Forwarded from PT SWARM
🇻🇳 The Positive Hack Talks in Vietnam has finished!
Slides from our researcher Arseniy Sharoglazov: https://static.ptsecurity.com/events/exch-vietnam.pdf
Wordlist: https://github.com/mohemiv/dodgypass
🎁 Includes a PoC for MyQ Unauthenticated RCE! (CVE-2024-28059)
Slides from our researcher Arseniy Sharoglazov: https://static.ptsecurity.com/events/exch-vietnam.pdf
Wordlist: https://github.com/mohemiv/dodgypass
🎁 Includes a PoC for MyQ Unauthenticated RCE! (CVE-2024-28059)
🔥6👍4
Offensive Xwitter
😈 [ Synacktiv @Synacktiv ] Oh, you didn't know? Cool kids are now relaying Kerberos over SMB 😏 Check out our latest blogpost by @hugow_vincent to discover how to perform this attack: 🔗 https://www.synacktiv.com/publications/relaying-kerberos-over-smb-using…
😈 [ Synacktiv @Synacktiv ]
You can now relay any protocol to SMB over Kerberos with krbrelayx[.]py and the latest PRs from @hugow_vincent.
Thanks @_dirkjan for merging it!
Here is an example from SMB to SMB:
🔗 https://github.com/dirkjanm/krbrelayx/pull/46
🐥 [ tweet ]
You can now relay any protocol to SMB over Kerberos with krbrelayx[.]py and the latest PRs from @hugow_vincent.
Thanks @_dirkjan for merging it!
Here is an example from SMB to SMB:
🔗 https://github.com/dirkjanm/krbrelayx/pull/46
🐥 [ tweet ]
🔥9
😈 [ Petr Beneš @PetrBenes ]
Another blog post, yay!
This time about how MASM makes up section names that might mess up the intended order of your code.
Of course, it's not documented anywhere.
🔗 https://wbenny.github.io/2024/12/08/section-order-masm-text-mn-subsection.html
🐥 [ tweet ]
Another blog post, yay!
This time about how MASM makes up section names that might mess up the intended order of your code.
Of course, it's not documented anywhere.
🔗 https://wbenny.github.io/2024/12/08/section-order-masm-text-mn-subsection.html
🐥 [ tweet ]
😈 [ Elastic Security Labs @elasticseclabs ]
#ElasticSecurityLabs has discovered PUMAKIT, a new #linux #malware with advanced stealth mechanisms. The kernel rootkit is capable of privilege escalation, anti-debugging measures, and more. Get the details here:
🔗 https://www.elastic.co/security-labs/declawing-pumakit/
🐥 [ tweet ]
#ElasticSecurityLabs has discovered PUMAKIT, a new #linux #malware with advanced stealth mechanisms. The kernel rootkit is capable of privilege escalation, anti-debugging measures, and more. Get the details here:
🔗 https://www.elastic.co/security-labs/declawing-pumakit/
🐥 [ tweet ]
👍5
😈 [ Tim Willis @itswillis ]
Finding 0day is not the most impactful thing that Project Zero does 😲 — it's sharing knowledge 🧠. One part of that sharing is our tooling work to help other devs and reserachers.
Today's installment, @tiraniddo's updated OleView[.]NET 👍
Blog:
🔗 https://googleprojectzero.blogspot.com/2024/12/windows-tooling-updates-oleviewnet.html
🐥 [ tweet ]
Finding 0day is not the most impactful thing that Project Zero does 😲 — it's sharing knowledge 🧠. One part of that sharing is our tooling work to help other devs and reserachers.
Today's installment, @tiraniddo's updated OleView[.]NET 👍
Blog:
🔗 https://googleprojectzero.blogspot.com/2024/12/windows-tooling-updates-oleviewnet.html
🐥 [ tweet ]
🔥6👍2🍌2
Forwarded from Positive Technologies
This media is not supported in your browser
VIEW IN TELEGRAM
В октябре мы объявили о разработке нового продукта PT Dephaze для автоматической проверки защищенности инфраструктуры и тестирования на проникновение.
Запустить продукт мы планируем в феврале 2025 года, а сейчас готовы поделиться с вами промежуточными результатами и показать, какие инструменты и техники будут применяться для проведения пентестов.
На трансляции вы увидите, как продукт:
В конце трансляции подробно расскажем о коммерческом запуске и старте пилотных проектов PT Dephaze.
#PTDephaze
@Positive_Technologies
Please open Telegram to view this post
VIEW IN TELEGRAM
🥱20👍6🔥4
😈 [ DeLuks @0xDeLuks ]
After a few weeks of work, here it is, the packer blog-post. Enjoy! :D
🔗 https://deluks2006.github.io/posts/snowy-days-and-the-malware-packing-ways/
🐥 [ tweet ]
After a few weeks of work, here it is, the packer blog-post. Enjoy! :D
🔗 https://deluks2006.github.io/posts/snowy-days-and-the-malware-packing-ways/
🐥 [ tweet ]
👍5
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ 𝙻𝚊𝚠𝚛𝚎𝚗𝚌𝚎 @zux0x3a ]
I have finally released ZigStrike toolkit I was working on it, which is written in zig. it comes with several injection methods and neat web portal to select and build desired payload.
give it a try, I used one of its technique to bypass MDE (detailed in a blog).
Blog:
🔗 https://kpmg.com/nl/en/home/insights/2024/12/zig-strike-the-ultimate-toolkit-for-payload-creation-and-evasion.html
Code:
🔗 https://github.com/0xsp-SRD/ZigStrike
🐥 [ tweet ]
I have finally released ZigStrike toolkit I was working on it, which is written in zig. it comes with several injection methods and neat web portal to select and build desired payload.
give it a try, I used one of its technique to bypass MDE (detailed in a blog).
Blog:
🔗 https://kpmg.com/nl/en/home/insights/2024/12/zig-strike-the-ultimate-toolkit-for-payload-creation-and-evasion.html
Code:
🔗 https://github.com/0xsp-SRD/ZigStrike
🐥 [ tweet ]
👍11🔥5
😈 [ TrustedSec @TrustedSec ]
For the next installment in his malware blog series, Principal Security Consultant @_snus walks us through using shared memory sections to inject and execute code in a remote process. Read it now!
🔗 https://trustedsec.com/blog/malware-series-process-injection-mapped-sections/
🐥 [ tweet ]
For the next installment in his malware blog series, Principal Security Consultant @_snus walks us through using shared memory sections to inject and execute code in a remote process. Read it now!
🔗 https://trustedsec.com/blog/malware-series-process-injection-mapped-sections/
🐥 [ tweet ]
🔥4👍2
😈 [ Jonathan Beierle @hullabrian ]
This is some research that @_logangoins and I have been working on! It covers disabling EDR with WDAC and provides an overview of potential detection and mitigation techniques, as well as a custom tool to perform the attack remotely.
🔗 https://beierle.win/2024-12-20-Weaponizing-WDAC-Killing-the-Dreams-of-EDR/
🐥 [ tweet ]
This is some research that @_logangoins and I have been working on! It covers disabling EDR with WDAC and provides an overview of potential detection and mitigation techniques, as well as a custom tool to perform the attack remotely.
🔗 https://beierle.win/2024-12-20-Weaponizing-WDAC-Killing-the-Dreams-of-EDR/
🐥 [ tweet ]
🔥10👍3
😈 [ Alex Neff @al3x_n3ff ]
A lot of cool new features for the MSSQL protocol just got merged into NetExec🔥
- RID brute forcing, made by @Adamkadaban
- MSSQL coercion, made by @lodos2005
- 6 new modules abusing MSSQL trusted links, made by deathflamingo
🐥 [ tweet ]
A lot of cool new features for the MSSQL protocol just got merged into NetExec🔥
- RID brute forcing, made by @Adamkadaban
- MSSQL coercion, made by @lodos2005
- 6 new modules abusing MSSQL trusted links, made by deathflamingo
🐥 [ tweet ]
👍17🔥8
😈 [ Simon @TheCyberSimon ]
Greetings Hackers on the web.
For the hackers out there ricing their Linux and crushing @hackthebox_eu challenges, here’s a slick HackTheBox-themed i3 setup.
Credit: BotnetBuddies
Repo:
🔗 https://github.com/botnetbuddies/hackthebox-themes
🐥 [ tweet ]
Greetings Hackers on the web.
For the hackers out there ricing their Linux and crushing @hackthebox_eu challenges, here’s a slick HackTheBox-themed i3 setup.
Credit: BotnetBuddies
Repo:
🔗 https://github.com/botnetbuddies/hackthebox-themes
🐥 [ tweet ]
🔥10👍1
😈 [ Matcluck @doopsec ]
Just released SCCMHound! A BloodHound collector for SCCM. SCCMHound allows both attackers and defenders to construct BloodHound datasets using the vast
amount of information that is stored/retrievable through SCCM. Feel free to take it for a spin!
🔗 https://github.com/CrowdStrike/sccmhound
🐥 [ tweet ]
Just released SCCMHound! A BloodHound collector for SCCM. SCCMHound allows both attackers and defenders to construct BloodHound datasets using the vast
amount of information that is stored/retrievable through SCCM. Feel free to take it for a spin!
🔗 https://github.com/CrowdStrike/sccmhound
🐥 [ tweet ]
👍13🤔4🥱1
😈 [ sixtyvividtails @sixtyvividtails ]
Small gift for you! 🔺🟦🔺
Code to reliably stop almost any 3rd party Windows security system, via
No privileges needed at all, user rights are enough. Shall work on most OS: 10 22H2, 11 24H2, WS2022.
But: it requires CI policies (e.g. HVCI/UMCI on).
🐥 [ tweet ]
Small gift for you! 🔺🟦🔺
Code to reliably stop almost any 3rd party Windows security system, via
ci!CiValidateFileAsImageType.No privileges needed at all, user rights are enough. Shall work on most OS: 10 22H2, 11 24H2, WS2022.
But: it requires CI policies (e.g. HVCI/UMCI on).
🐥 [ tweet ]
😢3
😈 [ CCob🏴 @_EthicalChaos_ ]
Sorry folks, I had to remove the Disconnected GPO project from GitHub... but never fear, it has returned as Disconnected RSAT since it now supports the Certificate Authority and Certificate Templates snap-ins in addition to Group Policy support.
🔗 https://github.com/CCob/DRSAT
🐥 [ tweet ]
Sorry folks, I had to remove the Disconnected GPO project from GitHub... but never fear, it has returned as Disconnected RSAT since it now supports the Certificate Authority and Certificate Templates snap-ins in addition to Group Policy support.
🔗 https://github.com/CCob/DRSAT
🐥 [ tweet ]
🔥6👍3
😈 [ НЁХ-редактор @apismenny ]
Титаническими усилиями, отбиваясь от затягивающего Balatro и остатков работы дописал таки новогоднюю колонку!
🔗 https://xakep.ru/2024/12/28/xakep-2024/
🐥 [ tweet ]
Титаническими усилиями, отбиваясь от затягивающего Balatro и остатков работы дописал таки новогоднюю колонку!
🔗 https://xakep.ru/2024/12/28/xakep-2024/
🐥 [ tweet ]
👍4
Эти ваши сексы конечно круто, но пробовали ли вы это чувство финализации драфта по результатам успешно завершенной трехмесячной RT-операции глубокой ночью 30-го декабря под Сожжение Хром в наушниках? Удивительно, как близко к реальности Гибсон в далеком 1982 смог описать характерные черты настоящего (пусть даже симулированного в этичной манере) секьюрити брича, будучи при этом, по его словам, максимально далеким от хакинга (да и в целом от компьютеров) парнем.
Бесконечный респект моим любимым коллегам из @ptswarm, и всех с наступающим!🎄
Бесконечный респект моим любимым коллегам из @ptswarm, и всех с наступающим!
Please open Telegram to view this post
VIEW IN TELEGRAM
🎄30👍9🥱1
😈 [ BlackSnufkin @BlackSnufkin42 ]
Tired of switching tools for payload testing? LitterBox - bringing Moneta, PE-sieve & more into one unified platform.
🔗 https://github.com/BlackSnufkin/LitterBox
🐥 [ tweet ]
Tired of switching tools for payload testing? LitterBox - bringing Moneta, PE-sieve & more into one unified platform.
🔗 https://github.com/BlackSnufkin/LitterBox
🐥 [ tweet ]
👍6
😈 [ Burak Karaduman @krdmnbrk ]
Excited to share my new project: AttackRuleMap
This project maps #AtomicRedTeam simulations to open-source detection rules like #SigmaRules and #Splunk ESCU rules (maybe more in the future).
Currently for Windows, with plans to support more platforms.
🔗 https://attackrulemap.netlify.app/
🐥 [ tweet ]
Excited to share my new project: AttackRuleMap
This project maps #AtomicRedTeam simulations to open-source detection rules like #SigmaRules and #Splunk ESCU rules (maybe more in the future).
Currently for Windows, with plans to support more platforms.
🔗 https://attackrulemap.netlify.app/
🐥 [ tweet ]
👍10🔥5