😈 [ Octoberfest7 @Octoberfest73 ]
I spent the past couple days playing with and contributing to @R0h1rr1m's Shoggoth project, which can turn PE's and BOF's into PIC. Super cool project, and one that opens up some interesting possibilities 😉
🔗 https://github.com/frkngksl/Shoggoth
🐥 [ tweet ]
I spent the past couple days playing with and contributing to @R0h1rr1m's Shoggoth project, which can turn PE's and BOF's into PIC. Super cool project, and one that opens up some interesting possibilities 😉
🔗 https://github.com/frkngksl/Shoggoth
🐥 [ tweet ]
🔥5
Forwarded from PT SWARM
🏭 We've tested the new RCE in Microsoft Outlook (CVE-2024-21378) in a production environment and confirm it works well!
A brief instruction for red teams:
1. Compile our enhanced DLL;
2. Use NetSPI's ruler and wait!
No back connect required!
🔥 📐📏
A brief instruction for red teams:
1. Compile our enhanced DLL;
2. Use NetSPI's ruler and wait!
No back connect required!
🔥 📐📏
🔥5👍4
😈 [ Andy Gill @ZephrFish ]
My latest post on the @Lares_ Labs blog, is live. It discusses a real-world scenario we observed during a pentest.
🔗 https://labs.lares.com/this-one-time-on-a-pentest/
🐥 [ tweet ]
My latest post on the @Lares_ Labs blog, is live. It discusses a real-world scenario we observed during a pentest.
🔗 https://labs.lares.com/this-one-time-on-a-pentest/
🐥 [ tweet ]
🥱1
Freedom F0x
Message
Мануал по почесыванию ЧСВ:
1. Открываешь рандомный гайд по пенетрестам.
2. Идешь в референсы.
3. Считаешь количество матчей по своему никнейму.
4. If > 0: радуешься, забыв на пару секунд о бренности бытия (else: тильтуешь).
1. Открываешь рандомный гайд по пенетрестам.
2. Идешь в референсы.
3. Считаешь количество матчей по своему никнейму.
4. If > 0: радуешься, забыв на пару секунд о бренности бытия (else: тильтуешь).
😁26👍4🥱1
😈 [ Fabio Assolini @assolini ]
XZ backdoor story – Initial analysis
🔗 https://securelist.com/xz-backdoor-story-part-1/112354/
🐥 [ tweet ]
XZ backdoor story – Initial analysis
🔗 https://securelist.com/xz-backdoor-story-part-1/112354/
🐥 [ tweet ]
👍8
😈 [ Eloy @zer1t0@defcon.social @zer1t0 ]
Shellnova: A template for generating advances Linux shellcodes from c code that resolves libc functions dynamically. Inspired from Windows Stardust of @C5pider.
🔗 https://gitlab.com/Zer1t0/shellnova
🐥 [ tweet ]
Shellnova: A template for generating advances Linux shellcodes from c code that resolves libc functions dynamically. Inspired from Windows Stardust of @C5pider.
🔗 https://gitlab.com/Zer1t0/shellnova
🐥 [ tweet ]
🔥5👍1
😈 [ Rhino Security Labs @RhinoSecurity ]
New Blog Post: CVE-2024-2448: Authenticated Command Injection In Progress Kemp LoadMaster
🔗 https://rhinosecuritylabs.com/research/cve-2024-2448-kemp-loadmaster/
🐥 [ tweet ]
New Blog Post: CVE-2024-2448: Authenticated Command Injection In Progress Kemp LoadMaster
🔗 https://rhinosecuritylabs.com/research/cve-2024-2448-kemp-loadmaster/
🐥 [ tweet ]
👍2🤯1
😈 [ Evan McBroom @mcbroom_evan ]
I just published a blog and tool for the LSA Whisperer work that was presented at the SpecterOps Conference (SOCON) back in March.
If you are interested in getting credentials from LSASS without accessing its memory, check it out!
Blog:
🔗 https://medium.com/specter-ops-posts/lsa-whisperer-20874277ea3b
Tool:
🔗 https://github.com/Meowmycks/LetMeowIn
Crossposted on GH:
🔗 https://gist.github.com/EvanMcBroom/dceb1c7070ee3278eaedd04b42aed279
🐥 [ tweet ]
I just published a blog and tool for the LSA Whisperer work that was presented at the SpecterOps Conference (SOCON) back in March.
If you are interested in getting credentials from LSASS without accessing its memory, check it out!
Blog:
🔗 https://medium.com/specter-ops-posts/lsa-whisperer-20874277ea3b
Tool:
🔗 https://github.com/Meowmycks/LetMeowIn
Crossposted on GH:
🔗 https://gist.github.com/EvanMcBroom/dceb1c7070ee3278eaedd04b42aed279
🐥 [ tweet ]
🔥6
😈 [ Synacktiv @Synacktiv ]
We are starting a new series of blog posts on post-quantum cryptography! Check-out our first article which gives an introduction to modern cryptography concepts.
🔗 https://www.synacktiv.com/en/publications/quantum-readiness-introduction-to-modern-cryptography
🐥 [ tweet ]
We are starting a new series of blog posts on post-quantum cryptography! Check-out our first article which gives an introduction to modern cryptography concepts.
🔗 https://www.synacktiv.com/en/publications/quantum-readiness-introduction-to-modern-cryptography
🐥 [ tweet ]
ничего не понятности пост👍6😁2
😈 [ Synacktiv @Synacktiv ]
In our latest blogpost, @croco_byte presents an often overlooked AD attack surface related to OUs ACLs,with the release of a dedicated exploitation tool, OUned[.]py:
🔗 https://github.com/synacktiv/OUned
🔗 https://www.synacktiv.com/publications/ounedpy-exploiting-hidden-organizational-units-acl-attack-vectors-in-active-directory
🐥 [ tweet ]
In our latest blogpost, @croco_byte presents an often overlooked AD attack surface related to OUs ACLs,with the release of a dedicated exploitation tool, OUned[.]py:
🔗 https://github.com/synacktiv/OUned
🔗 https://www.synacktiv.com/publications/ounedpy-exploiting-hidden-organizational-units-acl-attack-vectors-in-active-directory
🐥 [ tweet ]
👍4
😈 [ soka @pentest_soka ]
I just released a series of 2 blog posts about increasing your stealth capabilities during offensive operations. I hope you will find something useful!
🔗 https://sokarepo.github.io/redteam/2024/01/04/increase-your-stealth-capabilities-part1.html
🔗 https://sokarepo.github.io/redteam/2024/01/04/increase-your-stealth-capabilities-part2.html
🐥 [ tweet ]
I just released a series of 2 blog posts about increasing your stealth capabilities during offensive operations. I hope you will find something useful!
🔗 https://sokarepo.github.io/redteam/2024/01/04/increase-your-stealth-capabilities-part1.html
🔗 https://sokarepo.github.io/redteam/2024/01/04/increase-your-stealth-capabilities-part2.html
🐥 [ tweet ]
🔥6👍1
😈 [ Florian @floesen_ ]
Did you know that LSASS has the ability to execute arbitrary kernel-mode addresses? I wrote a small proof of concept that allows administrators to execute unsigned code in the kernel if LSA Protection is disabled.
🔗 https://github.com/floesen/KExecDD
🐥 [ tweet ]
Did you know that LSASS has the ability to execute arbitrary kernel-mode addresses? I wrote a small proof of concept that allows administrators to execute unsigned code in the kernel if LSA Protection is disabled.
🔗 https://github.com/floesen/KExecDD
🐥 [ tweet ]
🔥7👍1
Forwarded from Red Team Alerts
EvilLsassTwin - PPL Bypass, Fast 12MB In-Memory Dumps
https://ift.tt/N9k5LwS
Discuss on Reddit : https://ift.tt/4bZIEqa
@redteamalerts
https://ift.tt/N9k5LwS
Discuss on Reddit : https://ift.tt/4bZIEqa
@redteamalerts
GitHub
Nimperiments/EvilLsassTwin at main · RePRGM/Nimperiments
Various one-off pentesting projects written in Nim. Updates happen on a whim. - RePRGM/Nimperiments
🔥3
Спасибо за круглое число 🤝
10к и правда много для канала, куда я складываю свой «список для чтения», всех обнимаю❤️
10к и правда много для канала, куда я складываю свой «список для чтения», всех обнимаю
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥18👍3
😈 [ Justin Elze @HackingLZ ]
Talking about lack of public bat builders last week this one has been going for a while
🔗 https://github.com/KDot227/SomalifuscatorV2
🐥 [ tweet ]
Talking about lack of public bat builders last week this one has been going for a while
🔗 https://github.com/KDot227/SomalifuscatorV2
🐥 [ tweet ]
👍2
😈 [ PELock @PELock ]
Most advanced code mutation, obfuscation & reverse engineering resources I have seen in my life, jaw dropped, deserve more recognition @BackEngineerLab @_xeroxz
🔗 https://blog.back.engineering/
🐥 [ tweet ]
Most advanced code mutation, obfuscation & reverse engineering resources I have seen in my life, jaw dropped, deserve more recognition @BackEngineerLab @_xeroxz
🔗 https://blog.back.engineering/
🐥 [ tweet ]
🔥6
😈 [ spencer @techspence ]
Active Directory hardening blog post series, like a boss, by Jerry Devore. Posting this so I can reference it later!
Disabling NTLMv1
🔗 https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-1-disabling-ntlmv1/ba-p/3934787
Removing SMBv1
🔗 https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-2-removing-smbv1/ba-p/3988317
Enforcing LDAP Signing
🔗 https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-3-enforcing-ldap-signing/ba-p/4066233
Enforcing AES for Kerberos
🔗 https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-4-enforcing-aes-for/ba-p/4114965
🐥 [ tweet ]
Active Directory hardening blog post series, like a boss, by Jerry Devore. Posting this so I can reference it later!
Disabling NTLMv1
🔗 https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-1-disabling-ntlmv1/ba-p/3934787
Removing SMBv1
🔗 https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-2-removing-smbv1/ba-p/3988317
Enforcing LDAP Signing
🔗 https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-3-enforcing-ldap-signing/ba-p/4066233
Enforcing AES for Kerberos
🔗 https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-4-enforcing-aes-for/ba-p/4114965
🐥 [ tweet ]
🔥5
😈 [ Soumyani1 @reveng007 ]
Just like LinkedIn, posting the same here too (tradition :))
Those who attended my demo at @BlackHatEvents , if have any questions and stuff please let me know.
Reach out to me in here, my DMs are open! I have uploaded V2 of my DarkWidow at:
🔗 https://github.com/reveng007/DarkWidow
🐥 [ tweet ]
Just like LinkedIn, posting the same here too (tradition :))
Those who attended my demo at @BlackHatEvents , if have any questions and stuff please let me know.
Reach out to me in here, my DMs are open! I have uploaded V2 of my DarkWidow at:
🔗 https://github.com/reveng007/DarkWidow
🐥 [ tweet ]
🔥6👍2