😈 [ Grzegorz Tworek @0gtweet ]
Do you store your "DNS dynamic update registration credentials" in a DHCP?
Cute, it means I have a new tool for you 😁😈
Enjoy the DHCP Server DNS Password Stealer. The C source code, and the compiled exe, as usual:
🔗 https://github.com/gtworek/PSBits/tree/master/PasswordStealing/DHCP
🐥 [ tweet ]
Do you store your "DNS dynamic update registration credentials" in a DHCP?
Cute, it means I have a new tool for you 😁😈
Enjoy the DHCP Server DNS Password Stealer. The C source code, and the compiled exe, as usual:
🔗 https://github.com/gtworek/PSBits/tree/master/PasswordStealing/DHCP
🐥 [ tweet ]
🤯2🔥1
😈 [ Synacktiv @Synacktiv ]
One of our ninjas (@_ixty_) wrote a series of articles explaining how to write a win32 keylogger that supports all input languages (that don't use input method editors). Here is the first part which focuses on capturing keyboard events!
🔗 https://www.synacktiv.com/publications/writing-a-decent-win32-keylogger-13
🐥 [ tweet ]
One of our ninjas (@_ixty_) wrote a series of articles explaining how to write a win32 keylogger that supports all input languages (that don't use input method editors). Here is the first part which focuses on capturing keyboard events!
🔗 https://www.synacktiv.com/publications/writing-a-decent-win32-keylogger-13
🐥 [ tweet ]
🔥2
😈 [ rvrsh3ll @424f424f ]
@chvancooten is a certified #OST badass 🫡
🔗 https://github.com/cobbr/Covenant/issues/391#issuecomment-1859177527
🐥 [ tweet ]
@chvancooten is a certified #OST badass 🫡
🔗 https://github.com/cobbr/Covenant/issues/391#issuecomment-1859177527
🐥 [ tweet ]
смешнявка😁8👍1🥱1
😈 [ V❄️ @vincenzosantuc1 ]
What's better for Christmas than a nice read about Reflective DLL Injection? 🎄
🔗 https://oldboy21.github.io/posts/2023/12/all-i-want-for-christmas-is-reflective-dll-injection/
#reflectivedll #oldbutgold #cplusplus #code #belloblog
🐥 [ tweet ]
What's better for Christmas than a nice read about Reflective DLL Injection? 🎄
🔗 https://oldboy21.github.io/posts/2023/12/all-i-want-for-christmas-is-reflective-dll-injection/
#reflectivedll #oldbutgold #cplusplus #code #belloblog
🐥 [ tweet ]
👍5😁2
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ Alex neff @al3x_n3ff ]
A small gift: NetExec now supports Tab-Completion 🎁
Made by @Adamkadaban
Merry Christmas!🎄
🐥 [ tweet ]
A small gift: NetExec now supports Tab-Completion 🎁
Made by @Adamkadaban
Merry Christmas!🎄
🐥 [ tweet ]
🔥10🥱1
😈 [ Ido Veltzman @Idov31 ]
There was no update for a while and the reason being a massive bug fixes, feature checking and a new feature (fun fact: it is the 23th feature!).
Now, you can use Nidhogg to dump credentials from LSASS!
Go check it out:
🔗 https://github.com/Idov31/Nidhogg/tree/dev
#infosec #CyberSecurity
🐥 [ tweet ]
There was no update for a while and the reason being a massive bug fixes, feature checking and a new feature (fun fact: it is the 23th feature!).
Now, you can use Nidhogg to dump credentials from LSASS!
Go check it out:
🔗 https://github.com/Idov31/Nidhogg/tree/dev
#infosec #CyberSecurity
🐥 [ tweet ]
👍3😁3
😈 [ Josh @passthehashbrwn ]
THIS is an APT. No "cmd /c net user", just technical capability that's almost indistinguishable from magic
🔗 https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
🔗 https://koeln.ftp.media.ccc.de/congress/2023/h264-hd/37c3-11859-eng-Operation_Triangulation_What_You_Get_When_Attack_iPhones_of_Researchers.mp4
TL;DR
🔗 https://xakep.ru/2023/12/27/operation-triangulation-hardware-mystery/
🐥 [ tweet ]
THIS is an APT. No "cmd /c net user", just technical capability that's almost indistinguishable from magic
🔗 https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
🔗 https://koeln.ftp.media.ccc.de/congress/2023/h264-hd/37c3-11859-eng-Operation_Triangulation_What_You_Get_When_Attack_iPhones_of_Researchers.mp4
TL;DR
🔗 https://xakep.ru/2023/12/27/operation-triangulation-hardware-mystery/
🐥 [ tweet ]
🤯14🔥1
😈 [ an0n @an0n_r0 ]
OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it is by @netero_1010:
🔗 https://github.com/netero1010/EDRSilencer
🐥 [ tweet ]
OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it is by @netero_1010:
🔗 https://github.com/netero1010/EDRSilencer
🐥 [ tweet ]
🔥2
Offensive Xwitter
😈 [ an0n @an0n_r0 ] OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it…
😈 [ Diego Capriotti @naksyn ]
The shutter project has been hiding in plain sight for quite some time. I've been happily using this for nearly 2 years:
🔗 https://github.com/dsnezhkov/shutter
🐥 [ tweet ]
The shutter project has been hiding in plain sight for quite some time. I've been happily using this for nearly 2 years:
🔗 https://github.com/dsnezhkov/shutter
🐥 [ tweet ]
👍3
😈 [ hackerfantastic.x @hackerfantastic ]
4 new releases from @myhackerhouse for your malware development and analysis purposes with 3 re-created from the CIA's Vault7 leak:
🔗 https://github.com/hackerhouse-opensource/marble
🔗 https://github.com/hackerhouse-opensource/WMIProcessWatcher
🔗 https://github.com/hackerhouse-opensource/Artillery
🔗 https://github.com/hackerhouse-opensource/SignToolEx
Happy New Year & Enjoy 2024!🎇
🐥 [ tweet ]
4 new releases from @myhackerhouse for your malware development and analysis purposes with 3 re-created from the CIA's Vault7 leak:
🔗 https://github.com/hackerhouse-opensource/marble
🔗 https://github.com/hackerhouse-opensource/WMIProcessWatcher
🔗 https://github.com/hackerhouse-opensource/Artillery
🔗 https://github.com/hackerhouse-opensource/SignToolEx
Happy New Year & Enjoy 2024!🎇
🐥 [ tweet ]
👍4
Мы с вдовой Клико поздравляем всех с Наступающим! У меня нет модной статы с TGStat, но и так видно, что канал развивался продуктивно (всех обнял). Дальше – больше, stay tuned 🎄 🍾
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥33👍5😁2🤔1
😈 [ NULL @NUL0x4C ]
Publishing a PoC for an interesting code injection technique
🔗 https://github.com/Maldev-Academy/Christmas
🐥 [ tweet ]
Publishing a PoC for an interesting code injection technique
🔗 https://github.com/Maldev-Academy/Christmas
🐥 [ tweet ]
👍5
😈 [ modexp @modexpblog ]
Compression using undocumented RDP API. Code is a bit rough. Might interest you @0gtweet as there are potentially other ways to do it. e.g. COM
🔗 https://gist.github.com/odzhan/56eb105a611dcdebd1d3a084c7312190
🐥 [ tweet ]
Compression using undocumented RDP API. Code is a bit rough. Might interest you @0gtweet as there are potentially other ways to do it. e.g. COM
🔗 https://gist.github.com/odzhan/56eb105a611dcdebd1d3a084c7312190
🐥 [ tweet ]
🔥4🥱1
😈 [ Matt Hand @matterpreter ]
Windows is a meme. I've spent the better part of the afternoon wondering why my code isn't working. Turns out this has been known since at least 2021...
🔗 https://dennisbabkin.com/blog/?t=when-developers-give-up-deletesecuritypackage-function
🐥 [ tweet ]
Windows is a meme. I've spent the better part of the afternoon wondering why my code isn't working. Turns out this has been known since at least 2021...
🔗 https://dennisbabkin.com/blog/?t=when-developers-give-up-deletesecuritypackage-function
🐥 [ tweet ]
Directed by Robert B. Weide😁14🥱1
😈 [ p4p1 @p4p1_wt7 ]
Happy New Year all, New module on the #havocframework store to work with Bloodhound CE. Automatically call your SharpHound.exe and upload your .json files directly from the havoc interface!
🔗 https://github.com/p4p1/havoc-bloodhound
🔗 https://p4p1.github.io/havoc-store/
🐥 [ tweet ]
Happy New Year all, New module on the #havocframework store to work with Bloodhound CE. Automatically call your SharpHound.exe and upload your .json files directly from the havoc interface!
🔗 https://github.com/p4p1/havoc-bloodhound
🔗 https://p4p1.github.io/havoc-store/
🐥 [ tweet ]
👍5
😈 [ Cas van Cooten @chvancooten ]
GPT-4-Vision was trained not to solve Captcha prompts... But this is easy to circumvent with the ol' Grandma exploit 😂
🐥 [ tweet ]
GPT-4-Vision was trained not to solve Captcha prompts... But this is easy to circumvent with the ol' Grandma exploit 😂
🐥 [ tweet ]
😁14👍1🤔1
😈 [ SchrodingersAV @SchrodingersAV ]
Read about a technique involving tampering with scheduled tasks, and was inspired to build a powershell noscript to edit scheduled tasks via the registry keys.
Can be used in memory with powershell!
#redteam #cybersecurity #hacking
🔗 https://gist.github.com/Workingdaturah/991de2d176b4b8c8bafd29cc957e20c2
🐥 [ tweet ]
Read about a technique involving tampering with scheduled tasks, and was inspired to build a powershell noscript to edit scheduled tasks via the registry keys.
Can be used in memory with powershell!
#redteam #cybersecurity #hacking
🔗 https://gist.github.com/Workingdaturah/991de2d176b4b8c8bafd29cc957e20c2
🐥 [ tweet ]
🔥3👍1