😈 [ CCob🏴 @_EthicalChaos_ ]
Sorry folks, I had to remove the Disconnected GPO project from GitHub... but never fear, it has returned as Disconnected RSAT since it now supports the Certificate Authority and Certificate Templates snap-ins in addition to Group Policy support.
🔗 https://github.com/CCob/DRSAT
🐥 [ tweet ]
Sorry folks, I had to remove the Disconnected GPO project from GitHub... but never fear, it has returned as Disconnected RSAT since it now supports the Certificate Authority and Certificate Templates snap-ins in addition to Group Policy support.
🔗 https://github.com/CCob/DRSAT
🐥 [ tweet ]
🔥6👍3
😈 [ НЁХ-редактор @apismenny ]
Титаническими усилиями, отбиваясь от затягивающего Balatro и остатков работы дописал таки новогоднюю колонку!
🔗 https://xakep.ru/2024/12/28/xakep-2024/
🐥 [ tweet ]
Титаническими усилиями, отбиваясь от затягивающего Balatro и остатков работы дописал таки новогоднюю колонку!
🔗 https://xakep.ru/2024/12/28/xakep-2024/
🐥 [ tweet ]
👍4
Эти ваши сексы конечно круто, но пробовали ли вы это чувство финализации драфта по результатам успешно завершенной трехмесячной RT-операции глубокой ночью 30-го декабря под Сожжение Хром в наушниках? Удивительно, как близко к реальности Гибсон в далеком 1982 смог описать характерные черты настоящего (пусть даже симулированного в этичной манере) секьюрити брича, будучи при этом, по его словам, максимально далеким от хакинга (да и в целом от компьютеров) парнем.
Бесконечный респект моим любимым коллегам из @ptswarm, и всех с наступающим!🎄
Бесконечный респект моим любимым коллегам из @ptswarm, и всех с наступающим!
Please open Telegram to view this post
VIEW IN TELEGRAM
🎄30👍9🥱1
😈 [ BlackSnufkin @BlackSnufkin42 ]
Tired of switching tools for payload testing? LitterBox - bringing Moneta, PE-sieve & more into one unified platform.
🔗 https://github.com/BlackSnufkin/LitterBox
🐥 [ tweet ]
Tired of switching tools for payload testing? LitterBox - bringing Moneta, PE-sieve & more into one unified platform.
🔗 https://github.com/BlackSnufkin/LitterBox
🐥 [ tweet ]
👍6
😈 [ Burak Karaduman @krdmnbrk ]
Excited to share my new project: AttackRuleMap
This project maps #AtomicRedTeam simulations to open-source detection rules like #SigmaRules and #Splunk ESCU rules (maybe more in the future).
Currently for Windows, with plans to support more platforms.
🔗 https://attackrulemap.netlify.app/
🐥 [ tweet ]
Excited to share my new project: AttackRuleMap
This project maps #AtomicRedTeam simulations to open-source detection rules like #SigmaRules and #Splunk ESCU rules (maybe more in the future).
Currently for Windows, with plans to support more platforms.
🔗 https://attackrulemap.netlify.app/
🐥 [ tweet ]
👍10🔥5
😈 [ NSG650 @nsg650 ]
New blog about bootkitting Windows.
Done in collab with @pdawg11239
🔗 https://nsg650.github.io/blogs/29-12-2024.html
🐥 [ tweet ]
New blog about bootkitting Windows.
Done in collab with @pdawg11239
🔗 https://nsg650.github.io/blogs/29-12-2024.html
🐥 [ tweet ]
👍3🔥3
😈 [ SafeBreach @safebreach ]
Starting 2025 strong! We’ve developed a PoC exploit for CVE-2024-49112. Read the blog and check out the GitHub repo.
Blog:
🔗 https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-cve-2024-49112/
PoC:
🔗 https://github.com/SafeBreach-Labs/CVE-2024-49112
🐥 [ tweet ]
Starting 2025 strong! We’ve developed a PoC exploit for CVE-2024-49112. Read the blog and check out the GitHub repo.
Blog:
🔗 https://www.safebreach.com/blog/ldapnightmare-safebreach-labs-publishes-first-proof-of-concept-exploit-for-cve-2024-49112/
PoC:
🔗 https://github.com/SafeBreach-Labs/CVE-2024-49112
🐥 [ tweet ]
🔥9🥱4👍3🤯2
😈 [ Dirk-jan @_dirkjan ]
Few BloodHound python updates: LDAP channel binding is now supported with Kerberos auth (native) or with NTLM (custom ldap3 version). Furthermore, the BH CE collector now has its own pypi package and command. You can have both on the same system with pipx.
🔗 https://github.com/dirkjanm/BloodHound.py
🐥 [ tweet ]
🔗 https://ppn.snovvcrash.rocks/pentest/infrastructure/ad#setup
Few BloodHound python updates: LDAP channel binding is now supported with Kerberos auth (native) or with NTLM (custom ldap3 version). Furthermore, the BH CE collector now has its own pypi package and command. You can have both on the same system with pipx.
🔗 https://github.com/dirkjanm/BloodHound.py
🐥 [ tweet ]
тоже недавно обновлял читшит по быстрому разворачиванию "нового" бх:🔗 https://ppn.snovvcrash.rocks/pentest/infrastructure/ad#setup
🔥10👍4
😈 [ Synacktiv @Synacktiv ]
You can now use LDAP/LDAPs protocols with the SOCKS proxy of ntlmrelayx thanks to the PR from @b1two_ (now merged upstream).
Here is an example with ldeep using relayed authentication from HTTP to LDAPs.
🐥 [ tweet ]
You can now use LDAP/LDAPs protocols with the SOCKS proxy of ntlmrelayx thanks to the PR from @b1two_ (now merged upstream).
Here is an example with ldeep using relayed authentication from HTTP to LDAPs.
🐥 [ tweet ]
🔥8👍1
😈 [ t3l3machus @t3l3machus ]
New experimental tool for rapid extraction and analysis of Windows service configs and ACEs for potential PE candidates, removing the need for tools like accesschk.exe or other non-native binaries.
🔗 https://github.com/t3l3machus/ACEshark
🐥 [ tweet ]
New experimental tool for rapid extraction and analysis of Windows service configs and ACEs for potential PE candidates, removing the need for tools like accesschk.exe or other non-native binaries.
🔗 https://github.com/t3l3machus/ACEshark
🐥 [ tweet ]
🔥11
😈 [ CICADA8Research @CICADA8Research ]
Read our new research and learn about MS UIA technology. You will explore the depths of COM, graphical elements in Windows and spy on WhatsApp, Telegram, Slack, and Keepass 🕵️♂️💻
Blog:
🔗 https://cicada-8.medium.com/im-watching-you-how-to-spy-windows-users-via-ms-uia-c9acd30f94c4
Tool:
🔗 https://github.com/CICADA8-Research/Spyndicapped
🐥 [ tweet ]
SpyWare 2.0 🔍
Read our new research and learn about MS UIA technology. You will explore the depths of COM, graphical elements in Windows and spy on WhatsApp, Telegram, Slack, and Keepass 🕵️♂️💻
Blog:
🔗 https://cicada-8.medium.com/im-watching-you-how-to-spy-windows-users-via-ms-uia-c9acd30f94c4
Tool:
🔗 https://github.com/CICADA8-Research/Spyndicapped
🐥 [ tweet ]
🔥9👍6🎄3🤯2
😈 [ Adam Chester 🏴☠️ @_xpn_ ]
Achievement unlocked, my first blog with SoecterOps 🤗 This post looks at ADFS OAuth2 support, Device Registration, Enterprise PRT, and a brain dump of things that I didn’t want to leave sat on Notion.
🔗 https://posts.specterops.io/adfs-living-in-the-legacy-of-drs-c11f9b371811
🐥 [ tweet ]
Achievement unlocked, my first blog with SoecterOps 🤗 This post looks at ADFS OAuth2 support, Device Registration, Enterprise PRT, and a brain dump of things that I didn’t want to leave sat on Notion.
🔗 https://posts.specterops.io/adfs-living-in-the-legacy-of-drs-c11f9b371811
🐥 [ tweet ]
👍6
😈 [ Orange Tsai 🍊 @orange_8361 ]
The detailed version of our #WorstFit attack is available now! 🔥
Check it out! 👇
🔗 https://blog.orange.tw/posts/2025-01-worstfit-unveiling-hidden-transformers-in-windows-ansi/
🐥 [ tweet ][ quote ]
The detailed version of our #WorstFit attack is available now! 🔥
Check it out! 👇
🔗 https://blog.orange.tw/posts/2025-01-worstfit-unveiling-hidden-transformers-in-windows-ansi/
🐥 [ tweet ][ quote ]
🔥6👍3
😈 [ Nithin Chenthur Prabhu @Azr43lKn1ght ]
Introducing Rusty-PE-Packer: a sophisticated Windows PE packer written in Rust, featuring progressive masked RC4 encryption, VEH exploitation for ROP gadget execution via RIP manipulation, and injection into legitimate Windows processes.
🔗 https://github.com/Azr43lKn1ght/Rusty-PE-Packer
🐥 [ tweet ]
Introducing Rusty-PE-Packer: a sophisticated Windows PE packer written in Rust, featuring progressive masked RC4 encryption, VEH exploitation for ROP gadget execution via RIP manipulation, and injection into legitimate Windows processes.
🔗 https://github.com/Azr43lKn1ght/Rusty-PE-Packer
🐥 [ tweet ]
🔥12
😈 [ Bnb @HulkOperator ]
Recently, I’ve been experimenting with Return Address Spoofing and developed a tool to call any WinAPI and spoof the return address.
For a deeper dive, check out my blog post:
🔗 https://hulkops.gitbook.io/blog/red-team/x64-return-address-spoofing
🐥 [ tweet ]
Recently, I’ve been experimenting with Return Address Spoofing and developed a tool to call any WinAPI and spoof the return address.
For a deeper dive, check out my blog post:
🔗 https://hulkops.gitbook.io/blog/red-team/x64-return-address-spoofing
🐥 [ tweet ]
🔥7👍4
😈 [ Matt Ehrnschwender @M_alphaaa ]
Keeping the blog alive. For people who may be unaware, you can embed a file in a C/C++ program without needing to make a giant byte array in a header file for it. Kind of went a little bit overboard on the detail with this lol but it's pretty useful
🔗 https://blog.cybershenanigans.space/posts/embedding-files-in-c-cpp-programs/
🐥 [ tweet ]
Keeping the blog alive. For people who may be unaware, you can embed a file in a C/C++ program without needing to make a giant byte array in a header file for it. Kind of went a little bit overboard on the detail with this lol but it's pretty useful
🔗 https://blog.cybershenanigans.space/posts/embedding-files-in-c-cpp-programs/
🐥 [ tweet ]
🔥7
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ MrAle98 @MrAle_98 ]
Finally finished to develop an exploit for CVE-2024-49138: vulnerability in CLFS.sys.
I'll provide a detailed analysis in a blog post.
🔗 https://github.com/MrAle98/CVE-2024-49138-POC
🐥 [ tweet ]
Finally finished to develop an exploit for CVE-2024-49138: vulnerability in CLFS.sys.
I'll provide a detailed analysis in a blog post.
🔗 https://github.com/MrAle98/CVE-2024-49138-POC
🐥 [ tweet ]
🔥12👍1
😈 [ Synacktiv @Synacktiv ]
A few months ago, Microsoft released a critical patch for CVE-2024-43468, an unauthenticated SQL injection vulnerability in SCCM/ConfigMgr leading to remote code execution, discovered by @kalimer0x00.
🔗 https://www.synacktiv.com/advisories/microsoft-configuration-manager-configmgr-2403-unauthenticated-sql-injections
🐥 [ tweet ]
A few months ago, Microsoft released a critical patch for CVE-2024-43468, an unauthenticated SQL injection vulnerability in SCCM/ConfigMgr leading to remote code execution, discovered by @kalimer0x00.
🔗 https://www.synacktiv.com/advisories/microsoft-configuration-manager-configmgr-2403-unauthenticated-sql-injections
🐥 [ tweet ]
🔥5👍1