😈 [ Jonathan Beierle @hullabrian ]
This is some research that @_logangoins and I have been working on! It covers disabling EDR with WDAC and provides an overview of potential detection and mitigation techniques, as well as a custom tool to perform the attack remotely.
🔗 https://beierle.win/2024-12-20-Weaponizing-WDAC-Killing-the-Dreams-of-EDR/
🐥 [ tweet ]
This is some research that @_logangoins and I have been working on! It covers disabling EDR with WDAC and provides an overview of potential detection and mitigation techniques, as well as a custom tool to perform the attack remotely.
🔗 https://beierle.win/2024-12-20-Weaponizing-WDAC-Killing-the-Dreams-of-EDR/
🐥 [ tweet ]
🔥10👍3
😈 [ Alex Neff @al3x_n3ff ]
A lot of cool new features for the MSSQL protocol just got merged into NetExec🔥
- RID brute forcing, made by @Adamkadaban
- MSSQL coercion, made by @lodos2005
- 6 new modules abusing MSSQL trusted links, made by deathflamingo
🐥 [ tweet ]
A lot of cool new features for the MSSQL protocol just got merged into NetExec🔥
- RID brute forcing, made by @Adamkadaban
- MSSQL coercion, made by @lodos2005
- 6 new modules abusing MSSQL trusted links, made by deathflamingo
🐥 [ tweet ]
👍17🔥8
😈 [ Simon @TheCyberSimon ]
Greetings Hackers on the web.
For the hackers out there ricing their Linux and crushing @hackthebox_eu challenges, here’s a slick HackTheBox-themed i3 setup.
Credit: BotnetBuddies
Repo:
🔗 https://github.com/botnetbuddies/hackthebox-themes
🐥 [ tweet ]
Greetings Hackers on the web.
For the hackers out there ricing their Linux and crushing @hackthebox_eu challenges, here’s a slick HackTheBox-themed i3 setup.
Credit: BotnetBuddies
Repo:
🔗 https://github.com/botnetbuddies/hackthebox-themes
🐥 [ tweet ]
🔥10👍1
😈 [ Matcluck @doopsec ]
Just released SCCMHound! A BloodHound collector for SCCM. SCCMHound allows both attackers and defenders to construct BloodHound datasets using the vast
amount of information that is stored/retrievable through SCCM. Feel free to take it for a spin!
🔗 https://github.com/CrowdStrike/sccmhound
🐥 [ tweet ]
Just released SCCMHound! A BloodHound collector for SCCM. SCCMHound allows both attackers and defenders to construct BloodHound datasets using the vast
amount of information that is stored/retrievable through SCCM. Feel free to take it for a spin!
🔗 https://github.com/CrowdStrike/sccmhound
🐥 [ tweet ]
👍13🤔4🥱1
😈 [ sixtyvividtails @sixtyvividtails ]
Small gift for you! 🔺🟦🔺
Code to reliably stop almost any 3rd party Windows security system, via
No privileges needed at all, user rights are enough. Shall work on most OS: 10 22H2, 11 24H2, WS2022.
But: it requires CI policies (e.g. HVCI/UMCI on).
🐥 [ tweet ]
Small gift for you! 🔺🟦🔺
Code to reliably stop almost any 3rd party Windows security system, via
ci!CiValidateFileAsImageType.No privileges needed at all, user rights are enough. Shall work on most OS: 10 22H2, 11 24H2, WS2022.
But: it requires CI policies (e.g. HVCI/UMCI on).
🐥 [ tweet ]
😢3
😈 [ CCob🏴 @_EthicalChaos_ ]
Sorry folks, I had to remove the Disconnected GPO project from GitHub... but never fear, it has returned as Disconnected RSAT since it now supports the Certificate Authority and Certificate Templates snap-ins in addition to Group Policy support.
🔗 https://github.com/CCob/DRSAT
🐥 [ tweet ]
Sorry folks, I had to remove the Disconnected GPO project from GitHub... but never fear, it has returned as Disconnected RSAT since it now supports the Certificate Authority and Certificate Templates snap-ins in addition to Group Policy support.
🔗 https://github.com/CCob/DRSAT
🐥 [ tweet ]
🔥6👍3
😈 [ НЁХ-редактор @apismenny ]
Титаническими усилиями, отбиваясь от затягивающего Balatro и остатков работы дописал таки новогоднюю колонку!
🔗 https://xakep.ru/2024/12/28/xakep-2024/
🐥 [ tweet ]
Титаническими усилиями, отбиваясь от затягивающего Balatro и остатков работы дописал таки новогоднюю колонку!
🔗 https://xakep.ru/2024/12/28/xakep-2024/
🐥 [ tweet ]
👍4
Эти ваши сексы конечно круто, но пробовали ли вы это чувство финализации драфта по результатам успешно завершенной трехмесячной RT-операции глубокой ночью 30-го декабря под Сожжение Хром в наушниках? Удивительно, как близко к реальности Гибсон в далеком 1982 смог описать характерные черты настоящего (пусть даже симулированного в этичной манере) секьюрити брича, будучи при этом, по его словам, максимально далеким от хакинга (да и в целом от компьютеров) парнем.
Бесконечный респект моим любимым коллегам из @ptswarm, и всех с наступающим!🎄
Бесконечный респект моим любимым коллегам из @ptswarm, и всех с наступающим!
Please open Telegram to view this post
VIEW IN TELEGRAM
🎄30👍9🥱1
😈 [ BlackSnufkin @BlackSnufkin42 ]
Tired of switching tools for payload testing? LitterBox - bringing Moneta, PE-sieve & more into one unified platform.
🔗 https://github.com/BlackSnufkin/LitterBox
🐥 [ tweet ]
Tired of switching tools for payload testing? LitterBox - bringing Moneta, PE-sieve & more into one unified platform.
🔗 https://github.com/BlackSnufkin/LitterBox
🐥 [ tweet ]
👍6
😈 [ Burak Karaduman @krdmnbrk ]
Excited to share my new project: AttackRuleMap
This project maps #AtomicRedTeam simulations to open-source detection rules like #SigmaRules and #Splunk ESCU rules (maybe more in the future).
Currently for Windows, with plans to support more platforms.
🔗 https://attackrulemap.netlify.app/
🐥 [ tweet ]
Excited to share my new project: AttackRuleMap
This project maps #AtomicRedTeam simulations to open-source detection rules like #SigmaRules and #Splunk ESCU rules (maybe more in the future).
Currently for Windows, with plans to support more platforms.
🔗 https://attackrulemap.netlify.app/
🐥 [ tweet ]
👍10🔥5
😈 [ NSG650 @nsg650 ]
New blog about bootkitting Windows.
Done in collab with @pdawg11239
🔗 https://nsg650.github.io/blogs/29-12-2024.html
🐥 [ tweet ]
New blog about bootkitting Windows.
Done in collab with @pdawg11239
🔗 https://nsg650.github.io/blogs/29-12-2024.html
🐥 [ tweet ]
👍3🔥3
😈 [ SafeBreach @safebreach ]
Starting 2025 strong! We’ve developed a PoC exploit for CVE-2024-49112. Read the blog and check out the GitHub repo.
Blog:
🔗 https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-cve-2024-49112/
PoC:
🔗 https://github.com/SafeBreach-Labs/CVE-2024-49112
🐥 [ tweet ]
Starting 2025 strong! We’ve developed a PoC exploit for CVE-2024-49112. Read the blog and check out the GitHub repo.
Blog:
🔗 https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-cve-2024-49112/
PoC:
🔗 https://github.com/SafeBreach-Labs/CVE-2024-49112
🐥 [ tweet ]
🔥9🥱4👍3🤯2
😈 [ Dirk-jan @_dirkjan ]
Few BloodHound python updates: LDAP channel binding is now supported with Kerberos auth (native) or with NTLM (custom ldap3 version). Furthermore, the BH CE collector now has its own pypi package and command. You can have both on the same system with pipx.
🔗 https://github.com/dirkjanm/BloodHound.py
🐥 [ tweet ]
🔗 https://ppn.snovvcrash.rocks/pentest/infrastructure/ad#setup
Few BloodHound python updates: LDAP channel binding is now supported with Kerberos auth (native) or with NTLM (custom ldap3 version). Furthermore, the BH CE collector now has its own pypi package and command. You can have both on the same system with pipx.
🔗 https://github.com/dirkjanm/BloodHound.py
🐥 [ tweet ]
тоже недавно обновлял читшит по быстрому разворачиванию "нового" бх:🔗 https://ppn.snovvcrash.rocks/pentest/infrastructure/ad#setup
🔥10👍4
😈 [ Synacktiv @Synacktiv ]
You can now use LDAP/LDAPs protocols with the SOCKS proxy of ntlmrelayx thanks to the PR from @b1two_ (now merged upstream).
Here is an example with ldeep using relayed authentication from HTTP to LDAPs.
🐥 [ tweet ]
You can now use LDAP/LDAPs protocols with the SOCKS proxy of ntlmrelayx thanks to the PR from @b1two_ (now merged upstream).
Here is an example with ldeep using relayed authentication from HTTP to LDAPs.
🐥 [ tweet ]
🔥8👍1
😈 [ t3l3machus @t3l3machus ]
New experimental tool for rapid extraction and analysis of Windows service configs and ACEs for potential PE candidates, removing the need for tools like accesschk.exe or other non-native binaries.
🔗 https://github.com/t3l3machus/ACEshark
🐥 [ tweet ]
New experimental tool for rapid extraction and analysis of Windows service configs and ACEs for potential PE candidates, removing the need for tools like accesschk.exe or other non-native binaries.
🔗 https://github.com/t3l3machus/ACEshark
🐥 [ tweet ]
🔥11
😈 [ CICADA8Research @CICADA8Research ]
Read our new research and learn about MS UIA technology. You will explore the depths of COM, graphical elements in Windows and spy on WhatsApp, Telegram, Slack, and Keepass 🕵️♂️💻
Blog:
🔗 https://cicada-8.medium.com/im-watching-you-how-to-spy-windows-users-via-ms-uia-c9acd30f94c4
Tool:
🔗 https://github.com/CICADA8-Research/Spyndicapped
🐥 [ tweet ]
SpyWare 2.0 🔍
Read our new research and learn about MS UIA technology. You will explore the depths of COM, graphical elements in Windows and spy on WhatsApp, Telegram, Slack, and Keepass 🕵️♂️💻
Blog:
🔗 https://cicada-8.medium.com/im-watching-you-how-to-spy-windows-users-via-ms-uia-c9acd30f94c4
Tool:
🔗 https://github.com/CICADA8-Research/Spyndicapped
🐥 [ tweet ]
🔥9👍6🎄3🤯2
😈 [ Adam Chester 🏴☠️ @_xpn_ ]
Achievement unlocked, my first blog with SoecterOps 🤗 This post looks at ADFS OAuth2 support, Device Registration, Enterprise PRT, and a brain dump of things that I didn’t want to leave sat on Notion.
🔗 https://posts.specterops.io/adfs-living-in-the-legacy-of-drs-c11f9b371811
🐥 [ tweet ]
Achievement unlocked, my first blog with SoecterOps 🤗 This post looks at ADFS OAuth2 support, Device Registration, Enterprise PRT, and a brain dump of things that I didn’t want to leave sat on Notion.
🔗 https://posts.specterops.io/adfs-living-in-the-legacy-of-drs-c11f9b371811
🐥 [ tweet ]
👍6