Раз у нас канал чутка завязан на Твиттере, давайте все вместе порадуемся за мои 10к 🤗
🔥44👍2
😈 [ Justin Ibarra @br0k3ns0und ]
Just updated with a few more entries.
Also, let me know if there are any others that should be added
🔗 http://lolol.farm
🐥 [ tweet ]
Just updated with a few more entries.
Also, let me know if there are any others that should be added
🔗 http://lolol.farm
🐥 [ tweet ]
👍5
😈 [ 0xdf @0xdf_ ]
In Visual from @hackthebox_eu I'll exploit a Visual Studio build service. The most interesting part is recovering SeImpersonate for the local service account using FullPower so that I can run a Potato exploit.
🔗 https://0xdf.gitlab.io/2024/02/24/htb-visual.html
🐥 [ tweet ]
In Visual from @hackthebox_eu I'll exploit a Visual Studio build service. The most interesting part is recovering SeImpersonate for the local service account using FullPower so that I can run a Potato exploit.
🔗 https://0xdf.gitlab.io/2024/02/24/htb-visual.html
🐥 [ tweet ]
давно уже не читал htbшные врайтапы, но этот прикольный👍4
😈 [ 𝕯𝖒𝖎𝖙𝖗𝖞 𝕾𝖒𝖎𝖑𝖞𝖆𝖓𝖊𝖙𝖘 @ddd1ms ]
#LockBit releases a long read of what happened. Full text below.
🔗 https://samples.vx-underground.org/tmp/Lockbit_Statement_2024-02-24.txt
🐥 [ tweet ]
#LockBit releases a long read of what happened. Full text below.
🔗 https://samples.vx-underground.org/tmp/Lockbit_Statement_2024-02-24.txt
🐥 [ tweet ]
😁13🤔4
😈 [ spencer @techspence ]
👀Well that is interesting...i've never heard of this before
🔗 https://www.huntress.com/blog/slashandgrab-screen-connect-post-exploitation-in-the-wild-cve-2024-1709-cve-2024-1708
🐥 [ tweet ]
👀Well that is interesting...i've never heard of this before
🔗 https://www.huntress.com/blog/slashandgrab-screen-connect-post-exploitation-in-the-wild-cve-2024-1709-cve-2024-1708
🐥 [ tweet ]
👍8🔥3😁1
😈 [ Matthew @embee_research ]
New Record for My Longest CyberChef Recipe Ever... 😅
A 22 operation configuration extractor in CyberChef. Utilising Regex, AES, Registers and Flow Control to decode as 3 stage malware sample 🕵️♂️
🔗 https://youtu.be/CIg4TXFJRK0?feature=shared
🔗 https://embee-research.ghost.io/advanced-cyberchef-operations-netsupport/
🐥 [ tweet ]
New Record for My Longest CyberChef Recipe Ever... 😅
A 22 operation configuration extractor in CyberChef. Utilising Regex, AES, Registers and Flow Control to decode as 3 stage malware sample 🕵️♂️
🔗 https://youtu.be/CIg4TXFJRK0?feature=shared
🔗 https://embee-research.ghost.io/advanced-cyberchef-operations-netsupport/
🐥 [ tweet ]
👍6
😈 [ ap @decoder_it ]
Hello: I'm your ADCS server and I want to authenticate against you. My latest Post and PoC are out. You can read it here: Enjoy :)
🔗 https://decoder.cloud/2024/02/26/hello-im-your-adcs-server-and-i-want-to-authenticate-against-you/
🐥 [ tweet ]
Hello: I'm your ADCS server and I want to authenticate against you. My latest Post and PoC are out. You can read it here: Enjoy :)
🔗 https://decoder.cloud/2024/02/26/hello-im-your-adcs-server-and-i-want-to-authenticate-against-you/
🐥 [ tweet ]
👍2
😈 [ eversinc33 🩸🗡️ @eversinc33 ]
Wrote a short blog post about implementing stealthy keylogging in the kernel with gafAsyncKeyState, inspired by @chompie1337's & @FuzzySec's blackhat talk
🔗 https://eversinc33.com/posts/kernel-mode-keylogging/
🐥 [ tweet ]
Wrote a short blog post about implementing stealthy keylogging in the kernel with gafAsyncKeyState, inspired by @chompie1337's & @FuzzySec's blackhat talk
🔗 https://eversinc33.com/posts/kernel-mode-keylogging/
🐥 [ tweet ]
🔥1
Forwarded from Внутрянка
Материал про пентест 1С
Ardent101
Еще 1 раз про пентест 1С
Введение Настоящий материал по большей части состоит из общедоступных наработок других людей. Целью было проверить указанные наработки на практике и собрать получившиеся результаты в одном месте. Именно этим объясняется название статьи.
Продолжу рассуждение…
Продолжу рассуждение…
🔥4
😈 [ Grzegorz Tworek @0gtweet ]
Eliminate huge part of lateral movement scenarios with one command:
It will make Service Control Manager deaf to remote management. Everything else works properly.
🐥 [ tweet ]
Eliminate huge part of lateral movement scenarios with one command:
reg.exe add HKLM\SYSTEM\CurrentControlSet\Control /v DisableRemoteScmEndpoints /t REG_DWORD /d 1
It will make Service Control Manager deaf to remote management. Everything else works properly.
🐥 [ tweet ]
👍10🔥1😁1😢1
😈 [ Winslow @senzee1984 ]
MutationGate is a new approach to bypass EDR's inline hooking by replacing an unhooked NTAPI's SSN with a hooked NTAPI's SSN at run time with hardware breakpoint.
🔗 https://winslow1984.com/books/malware/page/mutationgate
🔗 https://github.com/senzee1984/MutationGate
🐥 [ tweet ]
MutationGate is a new approach to bypass EDR's inline hooking by replacing an unhooked NTAPI's SSN with a hooked NTAPI's SSN at run time with hardware breakpoint.
🔗 https://winslow1984.com/books/malware/page/mutationgate
🔗 https://github.com/senzee1984/MutationGate
🐥 [ tweet ]
🔥9👍1
😈 [ Jonas Bülow Knudsen @Jonas_B_K ]
Wrote another blog post about yet another ADCS abuse technique. This one is about explicit certificate mapping 📌📃🗺️
🔗 https://medium.com/specter-ops-posts/adcs-esc14-abuse-technique-333a004dc2b9
🐥 [ tweet ]
Wrote another blog post about yet another ADCS abuse technique. This one is about explicit certificate mapping 📌📃🗺️
🔗 https://medium.com/specter-ops-posts/adcs-esc14-abuse-technique-333a004dc2b9
🐥 [ tweet ]
🔥3👍1
😈 [ Austin Hudson @ilove2pwn_ ]
"A Summary of Memory Obuscation & Building Chains": A simple blogpost that highlights the two concepts that I utilize to my advantage.
🔗 https://suspicious.actor/misc/2024/02/29/memory-obfuscation-tldr.html
🐥 [ tweet ]
"A Summary of Memory Obuscation & Building Chains": A simple blogpost that highlights the two concepts that I utilize to my advantage.
🔗 https://suspicious.actor/misc/2024/02/29/memory-obfuscation-tldr.html
🐥 [ tweet ]
🔥5🤔2👍1
😈 [ blackorbird @blackorbird ]
#Lazarus exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools.CVE-2024-21338
Beyond BYOVD with an Admin-to-Kernel Zero-Day
🔗 https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/
🐥 [ tweet ]
#Lazarus exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools.CVE-2024-21338
Beyond BYOVD with an Admin-to-Kernel Zero-Day
🔗 https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/
🐥 [ tweet ]
👍7🔥3
😈 [ CODE WHITE GmbH @codewhitesec ]
Struggeling to get those precious certificates with #certipy and AD CS instances that do not support web enrollment and do not expose CertSvc via RPC? @qtc_de has you covered and added functionality to use DCOM instead of good old RPC #redteaming
🔗 https://github.com/ly4k/Certipy/pull/201
🐥 [ tweet ]
Struggeling to get those precious certificates with #certipy and AD CS instances that do not support web enrollment and do not expose CertSvc via RPC? @qtc_de has you covered and added functionality to use DCOM instead of good old RPC #redteaming
🔗 https://github.com/ly4k/Certipy/pull/201
🐥 [ tweet ]
🔥7
😈 [ Grzegorz Tworek @0gtweet ]
Writable SYSVOL --> Domain Admin:
🔗 http://x.com/i/article/1763673505873240064
🐥 [ tweet ]
Writable SYSVOL --> Domain Admin:
🔗 http://x.com/i/article/1763673505873240064
🐥 [ tweet ]
👍3🔥1🤔1
😈 [ Ninad Mishra @NinadMishra5 ]
Nice blog about Recon Automation using tools like Subfinder, Chaos, Nuclei, Httpx, Notify, and Anew to find bugs and vulnerabilities.
🔗 https://dhiyaneshgeek.github.io/bug/bounty/2020/02/06/recon-with-me/
🐥 [ tweet ]
Nice blog about Recon Automation using tools like Subfinder, Chaos, Nuclei, Httpx, Notify, and Anew to find bugs and vulnerabilities.
🔗 https://dhiyaneshgeek.github.io/bug/bounty/2020/02/06/recon-with-me/
🐥 [ tweet ]
🔥3
😈 [ zimnyaa @zimnyaatishina ]
I’ve tried replicating some basic AD techniques in FreeIPA:
There’s still a lot to explore, so I’ll return to it at some point in the future.
🔗 https://tishina.in/ops/freeipa-postexploitation
🐥 [ tweet ]
I’ve tried replicating some basic AD techniques in FreeIPA:
There’s still a lot to explore, so I’ll return to it at some point in the future.
🔗 https://tishina.in/ops/freeipa-postexploitation
🐥 [ tweet ]
🔥7👍2
😈 [ Thorsten E. @endi24 ]
Script to perform some hardening of Windows OS
by @mackwage
🔗 https://gist.github.com/mackwage/08604751462126599d7e52f233490efe
🐥 [ tweet ]
Script to perform some hardening of Windows OS
by @mackwage
🔗 https://gist.github.com/mackwage/08604751462126599d7e52f233490efe
🐥 [ tweet ]
👍3🔥1🤔1