Offensive Xwitter
📢 Команда PT SWARM в поисках своего оффенсив-разработчика! Заниматься будем поддержкой существующего внутреннего инструментария команды, а также разрабатывать новый для закрытия проектов, важным аспектом которых является уклонения от систем обнаружения и…
Мое направление разработки для редтим-проектов в Positive Technologies постепенно укомплектовывается спецами по "среднеуровневым" языкам (СИшники, привет), однако потребность в разработчике под .NET Framework/Core (+Mono) и Python все еще есть. Люди в чате, которые понимают CLR, прогают на Offensive C#, хорошо ориентируются в кодовой базе Impacket и хорошо умеют в питухон в целом, welcome на собес, у нас много печенек 😉
Оригинальная вакуха вот туть (будет правиться с учетом новых потребностей выше) 👉🏻 https://hh.ru/vacancy/91158970
ТАКЖЕ у нас не хватает крутых социальных инженеров, поэтому если больше нравится не писать уклонения от АВ, а пентестить человеческий фактор под руководством Константина, милости просим сюда 👉🏻 https://hh.ru/vacancy/101255681
По первой вакухе писать можно мне (@snovvcrash) или Артему (@Gorefield), по второй - Артему
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥4🥱1
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ Samir @SBousseaden ]
Elastic Security Labs has discovered a new method for initial access and evasion in the wild, termed #GrimResource, which involves arbitrary execution in mmc.exe through a crafted MSC file.
🔗 https://www.elastic.co/security-labs/grimresource
🔗 https://gist.github.com/joe-desimone/2b0bbee382c9bdfcac53f2349a379fa4
🐥 [ tweet ]
Elastic Security Labs has discovered a new method for initial access and evasion in the wild, termed #GrimResource, which involves arbitrary execution in mmc.exe through a crafted MSC file.
🔗 https://www.elastic.co/security-labs/grimresource
🔗 https://gist.github.com/joe-desimone/2b0bbee382c9bdfcac53f2349a379fa4
🐥 [ tweet ]
👍6🔥4😁1🥱1
😈 [ @guidepointsec @GuidePointSec ]
[BLOG] Marshall Price, @GuidePointSec, digs into the risks of compromised #SCCM admin accounts. Learn how attackers can use these privileges to compromise entire networks and best practices to protect your infrastructure.
🔗 https://www.guidepointsecurity.com/blog/sccm-exploitation-evading-defenses-and-moving-laterally-with-sccm-application-deployment/
🐥 [ tweet ]
[BLOG] Marshall Price, @GuidePointSec, digs into the risks of compromised #SCCM admin accounts. Learn how attackers can use these privileges to compromise entire networks and best practices to protect your infrastructure.
🔗 https://www.guidepointsecurity.com/blog/sccm-exploitation-evading-defenses-and-moving-laterally-with-sccm-application-deployment/
🐥 [ tweet ]
🔥5
Offensive Xwitter pinned «⚠️ "Tonight, Gehrman joins snovvcrash continues the hunt..." Мое направление разработки для редтим-проектов в Positive Technologies постепенно укомплектовывается спецами по "среднеуровневым" языкам (СИшники, привет), однако потребность в разработчике под…»
😈 [ Alisa Esage Шевченко @alisaesage ]
Everyone who doesn’t like me sucks and is a bad person
🐥 [ tweet ]
Everyone who doesn’t like me sucks and is a bad person
🐥 [ tweet ]
current mood😁11🔥3🥱3🤯2
😈 [ NULL @NUL0x4C ]
FetchPayloadFromDummyFile: A tool to obfuscate your payload while reducing entropy by converting the payload to arrays of offsets.
🔗 https://github.com/NUL0x4C/FetchPayloadFromDummyFile
🐥 [ tweet ]
FetchPayloadFromDummyFile: A tool to obfuscate your payload while reducing entropy by converting the payload to arrays of offsets.
🔗 https://github.com/NUL0x4C/FetchPayloadFromDummyFile
🐥 [ tweet ]
🔥7👍1
😈 [ X-C3LL @TheXC3LL ]
You can find my slides for "Offensive VBA" talk here
🔗 https://github.com/X-C3LL/congresos-slides/blob/master/Offensive%20VBA.pdf
🐥 [ tweet ]
You can find my slides for "Offensive VBA" talk here
🔗 https://github.com/X-C3LL/congresos-slides/blob/master/Offensive%20VBA.pdf
🐥 [ tweet ]
👍7🔥1🍌1
😈 [ Daniel @0x64616e ]
Added support for LAPSv2 to BloodHound[.]py:
🔗 https://github.com/dirkjanm/BloodHound.py/pull/159
🐥 [ tweet ]
Added support for LAPSv2 to BloodHound[.]py:
🔗 https://github.com/dirkjanm/BloodHound.py/pull/159
🐥 [ tweet ]
🔥6
😈 [ Lsec @lsecqt ]
I created a blog-post about MSSQL relay attack. Hope you enjoy and find this useful:
🔗 https://lsecqt.github.io/Red-Teaming-Army/active-directory/compromising-mssql-databases-by-relaying/
🐥 [ tweet ]
I created a blog-post about MSSQL relay attack. Hope you enjoy and find this useful:
🔗 https://lsecqt.github.io/Red-Teaming-Army/active-directory/compromising-mssql-databases-by-relaying/
🐥 [ tweet ]
👍6🔥2
😈 [ S3cur3Th1sSh1t @ShitSecure ]
Didn't check the code yet, but looks like SilverPotato and CertifiedDCOM have a working public weaponized tool by now:
🔗 https://github.com/CICADA8-Research/RemoteKrbRelay
That's huge news from my perspective🔥
🐥 [ tweet ]
Didn't check the code yet, but looks like SilverPotato and CertifiedDCOM have a working public weaponized tool by now:
🔗 https://github.com/CICADA8-Research/RemoteKrbRelay
That's huge news from my perspective🔥
🐥 [ tweet ]
дежавю, где-то я это уже видел... whatever🔥9👍4🥱1
😈 [ HADESS @Hadess_security ]
64 Methods For Execute Mimikatz
🔗 https://redteamrecipe.com/64-methods-for-execute-mimikatzrtc0003
🐥 [ tweet ]
64 Methods For Execute Mimikatz
🔗 https://redteamrecipe.com/64-methods-for-execute-mimikatzrtc0003
🐥 [ tweet ]
🥱8👍6🔥1
😈 [ Balthasar @BalthasarMartin ]
Today at #Troopers24 we released Certiception – the ADCS honeypot we always wanted to have.
Blog:
🔗 https://srlabs.de/blog-post/certiception-the-adcs-honeypot-we-always-wanted
Source code:
🔗 https://github.com/srlabs/Certiception
Slide deck, including our guide to deception strategy:
🔗 https://github.com/srlabs/Certiception/blob/main/documentation/
🐥 [ tweet ]
Today at #Troopers24 we released Certiception – the ADCS honeypot we always wanted to have.
Blog:
🔗 https://srlabs.de/blog-post/certiception-the-adcs-honeypot-we-always-wanted
Source code:
🔗 https://github.com/srlabs/Certiception
Slide deck, including our guide to deception strategy:
🔗 https://github.com/srlabs/Certiception/blob/main/documentation/
🐥 [ tweet ]
👍1🔥1🤔1
😈 [ Nikhil Mittal @nikhil_mitt ]
"When the hunter becomes the hunted: Using custom callbacks to disable EDRs"
A fantastic blog post by @d1rkmtr that is full of knowledge and a teaser!
🔗 https://www.alteredsecurity.com/post/when-the-hunter-becomes-the-hunted-using-custom-callbacks-to-disable-edrs
🐥 [ tweet ]
"When the hunter becomes the hunted: Using custom callbacks to disable EDRs"
A fantastic blog post by @d1rkmtr that is full of knowledge and a teaser!
🔗 https://www.alteredsecurity.com/post/when-the-hunter-becomes-the-hunted-using-custom-callbacks-to-disable-edrs
🐥 [ tweet ]
🔥6👍1
😈 [ Daniel @0x64616e ]
My friend @mojeda_101 and I had the funny idea to leverage GPO item-level targeting for domain persistence.
🔗 https://pentest.party/posts/2024/persistence-with-wmi-filters/
🐥 [ tweet ]
My friend @mojeda_101 and I had the funny idea to leverage GPO item-level targeting for domain persistence.
🔗 https://pentest.party/posts/2024/persistence-with-wmi-filters/
🐥 [ tweet ]
кому тоже в первую очередь в голову пришло сравнение с port knocking?🔥4🥱1
😈 [ DSAS by INJECT @DevSecAS ]
Active Directory Dumper - ADFind on Python
🔗 https://blog.injectexp.dev/2024/06/30/active-directory-dumper/
🔗 https://blog.injectexp.dev/2024/06/30/active-directory-dumper-2/
🐥 [ tweet ]
Active Directory Dumper - ADFind on Python
🔗 https://blog.injectexp.dev/2024/06/30/active-directory-dumper/
🔗 https://blog.injectexp.dev/2024/06/30/active-directory-dumper-2/
🐥 [ tweet ]
🔥5🍌3
Forwarded from APT
The Qualys Threat Research Unit has discovered a Remote Unauthenticated Code Execution vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387.
The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems.
🔗 Research:
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
🔗 PoC:
https://github.com/7etsuo/cve-2024-6387-poc
#openssh #glibc #rce #cve
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥12
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ Ege Balcı @egeblc ]
New tool drop! 🔥🔥 de-optimizer uses several mathematical approaches for mutating machine code instructions to their functional equivalents. Very good for bypassing rule-based detection without using any RWE memory.
🔗 https://github.com/EgeBalci/deoptimizer
🐥 [ tweet ]
New tool drop! 🔥🔥 de-optimizer uses several mathematical approaches for mutating machine code instructions to their functional equivalents. Very good for bypassing rule-based detection without using any RWE memory.
🔗 https://github.com/EgeBalci/deoptimizer
🐥 [ tweet ]
👍7