😈 [ markrussinovich, Mark Russinovich ]
Check out my Microsoft Build interview with @sethjuarez on Azure Container Apps + Dapr, a big step in the evolution of serverless: https://t.co/mqla60UZFz
🔗 https://www.youtube.com/watch?v=dplT6YL66Mg
🐥 [ tweet ]
Check out my Microsoft Build interview with @sethjuarez on Azure Container Apps + Dapr, a big step in the evolution of serverless: https://t.co/mqla60UZFz
🔗 https://www.youtube.com/watch?v=dplT6YL66Mg
🐥 [ tweet ]
😈 [DirectoryRanger, DirectoryRanger]
ADeleg. Active Directory delegation management tool. It allows you to make a detailed inventory of delegations set up so far in a forest, along with their potential issues
https://t.co/sbqcK2mPHW
🔗 https://github.com/mtth-bfft/adeleg
🐥 [tweet]
ADeleg. Active Directory delegation management tool. It allows you to make a detailed inventory of delegations set up so far in a forest, along with their potential issues
https://t.co/sbqcK2mPHW
🔗 https://github.com/mtth-bfft/adeleg
🐥 [tweet]
😈 [DirectoryRanger, DirectoryRanger]
Offensive Windows IPC Internals, by @0xcsandker
Part 1: Named Pipes https://t.co/Ug3gPKZANi
Part 2: RPC https://t.co/cfgY8dTLTa
Part 3: ALPC https://t.co/avXPjhqml4
🔗 https://csandker.io/2021/01/10/Offensive-Windows-IPC-1-NamedPipes.html
🔗 https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html
🔗 https://csandker.io/2022/05/24/Offensive-Windows-IPC-3-ALPC.html
🐥 [tweet]
Offensive Windows IPC Internals, by @0xcsandker
Part 1: Named Pipes https://t.co/Ug3gPKZANi
Part 2: RPC https://t.co/cfgY8dTLTa
Part 3: ALPC https://t.co/avXPjhqml4
🔗 https://csandker.io/2021/01/10/Offensive-Windows-IPC-1-NamedPipes.html
🔗 https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html
🔗 https://csandker.io/2022/05/24/Offensive-Windows-IPC-3-ALPC.html
🐥 [tweet]
😈 [DirectoryRanger, DirectoryRanger]
Hunting for Active Directory Certificate Services Abuse, by @HeirhabarovT
https://t.co/adwuv53TOL
🔗 https://speakerdeck.com/heirhabarov/hunting-for-active-directory-certificate-services-abuse
🐥 [tweet]
Hunting for Active Directory Certificate Services Abuse, by @HeirhabarovT
https://t.co/adwuv53TOL
🔗 https://speakerdeck.com/heirhabarov/hunting-for-active-directory-certificate-services-abuse
🐥 [tweet]
😈 [cyb3rops, Florian Roth 🏝]
Remember, when you write #YARA rules for RTF files that "{\rtf" isn’t the header that you should look for, since the „f“ isn’t required by Microsoft Word to open the file
Better use:
uint32be(0) == 0x7B5C7274
which is "{\rt" at position 0
https://t.co/vzBbEcZJd1
🔗 https://furoner.wordpress.com/2017/07/06/analysis-of-new-rtf-malware-obfuscation-method/
🐥 [tweet]
Remember, when you write #YARA rules for RTF files that "{\rtf" isn’t the header that you should look for, since the „f“ isn’t required by Microsoft Word to open the file
Better use:
uint32be(0) == 0x7B5C7274
which is "{\rt" at position 0
https://t.co/vzBbEcZJd1
🔗 https://furoner.wordpress.com/2017/07/06/analysis-of-new-rtf-malware-obfuscation-method/
🐥 [tweet]
😈 [carlospolopm, carlospolop]
Weekly HackTricks links to learn about: Cache poisoning and cache deception, SNMP, and DDexec.
- https://t.co/uWw9s2bJPJ
- https://t.co/UxQjAM6gzZ
- https://t.co/vvR7kp409c
#hacktricks
🔗 https://book.hacktricks.xyz/pentesting-web/cache-deception
🔗 https://book.hacktricks.xyz/network-services-pentesting/pentesting-snmp
🔗 https://book.hacktricks.xyz/linux-hardening/bypass-bash-restrictions/ddexec
🐥 [tweet]
Weekly HackTricks links to learn about: Cache poisoning and cache deception, SNMP, and DDexec.
- https://t.co/uWw9s2bJPJ
- https://t.co/UxQjAM6gzZ
- https://t.co/vvR7kp409c
#hacktricks
🔗 https://book.hacktricks.xyz/pentesting-web/cache-deception
🔗 https://book.hacktricks.xyz/network-services-pentesting/pentesting-snmp
🔗 https://book.hacktricks.xyz/linux-hardening/bypass-bash-restrictions/ddexec
🐥 [tweet]
😈 [ albinowax, James Kettle ]
I've updated the Turbo Intruder documentation with some practical tips for long-running attacks. TLDR don't put five million responses in the table, you'll run out of RAM.
https://t.co/lhyH2hlOrn
🔗 https://portswigger.net/research/turbo-intruder-embracing-the-billion-request-attack
🐥 [ tweet ]
I've updated the Turbo Intruder documentation with some practical tips for long-running attacks. TLDR don't put five million responses in the table, you'll run out of RAM.
https://t.co/lhyH2hlOrn
🔗 https://portswigger.net/research/turbo-intruder-embracing-the-billion-request-attack
🐥 [ tweet ]
😈 [ Tarlogic, Tarlogic ]
The world grades everything. Students, restaurants and hotels, movies, books... #CyberSecurity couldn't be oblivious to this reality. That's why we have dedicated a post on our blog Ciber 4 All to the #CVSS framework.
https://t.co/rPbUFFuR7f
🔗 https://www.tarlogic.com/blog/cvss-scoring-it-vulnerabilities/
🐥 [ tweet ]
The world grades everything. Students, restaurants and hotels, movies, books... #CyberSecurity couldn't be oblivious to this reality. That's why we have dedicated a post on our blog Ciber 4 All to the #CVSS framework.
https://t.co/rPbUFFuR7f
🔗 https://www.tarlogic.com/blog/cvss-scoring-it-vulnerabilities/
🐥 [ tweet ]
😈 [ vxunderground, vx-underground ]
We've updated the vx-underground Malware Defense collection. We have added 60 new papers.
Have a nice day.
Check it out here: https://t.co/djuVYEkbLT
🔗 https://www.vx-underground.org/malware_defense.html#malware_analysis
🐥 [ tweet ]
We've updated the vx-underground Malware Defense collection. We have added 60 new papers.
Have a nice day.
Check it out here: https://t.co/djuVYEkbLT
🔗 https://www.vx-underground.org/malware_defense.html#malware_analysis
🐥 [ tweet ]
😈 [ vxunderground, vx-underground ]
We've updated the vx-underground malware collection.
- Xloader
- Enemybot
- WSL Malware
- Chromeloader/Choziosi
- Chaos / Yashma Ransomware
- Pymafka
Download malware. It is good for you.
Check it out here: https://t.co/L3GdoH9kLl
🔗 https://samples.vx-underground.org/samples/Families/
🐥 [ tweet ]
We've updated the vx-underground malware collection.
- Xloader
- Enemybot
- WSL Malware
- Chromeloader/Choziosi
- Chaos / Yashma Ransomware
- Pymafka
Download malware. It is good for you.
Check it out here: https://t.co/L3GdoH9kLl
🔗 https://samples.vx-underground.org/samples/Families/
🐥 [ tweet ]
😈 [ GoSecure_Inc, GoSecure ]
Read this analysis by GoSecure Titan Labs of the two vulnerabilities found in 3CX Phone Systems, authenticated command injection and privilege escalation: https://t.co/dhfxLA950o #pentesting #cybersecurity #GoSecureTitanLabs
🔗 https://www.gosecure.net/blog/2022/05/31/security-advisory-multiple-vulnerabilities-impact-3cx-phone-system/
🐥 [ tweet ]
Read this analysis by GoSecure Titan Labs of the two vulnerabilities found in 3CX Phone Systems, authenticated command injection and privilege escalation: https://t.co/dhfxLA950o #pentesting #cybersecurity #GoSecureTitanLabs
🔗 https://www.gosecure.net/blog/2022/05/31/security-advisory-multiple-vulnerabilities-impact-3cx-phone-system/
🐥 [ tweet ]
😈 [ DirectoryRanger, DirectoryRanger ]
Fantastic Windows Logon types and Where to Find Credentials in Them, by @chiragsavla94
https://t.co/qFUEG8HdWC
🔗 https://www.alteredsecurity.com/post/fantastic-windows-logon-types-and-where-to-find-credentials-in-them
🐥 [ tweet ]
Fantastic Windows Logon types and Where to Find Credentials in Them, by @chiragsavla94
https://t.co/qFUEG8HdWC
🔗 https://www.alteredsecurity.com/post/fantastic-windows-logon-types-and-where-to-find-credentials-in-them
🐥 [ tweet ]
🔥1
😈 [ Tyl0us, Matt Eidelberg ]
Check out my talk focusing on shining a light on the mindset of a red team and how they covertly compromise an organization’s security. Lots of great TTPs and stories to share check it out #SourceZeroCon https://t.co/FiiVCJhi0t #netsec #redteam #evasion
🔗 http://bit.ly/3K3argl
🐥 [ tweet ]
Check out my talk focusing on shining a light on the mindset of a red team and how they covertly compromise an organization’s security. Lots of great TTPs and stories to share check it out #SourceZeroCon https://t.co/FiiVCJhi0t #netsec #redteam #evasion
🔗 http://bit.ly/3K3argl
🐥 [ tweet ]
Forwarded from Offensive Xwitter Eye
😈 [ aetsu, 𝕬𝖊𝖙𝖘𝖚 ]
A blueprint for evading industry leading endpoint protection in 2022 -> https://t.co/Vf69P9ZUuA
🔗 https://vanmieghem.io/blueprint-for-evading-edr-in-2022/
🐥 [ tweet ]
A blueprint for evading industry leading endpoint protection in 2022 -> https://t.co/Vf69P9ZUuA
🔗 https://vanmieghem.io/blueprint-for-evading-edr-in-2022/
🐥 [ tweet ]
🔥2
Forwarded from Offensive Xwitter Eye
😈 [ harmj0y, Will Schroeder ]
In my first foray into what @moo_hax terms "Offensive ML", I took at shot at data mining documents for passwords using deep learning. You can read about the approach at https://t.co/oL7jBbPiJQ and can find the notebook + Dockerized model at https://t.co/jXsMDVEwOo
🔗 https://posts.specterops.io/deeppass-finding-passwords-with-deep-learning-4d31c534cd00
🔗 https://github.com/GhostPack/DeepPass
🐥 [ tweet ]
In my first foray into what @moo_hax terms "Offensive ML", I took at shot at data mining documents for passwords using deep learning. You can read about the approach at https://t.co/oL7jBbPiJQ and can find the notebook + Dockerized model at https://t.co/jXsMDVEwOo
🔗 https://posts.specterops.io/deeppass-finding-passwords-with-deep-learning-4d31c534cd00
🔗 https://github.com/GhostPack/DeepPass
🐥 [ tweet ]
🔥1
Forwarded from Offensive Xwitter Eye
😈 [ hackinarticles, Hacking Articles ]
A Detailed Guide on Rubeus
https://t.co/XmD8LfJGY5
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #servers #windows
🔗 https://www.hackingarticles.in/a-detailed-guide-on-rubeus/
🐥 [ tweet ]
A Detailed Guide on Rubeus
https://t.co/XmD8LfJGY5
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #servers #windows
🔗 https://www.hackingarticles.in/a-detailed-guide-on-rubeus/
🐥 [ tweet ]
Forwarded from Offensive Xwitter Eye
😈 [ hackinarticles, Hacking Articles ]
Domain Persistence: Silver Ticket Attack
https://t.co/GDmxv0kJID
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #servers #windows
🔗 https://www.hackingarticles.in/domain-persistence-silver-ticket-attack/
🐥 [ tweet ]
Domain Persistence: Silver Ticket Attack
https://t.co/GDmxv0kJID
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #servers #windows
🔗 https://www.hackingarticles.in/domain-persistence-silver-ticket-attack/
🐥 [ tweet ]