😈 [ pfiatde @pfiatde ]
This is crazy. Github does not prevent you from accessing commits which are reverted nor shown in the UI.
Just query the API and you are ready to go. Cool Blogpost!
🔗 https://neodyme.io/en/blog/github_secrets/
🐥 [ tweet ]
This is crazy. Github does not prevent you from accessing commits which are reverted nor shown in the UI.
Just query the API and you are ready to go. Cool Blogpost!
🔗 https://neodyme.io/en/blog/github_secrets/
🐥 [ tweet ]
😁5👍1🔥1
😈 [ Garrett @garrfoster ]
SCCM hierarchy takeover by abusing site server high availability. In this blog, I walkthrough what active and passive site servers are and share multiple abusable scenarios that come bundled in.
🔗 https://posts.specterops.io/sccm-hierarchy-takeover-with-high-availability-7dcbd3696b43
🐥 [ tweet ]
SCCM hierarchy takeover by abusing site server high availability. In this blog, I walkthrough what active and passive site servers are and share multiple abusable scenarios that come bundled in.
🔗 https://posts.specterops.io/sccm-hierarchy-takeover-with-high-availability-7dcbd3696b43
🐥 [ tweet ]
🔥2👍1
Раз у нас канал чутка завязан на Твиттере, давайте все вместе порадуемся за мои 10к 🤗
🔥44👍2
😈 [ Justin Ibarra @br0k3ns0und ]
Just updated with a few more entries.
Also, let me know if there are any others that should be added
🔗 http://lolol.farm
🐥 [ tweet ]
Just updated with a few more entries.
Also, let me know if there are any others that should be added
🔗 http://lolol.farm
🐥 [ tweet ]
👍5
😈 [ 0xdf @0xdf_ ]
In Visual from @hackthebox_eu I'll exploit a Visual Studio build service. The most interesting part is recovering SeImpersonate for the local service account using FullPower so that I can run a Potato exploit.
🔗 https://0xdf.gitlab.io/2024/02/24/htb-visual.html
🐥 [ tweet ]
In Visual from @hackthebox_eu I'll exploit a Visual Studio build service. The most interesting part is recovering SeImpersonate for the local service account using FullPower so that I can run a Potato exploit.
🔗 https://0xdf.gitlab.io/2024/02/24/htb-visual.html
🐥 [ tweet ]
давно уже не читал htbшные врайтапы, но этот прикольный👍4
😈 [ 𝕯𝖒𝖎𝖙𝖗𝖞 𝕾𝖒𝖎𝖑𝖞𝖆𝖓𝖊𝖙𝖘 @ddd1ms ]
#LockBit releases a long read of what happened. Full text below.
🔗 https://samples.vx-underground.org/tmp/Lockbit_Statement_2024-02-24.txt
🐥 [ tweet ]
#LockBit releases a long read of what happened. Full text below.
🔗 https://samples.vx-underground.org/tmp/Lockbit_Statement_2024-02-24.txt
🐥 [ tweet ]
😁13🤔4
😈 [ spencer @techspence ]
👀Well that is interesting...i've never heard of this before
🔗 https://www.huntress.com/blog/slashandgrab-screen-connect-post-exploitation-in-the-wild-cve-2024-1709-cve-2024-1708
🐥 [ tweet ]
👀Well that is interesting...i've never heard of this before
🔗 https://www.huntress.com/blog/slashandgrab-screen-connect-post-exploitation-in-the-wild-cve-2024-1709-cve-2024-1708
🐥 [ tweet ]
👍8🔥3😁1
😈 [ Matthew @embee_research ]
New Record for My Longest CyberChef Recipe Ever... 😅
A 22 operation configuration extractor in CyberChef. Utilising Regex, AES, Registers and Flow Control to decode as 3 stage malware sample 🕵️♂️
🔗 https://youtu.be/CIg4TXFJRK0?feature=shared
🔗 https://embee-research.ghost.io/advanced-cyberchef-operations-netsupport/
🐥 [ tweet ]
New Record for My Longest CyberChef Recipe Ever... 😅
A 22 operation configuration extractor in CyberChef. Utilising Regex, AES, Registers and Flow Control to decode as 3 stage malware sample 🕵️♂️
🔗 https://youtu.be/CIg4TXFJRK0?feature=shared
🔗 https://embee-research.ghost.io/advanced-cyberchef-operations-netsupport/
🐥 [ tweet ]
👍6
😈 [ ap @decoder_it ]
Hello: I'm your ADCS server and I want to authenticate against you. My latest Post and PoC are out. You can read it here: Enjoy :)
🔗 https://decoder.cloud/2024/02/26/hello-im-your-adcs-server-and-i-want-to-authenticate-against-you/
🐥 [ tweet ]
Hello: I'm your ADCS server and I want to authenticate against you. My latest Post and PoC are out. You can read it here: Enjoy :)
🔗 https://decoder.cloud/2024/02/26/hello-im-your-adcs-server-and-i-want-to-authenticate-against-you/
🐥 [ tweet ]
👍2
😈 [ eversinc33 🩸🗡️ @eversinc33 ]
Wrote a short blog post about implementing stealthy keylogging in the kernel with gafAsyncKeyState, inspired by @chompie1337's & @FuzzySec's blackhat talk
🔗 https://eversinc33.com/posts/kernel-mode-keylogging/
🐥 [ tweet ]
Wrote a short blog post about implementing stealthy keylogging in the kernel with gafAsyncKeyState, inspired by @chompie1337's & @FuzzySec's blackhat talk
🔗 https://eversinc33.com/posts/kernel-mode-keylogging/
🐥 [ tweet ]
🔥1
Forwarded from Внутрянка
Материал про пентест 1С
Ardent101
Еще 1 раз про пентест 1С
Введение Настоящий материал по большей части состоит из общедоступных наработок других людей. Целью было проверить указанные наработки на практике и собрать получившиеся результаты в одном месте. Именно этим объясняется название статьи.
Продолжу рассуждение…
Продолжу рассуждение…
🔥4
😈 [ Grzegorz Tworek @0gtweet ]
Eliminate huge part of lateral movement scenarios with one command:
It will make Service Control Manager deaf to remote management. Everything else works properly.
🐥 [ tweet ]
Eliminate huge part of lateral movement scenarios with one command:
reg.exe add HKLM\SYSTEM\CurrentControlSet\Control /v DisableRemoteScmEndpoints /t REG_DWORD /d 1
It will make Service Control Manager deaf to remote management. Everything else works properly.
🐥 [ tweet ]
👍10🔥1😁1😢1
😈 [ Winslow @senzee1984 ]
MutationGate is a new approach to bypass EDR's inline hooking by replacing an unhooked NTAPI's SSN with a hooked NTAPI's SSN at run time with hardware breakpoint.
🔗 https://winslow1984.com/books/malware/page/mutationgate
🔗 https://github.com/senzee1984/MutationGate
🐥 [ tweet ]
MutationGate is a new approach to bypass EDR's inline hooking by replacing an unhooked NTAPI's SSN with a hooked NTAPI's SSN at run time with hardware breakpoint.
🔗 https://winslow1984.com/books/malware/page/mutationgate
🔗 https://github.com/senzee1984/MutationGate
🐥 [ tweet ]
🔥9👍1
😈 [ Jonas Bülow Knudsen @Jonas_B_K ]
Wrote another blog post about yet another ADCS abuse technique. This one is about explicit certificate mapping 📌📃🗺️
🔗 https://medium.com/specter-ops-posts/adcs-esc14-abuse-technique-333a004dc2b9
🐥 [ tweet ]
Wrote another blog post about yet another ADCS abuse technique. This one is about explicit certificate mapping 📌📃🗺️
🔗 https://medium.com/specter-ops-posts/adcs-esc14-abuse-technique-333a004dc2b9
🐥 [ tweet ]
🔥3👍1
😈 [ Austin Hudson @ilove2pwn_ ]
"A Summary of Memory Obuscation & Building Chains": A simple blogpost that highlights the two concepts that I utilize to my advantage.
🔗 https://suspicious.actor/misc/2024/02/29/memory-obfuscation-tldr.html
🐥 [ tweet ]
"A Summary of Memory Obuscation & Building Chains": A simple blogpost that highlights the two concepts that I utilize to my advantage.
🔗 https://suspicious.actor/misc/2024/02/29/memory-obfuscation-tldr.html
🐥 [ tweet ]
🔥5🤔2👍1
😈 [ blackorbird @blackorbird ]
#Lazarus exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools.CVE-2024-21338
Beyond BYOVD with an Admin-to-Kernel Zero-Day
🔗 https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/
🐥 [ tweet ]
#Lazarus exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools.CVE-2024-21338
Beyond BYOVD with an Admin-to-Kernel Zero-Day
🔗 https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/
🐥 [ tweet ]
👍7🔥3
😈 [ CODE WHITE GmbH @codewhitesec ]
Struggeling to get those precious certificates with #certipy and AD CS instances that do not support web enrollment and do not expose CertSvc via RPC? @qtc_de has you covered and added functionality to use DCOM instead of good old RPC #redteaming
🔗 https://github.com/ly4k/Certipy/pull/201
🐥 [ tweet ]
Struggeling to get those precious certificates with #certipy and AD CS instances that do not support web enrollment and do not expose CertSvc via RPC? @qtc_de has you covered and added functionality to use DCOM instead of good old RPC #redteaming
🔗 https://github.com/ly4k/Certipy/pull/201
🐥 [ tweet ]
🔥7
😈 [ Grzegorz Tworek @0gtweet ]
Writable SYSVOL --> Domain Admin:
🔗 http://x.com/i/article/1763673505873240064
🐥 [ tweet ]
Writable SYSVOL --> Domain Admin:
🔗 http://x.com/i/article/1763673505873240064
🐥 [ tweet ]
👍3🔥1🤔1
😈 [ Ninad Mishra @NinadMishra5 ]
Nice blog about Recon Automation using tools like Subfinder, Chaos, Nuclei, Httpx, Notify, and Anew to find bugs and vulnerabilities.
🔗 https://dhiyaneshgeek.github.io/bug/bounty/2020/02/06/recon-with-me/
🐥 [ tweet ]
Nice blog about Recon Automation using tools like Subfinder, Chaos, Nuclei, Httpx, Notify, and Anew to find bugs and vulnerabilities.
🔗 https://dhiyaneshgeek.github.io/bug/bounty/2020/02/06/recon-with-me/
🐥 [ tweet ]
🔥3