This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ konrad @konradgajdus ]
I made a donut using the C standard library:
🔗 https://github.com/konrad-gajdus/donut
🐥 [ tweet ]
I made a donut using the C standard library:
🔗 https://github.com/konrad-gajdus/donut
🐥 [ tweet ]
красивое🍌15🥱6👍4🤯2🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ Jiří Vinopal @vinopaljiri ]
Inspired by @0gtweet, I created PoC: EXE-or-DLL-or-ShellCode that can be:
Executed as a normal #exe
Loaded as #dll + export function can be invoked
Run via "rundll32.exe"
Executed as #shellcode right from the DOS (MZ) header that works as polyglot stub
🔗 https://github.com/Dump-GUY/EXE-or-DLL-or-ShellCode
🐥 [ tweet ]
Inspired by @0gtweet, I created PoC: EXE-or-DLL-or-ShellCode that can be:
Executed as a normal #exe
Loaded as #dll + export function can be invoked
Run via "rundll32.exe"
Executed as #shellcode right from the DOS (MZ) header that works as polyglot stub
🔗 https://github.com/Dump-GUY/EXE-or-DLL-or-ShellCode
🐥 [ tweet ]
👍5🤔1
😈 [ Sam ☁️🪵 @Sam0x90 ]
Interesting ZIP trick with
zip > docx LNK > ftp.exe > disguised pythonw.exe > CS shellcode
🔗 https://www.ctfiot.com/203334.html
🐥 [ tweet ]
Interesting ZIP trick with
__Macosx__ folder and LNK executing ftp noscript to execute embedded pythonw.exe zip > docx LNK > ftp.exe > disguised pythonw.exe > CS shellcode
🔗 https://www.ctfiot.com/203334.html
🐥 [ tweet ]
👍10
😈 [ Het Mehta @hetmehtaa ]
Reversing a VPN client to hijack sessions
🔗 https://rotarydrone.medium.com/decrypting-and-replaying-vpn-cookies-4a1d8fc7773e
🐥 [ tweet ]
Reversing a VPN client to hijack sessions
🔗 https://rotarydrone.medium.com/decrypting-and-replaying-vpn-cookies-4a1d8fc7773e
🐥 [ tweet ]
🔥9
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ John Hammond @_JohnHammond ]
Well, this was a stupid insomnia project, but... 😂
Playground code is here:
🔗 https://github.com/JohnHammond/recaptcha-phish
🐥 [ tweet ][ quote ]
Well, this was a stupid insomnia project, but... 😂
Playground code is here:
🔗 https://github.com/JohnHammond/recaptcha-phish
🐥 [ tweet ][ quote ]
завирусилось, прикольно😁18👍1🥱1
Offensive Xwitter
😈 [ Jiří Vinopal @vinopaljiri ] Inspired by @0gtweet, I created PoC: EXE-or-DLL-or-ShellCode that can be: Executed as a normal #exe Loaded as #dll + export function can be invoked Run via "rundll32.exe" Executed as #shellcode right from the DOS (MZ) header…
😈 [ Kurosh Dabbagh @_Kudaes_ ]
Somebody asked if you can run a dll directly without rundll32 as you would do with an exe. You just need to remove the IMAGE_FILE_DLL flag from IMAGE_FILE_HEADER->Characteristics, which can be done with the option -e. Don't see much use for it tho ^^
🔗 https://github.com/Kudaes/CustomEntryPoint
🐥 [ tweet ]
Somebody asked if you can run a dll directly without rundll32 as you would do with an exe. You just need to remove the IMAGE_FILE_DLL flag from IMAGE_FILE_HEADER->Characteristics, which can be done with the option -e. Don't see much use for it tho ^^
🔗 https://github.com/Kudaes/CustomEntryPoint
🐥 [ tweet ]
👍18
😈 [ Usman Sikander @UsmanSikander13 ]
Basics to advanced process injection. Covering 25 techniques:
🔗 https://github.com/Offensive-Panda/ProcessInjectionTechniques
🐥 [ tweet ]
Basics to advanced process injection. Covering 25 techniques:
🔗 https://github.com/Offensive-Panda/ProcessInjectionTechniques
🐥 [ tweet ]
👍14
😈 [ Aleem Ladha @LadhaAleem ]
I've fully automated the lab used for @_leHACK_ Active Directory 2024 workshop done by @mpgn_x64 and it's available for everyone ! 🔥
Also big kudos to @M4yFly for the playbooks and NetExec dev teams for this awesome tool !
Hope you enjoy, more to come
🔗 https://github.com/Pennyw0rth/NetExec-Lab
🐥 [ tweet ]
I've fully automated the lab used for @_leHACK_ Active Directory 2024 workshop done by @mpgn_x64 and it's available for everyone ! 🔥
Also big kudos to @M4yFly for the playbooks and NetExec dev teams for this awesome tool !
Hope you enjoy, more to come
🔗 https://github.com/Pennyw0rth/NetExec-Lab
🐥 [ tweet ]
👍9🔥7🤔2🤯2
😈 [ Koen Van Impe ☕ @cudeso ]
Interesting approach shared by @Wietze on manipulating
🔗 https://www.wietzebeukema.nl/blog/why-bother-with-argv0
🐥 [ tweet ]
Interesting approach shared by @Wietze on manipulating
argv[0] to mislead security tools and analysts. A clever tactic for obfuscation!🔗 https://www.wietzebeukema.nl/blog/why-bother-with-argv0
🐥 [ tweet ]
👍12🔥1🤯1
😈 [ Nikhil Hegde @ka1do9 ]
In this one, I go into great detail about how malware walks the Process Environment Block (PEB) to find particular DLLs and parses their export table to find address of functions.
🔗 https://nikhilh-20.github.io/blog/peb_phobos_ransomware/
🐥 [ tweet ]
In this one, I go into great detail about how malware walks the Process Environment Block (PEB) to find particular DLLs and parses their export table to find address of functions.
🔗 https://nikhilh-20.github.io/blog/peb_phobos_ransomware/
🐥 [ tweet ]
👍9🔥6
😈 [ Justin Elze @HackingLZ ]
Pwning C2 frameworks
🔗 https://blog.includesecurity.com/2024/09/vulnerabilities-in-open-source-c2-frameworks/
🐥 [ tweet ]
Pwning C2 frameworks
🔗 https://blog.includesecurity.com/2024/09/vulnerabilities-in-open-source-c2-frameworks/
🐥 [ tweet ]
👍6🔥3
😈 [ konrad @konradgajdus ]
From Theory to Code: Implementing a Neural Network in 200 Lines of C
🔗 http://x.com/i/article/1837064930832404482
🐥 [ tweet ]
From Theory to Code: Implementing a Neural Network in 200 Lines of C
🔗 http://x.com/i/article/1837064930832404482
🐥 [ tweet ]
🤯3
😈 [ Orange Cyberdefense Switzerland @orangecyberch ]
💻🛡️ In this series of blog posts, Clément Labro (itm4n) one of our ethical hacker, explores yet another avenue for bypassing LSA Protection in Userland.
Blog series:
🔗 https://itm4n.github.io/ghost-in-the-ppl-part-1/
🔗 https://itm4n.github.io/ghost-in-the-ppl-part-2/
🔗 https://itm4n.github.io/ghost-in-the-ppl-part-3/
Code:
🔗 https://github.com/itm4n/PPLrevenant
🔗 https://github.com/itm4n/Pentest-Windows/tree/main/NdrServerCallAll
🐥 [ tweet ]
💻🛡️ In this series of blog posts, Clément Labro (itm4n) one of our ethical hacker, explores yet another avenue for bypassing LSA Protection in Userland.
Blog series:
🔗 https://itm4n.github.io/ghost-in-the-ppl-part-1/
🔗 https://itm4n.github.io/ghost-in-the-ppl-part-2/
🔗 https://itm4n.github.io/ghost-in-the-ppl-part-3/
Code:
🔗 https://github.com/itm4n/PPLrevenant
🔗 https://github.com/itm4n/Pentest-Windows/tree/main/NdrServerCallAll
🐥 [ tweet ]
👍10🔥3
😈 [ Remko Weijnen @RemkoWeijnen ]
Proof of Concept to leverage Windows App to create an LSASS dump
🔗 https://github.com/rweijnen/createdump
🐥 [ tweet ]
Proof of Concept to leverage Windows App to create an LSASS dump
🔗 https://github.com/rweijnen/createdump
🐥 [ tweet ]
🥱5🔥4👍1
😈 [ DSAS by INJECT @DevSecAS ]
Recursive Loader
Explanation of code: The following code is inspired by APT Linux/Kobalos. Kobalos was malware, suspected to be tied to the Chinese government, which was fully recursive. It was novel malware.
🔗 https://github.com/Evi1Grey5/Recursive-Loader
🐥 [ tweet ]
Recursive Loader
Explanation of code: The following code is inspired by APT Linux/Kobalos. Kobalos was malware, suspected to be tied to the Chinese government, which was fully recursive. It was novel malware.
🔗 https://github.com/Evi1Grey5/Recursive-Loader
🐥 [ tweet ]
👍11
😈 [ Will @BushidoToken ]
I am happy to share another new resource I recently made called The Russian APT Tool Matrix 🇷🇺
🔗 https://blog.bushidotoken.net/2024/09/the-russian-apt-tool-matrix.html
🔗 https://github.com/BushidoUK/Russian-APT-Tool-Matrix
🐥 [ tweet ]
I am happy to share another new resource I recently made called The Russian APT Tool Matrix 🇷🇺
🔗 https://blog.bushidotoken.net/2024/09/the-russian-apt-tool-matrix.html
🔗 https://github.com/BushidoUK/Russian-APT-Tool-Matrix
🐥 [ tweet ]
ищем себя, пацаны👍8🥱6😁3🍌3😢1
😈 [ Check Point Research @_CPResearch_ ]
10 years of DLL hijacking - featuring abused executables that shouldn't have existed, exported and malicious DLLs with discount bin "packing." Includes a PoC for app developers to pre-emptively stop hijacking without dealing with a certificate authority.
🔗 https://research.checkpoint.com/2024/10-years-of-dll-hijacking-and-what-we-can-do-to-prevent-10-more/
🐥 [ tweet ]
10 years of DLL hijacking - featuring abused executables that shouldn't have existed, exported and malicious DLLs with discount bin "packing." Includes a PoC for app developers to pre-emptively stop hijacking without dealing with a certificate authority.
🔗 https://research.checkpoint.com/2024/10-years-of-dll-hijacking-and-what-we-can-do-to-prevent-10-more/
🐥 [ tweet ]
👍6
😈 [ Fox-IT @foxit ]
Check out our latest blog from our Red Team about EDR evasion through malware virtualisation:
🔗 https://blog.fox-it.com/2024/09/25/red-teaming-in-the-age-of-edr-evasion-of-endpoint-detection-through-malware-virtualisation/
🐥 [ tweet ]
Check out our latest blog from our Red Team about EDR evasion through malware virtualisation:
🔗 https://blog.fox-it.com/2024/09/25/red-teaming-in-the-age-of-edr-evasion-of-endpoint-detection-through-malware-virtualisation/
🐥 [ tweet ]
🔥2
This media is not supported in your browser
VIEW IN TELEGRAM
UnderConf. От сообщества – для сообщества
Keynote-спикеры и докладчики крупных конференций, авторы ваших любимых телеграм-каналов про ИБ, ведущие самых известных воркшопов и легенды индустрии в одном месте – на UnderConf, 29.09.
@crytech7, Сергей Голованов a.k.a. @sk1ks, @n0nvme и другие представят свои последние разработки и исследования, а Сергей Норд, локпикеры Autopsy Will Tell и хардварщики “Танец Роботов” параллельно проведут для вас топовые воркшопы.
На конференции также будет развернута лаборатория Pentest Lab, где можно будет разобраться в сценариях различных атак на части сетевой инфраструктуры компании.
В середине дня пройдут дебаты между Алексеем Гришиным и @i_bo0om о том, как расходятся интересы специалистов и бизнеса.
Подробная программа уже доступна на сайте.
Канал | Чат
Keynote-спикеры и докладчики крупных конференций, авторы ваших любимых телеграм-каналов про ИБ, ведущие самых известных воркшопов и легенды индустрии в одном месте – на UnderConf, 29.09.
@crytech7, Сергей Голованов a.k.a. @sk1ks, @n0nvme и другие представят свои последние разработки и исследования, а Сергей Норд, локпикеры Autopsy Will Tell и хардварщики “Танец Роботов” параллельно проведут для вас топовые воркшопы.
На конференции также будет развернута лаборатория Pentest Lab, где можно будет разобраться в сценариях различных атак на части сетевой инфраструктуры компании.
В середине дня пройдут дебаты между Алексеем Гришиным и @i_bo0om о том, как расходятся интересы специалистов и бизнеса.
Подробная программа уже доступна на сайте.
Канал | Чат
Не рекламы ради, а просто поделиться, куда я решил заглянуть в честь начала отпуска👍5🥱1