Forwarded from Offensive Xwitter Eye
😈 [ DirectoryRanger, DirectoryRanger ]
WMEye. tool for performing Lateral Movement using WMI and remote MSBuild Execution
https://t.co/wi9ZdNVrof
🔗 https://github.com/pwn1sher/WMEye
🐥 [ tweet ]
WMEye. tool for performing Lateral Movement using WMI and remote MSBuild Execution
https://t.co/wi9ZdNVrof
🔗 https://github.com/pwn1sher/WMEye
🐥 [ tweet ]
Forwarded from Offensive Xwitter Eye
😈 [ DirectoryRanger, DirectoryRanger ]
S4uDelegator. tool to perform S4U logon with SeTcbPrivilege, by @@daem0nc0re
https://t.co/7qFTFtX6Um
🔗 https://github.com/daem0nc0re/PrivFu#s4udelegator
🐥 [ tweet ]
S4uDelegator. tool to perform S4U logon with SeTcbPrivilege, by @@daem0nc0re
https://t.co/7qFTFtX6Um
🔗 https://github.com/daem0nc0re/PrivFu#s4udelegator
🐥 [ tweet ]
👍1
😈 [ m3g9tr0n, Spiros Fraganastasis ]
How the Active Directory Replication Model Works
https://t.co/oQKPMswqK5
🔗 https://premglitz.wordpress.com/2013/03/20/how-the-active-directory-replication-model-works/
🐥 [ tweet ]
How the Active Directory Replication Model Works
https://t.co/oQKPMswqK5
🔗 https://premglitz.wordpress.com/2013/03/20/how-the-active-directory-replication-model-works/
🐥 [ tweet ]
🔥2👍1
😈 [ citronneur, Sylvain Peyrefitte ]
Time Travel Debugging for #IDA https://t.co/9QRB0UBuAy
🔗 https://github.com/airbus-cert/ttddbg
🐥 [ tweet ]
Time Travel Debugging for #IDA https://t.co/9QRB0UBuAy
🔗 https://github.com/airbus-cert/ttddbg
🐥 [ tweet ]
👍1
Forwarded from Offensive Xwitter Eye
👹 [ snovvcrash, sn🥶vvcr💥sh ]
Two-week security assessment is over, finally… Way too many lessons learned, oh well. Here’s the final step of taking down the critical OpenShift cluster with a single curl (hard-coded tokens is always a bad idea). So current mood is like the Burning Chrome last paragraphs 🫡
🐥 [ tweet ]
Two-week security assessment is over, finally… Way too many lessons learned, oh well. Here’s the final step of taking down the critical OpenShift cluster with a single curl (hard-coded tokens is always a bad idea). So current mood is like the Burning Chrome last paragraphs 🫡
🐥 [ tweet ]
Forwarded from Offensive Xwitter Eye
Offensive Xwitter Eye
👹 [ snovvcrash, sn🥶vvcr💥sh ] Two-week security assessment is over, finally… Way too many lessons learned, oh well. Here’s the final step of taking down the critical OpenShift cluster with a single curl (hard-coded tokens is always a bad idea). So current…
😈 [ DebugPrivilege, • ]
I came across a video of a talk from @MSwannMSFT on Intrusion Detection with Graphs https://t.co/4hKezgfM6N - interesting talk for blue teamers!
🔗 https://youtu.be/tGWSnuyZ4GQ
🐥 [ tweet ]
I came across a video of a talk from @MSwannMSFT on Intrusion Detection with Graphs https://t.co/4hKezgfM6N - interesting talk for blue teamers!
🔗 https://youtu.be/tGWSnuyZ4GQ
🐥 [ tweet ]
⚠️ DISCLAIMER ⚠️
‼️ All information posted in this channel (
‼️ The owner of this channel is NOT responsible for any illegal use of the information this channel is providing or referring to.
‼️ The owner of this channel does NOT promote any illegal activity related to unethical hacking, cybercrimes, malware distribution, etc.
‼️ Remember that computer crimes are ALWAYS punishable by the law, so please do watch what you are doing.
#disclaimer
‼️ All information posted in this channel (
https://news.1rj.ru/str/OffensiveTwitter) is intended for research and/or educational purposes only.‼️ The owner of this channel is NOT responsible for any illegal use of the information this channel is providing or referring to.
‼️ The owner of this channel does NOT promote any illegal activity related to unethical hacking, cybercrimes, malware distribution, etc.
‼️ Remember that computer crimes are ALWAYS punishable by the law, so please do watch what you are doing.
#disclaimer
😁8
😈 [ HackingLZ, Justin ]
Actual details on the Confluence CVE-2022-26134
https://t.co/qU3BfAQEa9
🔗 https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
🐥 [ tweet ]
Actual details on the Confluence CVE-2022-26134
https://t.co/qU3BfAQEa9
🔗 https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
🐥 [ tweet ]
👍1
😈 [ vxunderground, vx-underground ]
We've updated the vx-underground Malware Analysis collection. We have added 13 new papers courtesy of @malpedia.
Check it out here: https://t.co/djuVYEkbLT
Have a nice day.
🔗 https://www.vx-underground.org/malware_defense.html#malware_analysis
🐥 [ tweet ]
We've updated the vx-underground Malware Analysis collection. We have added 13 new papers courtesy of @malpedia.
Check it out here: https://t.co/djuVYEkbLT
Have a nice day.
🔗 https://www.vx-underground.org/malware_defense.html#malware_analysis
🐥 [ tweet ]
😈 [ hackinarticles, Hacking Articles ]
Memory Hunting
Credit https://t.co/OHtDiELsy5
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #bugbountytips #forensics #dfir
🔗 https://github.com/christophetd/mindmaps/blob/master/pdf/memory-hunting.pdf
🐥 [ tweet ]
Memory Hunting
Credit https://t.co/OHtDiELsy5
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #bugbountytips #forensics #dfir
🔗 https://github.com/christophetd/mindmaps/blob/master/pdf/memory-hunting.pdf
🐥 [ tweet ]
👍1
😈 [ HackingLZ, Justin ]
Since everyone is mentioning AzureAD to protect assets instead of putting them directly on the internet...Keep this in mind for future egress detections. https://t.co/mvgebEssdW
🔗 https://www.trustedsec.com/blog/azure-application-proxy-c2/
🐥 [ tweet ]
Since everyone is mentioning AzureAD to protect assets instead of putting them directly on the internet...Keep this in mind for future egress detections. https://t.co/mvgebEssdW
🔗 https://www.trustedsec.com/blog/azure-application-proxy-c2/
🐥 [ tweet ]
😈 [ hackinarticles, Hacking Articles ]
Incident Response Cheat Sheet
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #dfir #incidentresponse
🐥 [ tweet ]
Incident Response Cheat Sheet
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #dfir #incidentresponse
🐥 [ tweet ]
😈 [ hackinarticles, Hacking Articles ]
Information Security Concept
Credit https://t.co/5uvxJfGqhx
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #bugbountytips
🔗 https://www.xmind.net/embed/enin/
🐥 [ tweet ]
Information Security Concept
Credit https://t.co/5uvxJfGqhx
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #bugbountytips
🔗 https://www.xmind.net/embed/enin/
🐥 [ tweet ]
😈 [ hackinarticles, Hacking Articles ]
DNS Cheat Sheet
Credit @Nominet
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #DNS
🐥 [ tweet ]
DNS Cheat Sheet
Credit @Nominet
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #DNS
🐥 [ tweet ]
🔥1
😈 [ DirectoryRanger, DirectoryRanger ]
SharpRDPHijack, by @bohops
https://t.co/LNA6bv9TIq
🔗 https://github.com/bohops/SharpRDPHijack
🐥 [ tweet ]
SharpRDPHijack, by @bohops
https://t.co/LNA6bv9TIq
🔗 https://github.com/bohops/SharpRDPHijack
🐥 [ tweet ]
😈 [ FSDominguez, Francisco Dominguez ]
Not only inject&forget, but you can use quantum insert/spoofed packets for bidirectional communication as well to bypass very strict firewalls.
https://t.co/D4dzlAfHrM
🔗 https://diablohorn.com/2017/05/21/quantum-insert-bypassing-ip-restrictions/
🐥 [ tweet ][ quote ]
Not only inject&forget, but you can use quantum insert/spoofed packets for bidirectional communication as well to bypass very strict firewalls.
https://t.co/D4dzlAfHrM
🔗 https://diablohorn.com/2017/05/21/quantum-insert-bypassing-ip-restrictions/
🐥 [ tweet ][ quote ]
👍1
😈 [ am0nsec, Paul L. ]
I published my little experiment with the Windows Memory Manager in order to get Virtual Address Denoscriptors (VADs) from an arbitrary process. This is a proof of concept - use caution. Will use this repository to add more stuff over time.
https://t.co/hFqH4duKLX
🔗 https://github.com/am0nsec/wkpe
🐥 [ tweet ]
I published my little experiment with the Windows Memory Manager in order to get Virtual Address Denoscriptors (VADs) from an arbitrary process. This is a proof of concept - use caution. Will use this repository to add more stuff over time.
https://t.co/hFqH4duKLX
🔗 https://github.com/am0nsec/wkpe
🐥 [ tweet ]
😈 [ _wald0, Andy Robbins ]
Today is Friday, which means it's #BloodHoundBasics day.
Here is the recording of my @BlackHatEvents Asia presentation covering the origins of BloodHound. In particular: what problem BloodHound set out to solve in the first place: https://t.co/px9EZysXc7
🔗 https://www.youtube.com/watch?v=Yl7gwdTFK18
🐥 [ tweet ]
Today is Friday, which means it's #BloodHoundBasics day.
Here is the recording of my @BlackHatEvents Asia presentation covering the origins of BloodHound. In particular: what problem BloodHound set out to solve in the first place: https://t.co/px9EZysXc7
🔗 https://www.youtube.com/watch?v=Yl7gwdTFK18
🐥 [ tweet ]
😈 [ HackingLZ, Justin ]
So they updated the advisory with a patch/replacement for a single file which is great...However I would suspect it won't take a lot of work to diff old vs new? Incoming PoC?
https://t.co/4lbxkVc1Ja
🔗 https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html
🐥 [ tweet ]
So they updated the advisory with a patch/replacement for a single file which is great...However I would suspect it won't take a lot of work to diff old vs new? Incoming PoC?
https://t.co/4lbxkVc1Ja
🔗 https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html
🐥 [ tweet ]