😈 [ Josh @passthehashbrwn ]
THIS is an APT. No "cmd /c net user", just technical capability that's almost indistinguishable from magic
🔗 https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
🔗 https://koeln.ftp.media.ccc.de/congress/2023/h264-hd/37c3-11859-eng-Operation_Triangulation_What_You_Get_When_Attack_iPhones_of_Researchers.mp4
TL;DR
🔗 https://xakep.ru/2023/12/27/operation-triangulation-hardware-mystery/
🐥 [ tweet ]
THIS is an APT. No "cmd /c net user", just technical capability that's almost indistinguishable from magic
🔗 https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
🔗 https://koeln.ftp.media.ccc.de/congress/2023/h264-hd/37c3-11859-eng-Operation_Triangulation_What_You_Get_When_Attack_iPhones_of_Researchers.mp4
TL;DR
🔗 https://xakep.ru/2023/12/27/operation-triangulation-hardware-mystery/
🐥 [ tweet ]
🤯14🔥1
😈 [ an0n @an0n_r0 ]
OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it is by @netero_1010:
🔗 https://github.com/netero1010/EDRSilencer
🐥 [ tweet ]
OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it is by @netero_1010:
🔗 https://github.com/netero1010/EDRSilencer
🐥 [ tweet ]
🔥2
Offensive Xwitter
😈 [ an0n @an0n_r0 ] OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it…
😈 [ Diego Capriotti @naksyn ]
The shutter project has been hiding in plain sight for quite some time. I've been happily using this for nearly 2 years:
🔗 https://github.com/dsnezhkov/shutter
🐥 [ tweet ]
The shutter project has been hiding in plain sight for quite some time. I've been happily using this for nearly 2 years:
🔗 https://github.com/dsnezhkov/shutter
🐥 [ tweet ]
👍3
😈 [ hackerfantastic.x @hackerfantastic ]
4 new releases from @myhackerhouse for your malware development and analysis purposes with 3 re-created from the CIA's Vault7 leak:
🔗 https://github.com/hackerhouse-opensource/marble
🔗 https://github.com/hackerhouse-opensource/WMIProcessWatcher
🔗 https://github.com/hackerhouse-opensource/Artillery
🔗 https://github.com/hackerhouse-opensource/SignToolEx
Happy New Year & Enjoy 2024!🎇
🐥 [ tweet ]
4 new releases from @myhackerhouse for your malware development and analysis purposes with 3 re-created from the CIA's Vault7 leak:
🔗 https://github.com/hackerhouse-opensource/marble
🔗 https://github.com/hackerhouse-opensource/WMIProcessWatcher
🔗 https://github.com/hackerhouse-opensource/Artillery
🔗 https://github.com/hackerhouse-opensource/SignToolEx
Happy New Year & Enjoy 2024!🎇
🐥 [ tweet ]
👍4
Мы с вдовой Клико поздравляем всех с Наступающим! У меня нет модной статы с TGStat, но и так видно, что канал развивался продуктивно (всех обнял). Дальше – больше, stay tuned 🎄 🍾
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥33👍5😁2🤔1
😈 [ NULL @NUL0x4C ]
Publishing a PoC for an interesting code injection technique
🔗 https://github.com/Maldev-Academy/Christmas
🐥 [ tweet ]
Publishing a PoC for an interesting code injection technique
🔗 https://github.com/Maldev-Academy/Christmas
🐥 [ tweet ]
👍5
😈 [ modexp @modexpblog ]
Compression using undocumented RDP API. Code is a bit rough. Might interest you @0gtweet as there are potentially other ways to do it. e.g. COM
🔗 https://gist.github.com/odzhan/56eb105a611dcdebd1d3a084c7312190
🐥 [ tweet ]
Compression using undocumented RDP API. Code is a bit rough. Might interest you @0gtweet as there are potentially other ways to do it. e.g. COM
🔗 https://gist.github.com/odzhan/56eb105a611dcdebd1d3a084c7312190
🐥 [ tweet ]
🔥4🥱1
😈 [ Matt Hand @matterpreter ]
Windows is a meme. I've spent the better part of the afternoon wondering why my code isn't working. Turns out this has been known since at least 2021...
🔗 https://dennisbabkin.com/blog/?t=when-developers-give-up-deletesecuritypackage-function
🐥 [ tweet ]
Windows is a meme. I've spent the better part of the afternoon wondering why my code isn't working. Turns out this has been known since at least 2021...
🔗 https://dennisbabkin.com/blog/?t=when-developers-give-up-deletesecuritypackage-function
🐥 [ tweet ]
Directed by Robert B. Weide😁14🥱1
😈 [ p4p1 @p4p1_wt7 ]
Happy New Year all, New module on the #havocframework store to work with Bloodhound CE. Automatically call your SharpHound.exe and upload your .json files directly from the havoc interface!
🔗 https://github.com/p4p1/havoc-bloodhound
🔗 https://p4p1.github.io/havoc-store/
🐥 [ tweet ]
Happy New Year all, New module on the #havocframework store to work with Bloodhound CE. Automatically call your SharpHound.exe and upload your .json files directly from the havoc interface!
🔗 https://github.com/p4p1/havoc-bloodhound
🔗 https://p4p1.github.io/havoc-store/
🐥 [ tweet ]
👍5
😈 [ Cas van Cooten @chvancooten ]
GPT-4-Vision was trained not to solve Captcha prompts... But this is easy to circumvent with the ol' Grandma exploit 😂
🐥 [ tweet ]
GPT-4-Vision was trained not to solve Captcha prompts... But this is easy to circumvent with the ol' Grandma exploit 😂
🐥 [ tweet ]
😁14👍1🤔1
😈 [ SchrodingersAV @SchrodingersAV ]
Read about a technique involving tampering with scheduled tasks, and was inspired to build a powershell noscript to edit scheduled tasks via the registry keys.
Can be used in memory with powershell!
#redteam #cybersecurity #hacking
🔗 https://gist.github.com/Workingdaturah/991de2d176b4b8c8bafd29cc957e20c2
🐥 [ tweet ]
Read about a technique involving tampering with scheduled tasks, and was inspired to build a powershell noscript to edit scheduled tasks via the registry keys.
Can be used in memory with powershell!
#redteam #cybersecurity #hacking
🔗 https://gist.github.com/Workingdaturah/991de2d176b4b8c8bafd29cc957e20c2
🐥 [ tweet ]
🔥3👍1
Offensive Xwitter
😈 [ SchrodingersAV @SchrodingersAV ] Read about a technique involving tampering with scheduled tasks, and was inspired to build a powershell noscript to edit scheduled tasks via the registry keys. Can be used in memory with powershell! #redteam #cybersecurity…
😈 [ David @dmcxblue ]
Managed to port to C# the Invoke-GhostTask from @SchrodingersAV, added a little bit more details on what is going on.
#redteam
🔗 https://github.com/dmcxblue/SharpGhostTask
🐥 [ tweet ]
Managed to port to C# the Invoke-GhostTask from @SchrodingersAV, added a little bit more details on what is going on.
#redteam
🔗 https://github.com/dmcxblue/SharpGhostTask
🐥 [ tweet ]
🔥4👍2
😈 [ Joshua Rogers @MegaManSec ]
Today I am proud to be officially releasing a tool I've been working on recently: SSH-Snake.
A self-replicating and self-propagating -- completely fileless -- ssh-based worm that discovers ssh private keys and destinations. Make cool graphs, too!
🔗 https://github.com/MegaManSec/SSH-Snake
🐥 [ tweet ]
Today I am proud to be officially releasing a tool I've been working on recently: SSH-Snake.
A self-replicating and self-propagating -- completely fileless -- ssh-based worm that discovers ssh private keys and destinations. Make cool graphs, too!
🔗 https://github.com/MegaManSec/SSH-Snake
🐥 [ tweet ]
👍13
😈 [ BlackArrow @BlackArrowSec ]
Our colleague @IagoAbad has weaponized the leaked token handles technique for MSSQL.
Now open token handles in MSSQL's process (sqlservr.exe) can be abused to change security context and escalate privileges both locally and in the domain.
🔗 https://github.com/blackarrowsec/Handly
🐥 [ tweet ]
Our colleague @IagoAbad has weaponized the leaked token handles technique for MSSQL.
Now open token handles in MSSQL's process (sqlservr.exe) can be abused to change security context and escalate privileges both locally and in the domain.
🔗 https://github.com/blackarrowsec/Handly
🐥 [ tweet ]
🔥5
😈 [ Rasta Mouse @_RastaMouse ]
[BLOG]
First post of 2024. Why, as a C# dev, you should use SafeHandle classes instead of IntPtr's.
🔗 https://rastamouse.me/safehandle-vs-intptr/
🐥 [ tweet ]
[BLOG]
First post of 2024. Why, as a C# dev, you should use SafeHandle classes instead of IntPtr's.
🔗 https://rastamouse.me/safehandle-vs-intptr/
🐥 [ tweet ]
🔥4👍2🤔1
😈 [ Grzegorz Tworek @0gtweet ]
Token stealing (aka duplication) with syscalls only? Not sure if it’s novel approach but had to try anyway. 🤷♂️
NtOpenProcessToken, NtAdjustPrivilegesToken, NtOpenProcess, NtDuplicateToken, and NtSetInformationThread at your service! Enjoy the C code:
🔗 https://github.com/gtworek/PSBits/blob/master/Misc/TokenStealWithSyscalls.c
🐥 [ tweet ]
Token stealing (aka duplication) with syscalls only? Not sure if it’s novel approach but had to try anyway. 🤷♂️
NtOpenProcessToken, NtAdjustPrivilegesToken, NtOpenProcess, NtDuplicateToken, and NtSetInformationThread at your service! Enjoy the C code:
🔗 https://github.com/gtworek/PSBits/blob/master/Misc/TokenStealWithSyscalls.c
🐥 [ tweet ]
👍5🔥1
😈 [ Synacktiv @Synacktiv ]
Have you ever wondered what the attack surface of Counter Strike: Global Offensive looks like? Our ninjas @myr463 and @v1csec studied it and found a server to client bug! Read more details about this research in our latest blogpost.
🔗 https://www.synacktiv.com/publications/exploring-counter-strike-global-offensive-attack-surface
🐥 [ tweet ]
Have you ever wondered what the attack surface of Counter Strike: Global Offensive looks like? Our ninjas @myr463 and @v1csec studied it and found a server to client bug! Read more details about this research in our latest blogpost.
🔗 https://www.synacktiv.com/publications/exploring-counter-strike-global-offensive-attack-surface
🐥 [ tweet ]
👍1🔥1