😈 [ Mayfly @M4yFly ]

New lab 🏰 for the GOAD project 🥳: SCCM
You can now test the SCCM/MECM attacks locally on Virtualbox or Vmware.

More information here:
🔗 https://mayfly277.github.io/posts/SCCM-LAB-part0x0/

Repository here:
🔗 https://github.com/Orange-Cyberdefense/GOAD

Thx again @KenjiEndo15 for your help to building this!

🐥 [ tweet ]

😈 [ eversinc33 🩸🗡️ @eversinc33 ]

New blogpost and small tool release: Wrote a naive anti-rootkit driver that detects mapped drivers, and talk about some bypasses for those detections in part I of my new (anti-)-anti-rootkit series.

More research on rootkit evasion coming soon : )

🔗 https://eversinc33.com/posts/anti-anti-rootkit-part-i/

🐥 [ tweet ]

😈 [ Melvin langvik @Flangvik ]

Had an absolute blast on stream today, thank you so much to everyone who showed up☺ VOD is on YouTube if you missed it👏 Allot of people came with input, so naturally I 100% blame chat for this now OFFICIAL OFFSEC EDR TIER LIST

🔗 https://youtube.com/live/2H-Wlxq1kpo

🐥 [ tweet ]

Kaspersky - B, вы поняли

CVE-2024-1086 Linux kernel LPE

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

A full write-up of the exploit - including background information and loads of useful diagrams - can be found in the Flipping Pages blogpost.

😈 [ The Haag™ @M_haggis ]

Code blocks are free!!!

🔗 https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader

🐥 [ tweet ]

😈 [ Nettitude Labs @Nettitude_Labs ]

Introducing SharpConflux, a .NET tool built to facilitate Confluence exploration during Red Team engagements.

Find out more and download SharpConflux in our latest LRQA Nettitude Labs article.

🔗 https://labs.nettitude.com/blog/introducing-sharpconflux/

🐥 [ tweet ]

😈 [ Zoro @Evi1cg ]

atexec-pro

🔗 https://github.com/ridter/atexec-pro
🔗 https://www.zcgonvh.com/post/Advanced_Windows_Task_Scheduler_Playbook-Part.3_from_RPC_to_lateral_movement.html

🐥 [ tweet ]

люблю такой креатив

😈 [ Cody Thomas @its_a_feature_ ]

I created a draft blog post that goes over the general concepts for making changes to agents, Mythic, and even Mythic's UI. If there's something specific you're hoping to see though, let me know and I can probably add it!

🔗 https://medium.com/@its_a_feature_/agent-customization-in-mythic-tailoring-tools-for-red-team-needs-1746fd02177f

🐥 [ tweet ]

😈 [ Andrew Oliveau @AndrewOliveau ]

👀👀🫵💥 "SeeSeeYouExec: Windows Session Hijacking via CcmExec"

New @Mandiant Red Team blog explores how SCCM's CcmExec service can be utilized for session hijacking and introduces a new tool, CcmPwn, to weaponize this technique! Defense tips included 🔵

🔗 https://cloud.google.com/blog/topics/threat-intelligence/windows-session-hijacking-via-ccmexec

🐥 [ tweet ]

Пост-эксплуатация Windows с использованием виртуальных VPN-каналов / Обход NAT при пивотинге против Windows

NAT может создать проблемы для пентестера, когда он проводит пивотинг, особенно если мы говорим о скромпрометированных машинах на Windows. В этой статье я продолжу демонстрировать концепцию L2-туннелирования против скомпрометированных машин на Windows, но уже учитывая наличие NAT.

https://teletype.in/@casterbyte/witchhammer
https://teletype.in/@casterbyte/witchhammervip

Thx @casterwire

😈 [ Matt Creel @Tw1sm ]

Been working to improve my BOF/C dev skills, created some BOFs mimicking SQLRecon modules as a fun learning exercise

🔗 https://github.com/Tw1sm/SQL-BOF

🐥 [ tweet ]

😈 [ 0xdf @0xdf_ ]

I learned so much about Kerberos solving Rebound. It was very difficult, but such a great experience. There's Kerberoasting without auth, cross session with RemotePotato0, and abusing delegation, both constrained and RBCD!

🔗 https://0xdf.gitlab.io/2024/03/30/htb-rebound.html
🔗 https://youtu.be/oUIoH4yBT3k?si=EvookdfPJ6wMaCZK

🐥 [ tweet ]

миллион лет уже не был на хтб, но райтап прикольный, где-то выглядит даже жизненно для АДшечки

😈 [ Lsec @lsecqt ]

My blogpost about bypassing AVs via SMB staging is now LIVE:

🔗 https://lsecqt.github.io/Red-Teaming-Army/malware-development/beyond-detection-smb-staging-for-antivirus-evasion/

Let me know if you enjoy such content and if you would want to see more of that in future.

🐥 [ tweet ]

#для_самых_маленьких

😈 [ Octoberfest7 @Octoberfest73 ]

This April Fools Day, I'm excited to release my latest research and blog post from my time at @RedSiege: SSHishing. The name might be a joke, but the technique isn't!

Read the details here:

🔗 https://redsiege.com/sshishing

🐥 [ tweet ]

😈 [ Cipher007 @xCipher007 ]

It's my first payload Loader with my learnings from @MalDevAcademy ! Check it out:

🔗 https://github.com/Cipher7/ChaiLdr

🐥 [ tweet ]