных DNS-ов, что может привести к некорректной сборке загружаемых данных.
🔗 https://github.com/snovvcrash/exfiltrate
* Домен можно указывать в виде аргумента.
* Добавил кредл на PS, потому что спавнить 100500 child-процессов
nslookup.exe из VBS не всегда комильфо.* В идеале лучше обращаться к стороннему серверу для резолва, потому что клиенты могут кешировать записи от корпоративных DNS-ов, что может привести к некорректной сборке загружаемых данных.
🔗 https://github.com/snovvcrash/exfiltrate
👍7
Offensive Xwitter
😈 [ Akamai Security Intelligence Group @akamai_research ] Turns out, sometimes it isn't DNS... it's DHCP 👀 See @oridavid123's research on how DHCP can be used to spoof DNS records- potentially leading to Active Directory compromise. Worst part? No credentials…
😈 [ Akamai Security Intelligence Group @akamai_research ]
Earlier this month we released research by @oridavid123 on using DHCP to spoof DNS. But wait, there's more!
We are proud to release DDSpoof: a Python-based tool that enables red and blue teams to perform and study DHCP DNS attacks.
Learn how to use it:
🔗 https://www.akamai.com/blog/security-research/weaponizing-dhcp-dns-spoofing-hands-on-guide?filter=123
🐥 [ tweet ]
Earlier this month we released research by @oridavid123 on using DHCP to spoof DNS. But wait, there's more!
We are proud to release DDSpoof: a Python-based tool that enables red and blue teams to perform and study DHCP DNS attacks.
Learn how to use it:
🔗 https://www.akamai.com/blog/security-research/weaponizing-dhcp-dns-spoofing-hands-on-guide?filter=123
🐥 [ tweet ]
🔥6
😈 [ Grzegorz Tworek @0gtweet ]
Do you store your "DNS dynamic update registration credentials" in a DHCP?
Cute, it means I have a new tool for you 😁😈
Enjoy the DHCP Server DNS Password Stealer. The C source code, and the compiled exe, as usual:
🔗 https://github.com/gtworek/PSBits/tree/master/PasswordStealing/DHCP
🐥 [ tweet ]
Do you store your "DNS dynamic update registration credentials" in a DHCP?
Cute, it means I have a new tool for you 😁😈
Enjoy the DHCP Server DNS Password Stealer. The C source code, and the compiled exe, as usual:
🔗 https://github.com/gtworek/PSBits/tree/master/PasswordStealing/DHCP
🐥 [ tweet ]
🤯2🔥1
😈 [ Synacktiv @Synacktiv ]
One of our ninjas (@_ixty_) wrote a series of articles explaining how to write a win32 keylogger that supports all input languages (that don't use input method editors). Here is the first part which focuses on capturing keyboard events!
🔗 https://www.synacktiv.com/publications/writing-a-decent-win32-keylogger-13
🐥 [ tweet ]
One of our ninjas (@_ixty_) wrote a series of articles explaining how to write a win32 keylogger that supports all input languages (that don't use input method editors). Here is the first part which focuses on capturing keyboard events!
🔗 https://www.synacktiv.com/publications/writing-a-decent-win32-keylogger-13
🐥 [ tweet ]
🔥2
😈 [ rvrsh3ll @424f424f ]
@chvancooten is a certified #OST badass 🫡
🔗 https://github.com/cobbr/Covenant/issues/391#issuecomment-1859177527
🐥 [ tweet ]
@chvancooten is a certified #OST badass 🫡
🔗 https://github.com/cobbr/Covenant/issues/391#issuecomment-1859177527
🐥 [ tweet ]
смешнявка😁8👍1🥱1
😈 [ V❄️ @vincenzosantuc1 ]
What's better for Christmas than a nice read about Reflective DLL Injection? 🎄
🔗 https://oldboy21.github.io/posts/2023/12/all-i-want-for-christmas-is-reflective-dll-injection/
#reflectivedll #oldbutgold #cplusplus #code #belloblog
🐥 [ tweet ]
What's better for Christmas than a nice read about Reflective DLL Injection? 🎄
🔗 https://oldboy21.github.io/posts/2023/12/all-i-want-for-christmas-is-reflective-dll-injection/
#reflectivedll #oldbutgold #cplusplus #code #belloblog
🐥 [ tweet ]
👍5😁2
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ Alex neff @al3x_n3ff ]
A small gift: NetExec now supports Tab-Completion 🎁
Made by @Adamkadaban
Merry Christmas!🎄
🐥 [ tweet ]
A small gift: NetExec now supports Tab-Completion 🎁
Made by @Adamkadaban
Merry Christmas!🎄
🐥 [ tweet ]
🔥10🥱1
😈 [ Ido Veltzman @Idov31 ]
There was no update for a while and the reason being a massive bug fixes, feature checking and a new feature (fun fact: it is the 23th feature!).
Now, you can use Nidhogg to dump credentials from LSASS!
Go check it out:
🔗 https://github.com/Idov31/Nidhogg/tree/dev
#infosec #CyberSecurity
🐥 [ tweet ]
There was no update for a while and the reason being a massive bug fixes, feature checking and a new feature (fun fact: it is the 23th feature!).
Now, you can use Nidhogg to dump credentials from LSASS!
Go check it out:
🔗 https://github.com/Idov31/Nidhogg/tree/dev
#infosec #CyberSecurity
🐥 [ tweet ]
👍3😁3
😈 [ Josh @passthehashbrwn ]
THIS is an APT. No "cmd /c net user", just technical capability that's almost indistinguishable from magic
🔗 https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
🔗 https://koeln.ftp.media.ccc.de/congress/2023/h264-hd/37c3-11859-eng-Operation_Triangulation_What_You_Get_When_Attack_iPhones_of_Researchers.mp4
TL;DR
🔗 https://xakep.ru/2023/12/27/operation-triangulation-hardware-mystery/
🐥 [ tweet ]
THIS is an APT. No "cmd /c net user", just technical capability that's almost indistinguishable from magic
🔗 https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
🔗 https://koeln.ftp.media.ccc.de/congress/2023/h264-hd/37c3-11859-eng-Operation_Triangulation_What_You_Get_When_Attack_iPhones_of_Researchers.mp4
TL;DR
🔗 https://xakep.ru/2023/12/27/operation-triangulation-hardware-mystery/
🐥 [ tweet ]
🤯14🔥1
😈 [ an0n @an0n_r0 ]
OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it is by @netero_1010:
🔗 https://github.com/netero1010/EDRSilencer
🐥 [ tweet ]
OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it is by @netero_1010:
🔗 https://github.com/netero1010/EDRSilencer
🐥 [ tweet ]
🔥2
Offensive Xwitter
😈 [ an0n @an0n_r0 ] OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it…
😈 [ Diego Capriotti @naksyn ]
The shutter project has been hiding in plain sight for quite some time. I've been happily using this for nearly 2 years:
🔗 https://github.com/dsnezhkov/shutter
🐥 [ tweet ]
The shutter project has been hiding in plain sight for quite some time. I've been happily using this for nearly 2 years:
🔗 https://github.com/dsnezhkov/shutter
🐥 [ tweet ]
👍3
😈 [ hackerfantastic.x @hackerfantastic ]
4 new releases from @myhackerhouse for your malware development and analysis purposes with 3 re-created from the CIA's Vault7 leak:
🔗 https://github.com/hackerhouse-opensource/marble
🔗 https://github.com/hackerhouse-opensource/WMIProcessWatcher
🔗 https://github.com/hackerhouse-opensource/Artillery
🔗 https://github.com/hackerhouse-opensource/SignToolEx
Happy New Year & Enjoy 2024!🎇
🐥 [ tweet ]
4 new releases from @myhackerhouse for your malware development and analysis purposes with 3 re-created from the CIA's Vault7 leak:
🔗 https://github.com/hackerhouse-opensource/marble
🔗 https://github.com/hackerhouse-opensource/WMIProcessWatcher
🔗 https://github.com/hackerhouse-opensource/Artillery
🔗 https://github.com/hackerhouse-opensource/SignToolEx
Happy New Year & Enjoy 2024!🎇
🐥 [ tweet ]
👍4
Мы с вдовой Клико поздравляем всех с Наступающим! У меня нет модной статы с TGStat, но и так видно, что канал развивался продуктивно (всех обнял). Дальше – больше, stay tuned 🎄 🍾
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥33👍5😁2🤔1
😈 [ NULL @NUL0x4C ]
Publishing a PoC for an interesting code injection technique
🔗 https://github.com/Maldev-Academy/Christmas
🐥 [ tweet ]
Publishing a PoC for an interesting code injection technique
🔗 https://github.com/Maldev-Academy/Christmas
🐥 [ tweet ]
👍5
😈 [ modexp @modexpblog ]
Compression using undocumented RDP API. Code is a bit rough. Might interest you @0gtweet as there are potentially other ways to do it. e.g. COM
🔗 https://gist.github.com/odzhan/56eb105a611dcdebd1d3a084c7312190
🐥 [ tweet ]
Compression using undocumented RDP API. Code is a bit rough. Might interest you @0gtweet as there are potentially other ways to do it. e.g. COM
🔗 https://gist.github.com/odzhan/56eb105a611dcdebd1d3a084c7312190
🐥 [ tweet ]
🔥4🥱1
😈 [ Matt Hand @matterpreter ]
Windows is a meme. I've spent the better part of the afternoon wondering why my code isn't working. Turns out this has been known since at least 2021...
🔗 https://dennisbabkin.com/blog/?t=when-developers-give-up-deletesecuritypackage-function
🐥 [ tweet ]
Windows is a meme. I've spent the better part of the afternoon wondering why my code isn't working. Turns out this has been known since at least 2021...
🔗 https://dennisbabkin.com/blog/?t=when-developers-give-up-deletesecuritypackage-function
🐥 [ tweet ]
Directed by Robert B. Weide😁14🥱1