😈 [ m3g9tr0n, Spiros Fraganastasis ]
Exploring data saved by Chrome/Edge/Any Chromium
https://t.co/5zAXvnmsa9 #dpapi
🔗 https://gist.github.com/jhoneill/e585bae781f3efa7ac1992b79e037713
🐥 [ tweet ]
Exploring data saved by Chrome/Edge/Any Chromium
https://t.co/5zAXvnmsa9 #dpapi
🔗 https://gist.github.com/jhoneill/e585bae781f3efa7ac1992b79e037713
🐥 [ tweet ]
👍2
😈 [ NinjaParanoid, Paranoid Ninja (Brute Ratel C4) ]
Hunting alertable threads for QAPC on existing processes, rop-gadgets, Stagers and start address spoofing for the upcoming BRc4 v1.1 release...
https://t.co/5GH2Nwnp74
🔗 https://www.youtube.com/watch?v=w8ictUBcCrM
🐥 [ tweet ]
Hunting alertable threads for QAPC on existing processes, rop-gadgets, Stagers and start address spoofing for the upcoming BRc4 v1.1 release...
https://t.co/5GH2Nwnp74
🔗 https://www.youtube.com/watch?v=w8ictUBcCrM
🐥 [ tweet ]
😈 [ DirectoryRanger, DirectoryRanger ]
O365-Doppelganger. noscript to harvest credentials off of a user during a Red Team and get execution of a file from the user
https://t.co/0CpScve1sn
🔗 https://github.com/paranoidninja/O365-Doppelganger
🐥 [ tweet ]
O365-Doppelganger. noscript to harvest credentials off of a user during a Red Team and get execution of a file from the user
https://t.co/0CpScve1sn
🔗 https://github.com/paranoidninja/O365-Doppelganger
🐥 [ tweet ]
👍1
😈 [ m3g9tr0n, Spiros Fraganastasis ]
Active Directory delegations inventory in Rust
https://t.co/qOoTA6X4yi
🔗 https://github.com/mtth-bfft/adeleg
🐥 [ tweet ]
Active Directory delegations inventory in Rust
https://t.co/qOoTA6X4yi
🔗 https://github.com/mtth-bfft/adeleg
🐥 [ tweet ]
😈 [ hackinarticles, Hacking Articles ]
MITRE ATT&CK: Initial Access
Credit https://t.co/wtfCJx9CMi
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
🔗 https://github.com/JPMinty/MindMaps/tree/master/MITRE%20ATT%26CK/PNG
🐥 [ tweet ]
MITRE ATT&CK: Initial Access
Credit https://t.co/wtfCJx9CMi
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
🔗 https://github.com/JPMinty/MindMaps/tree/master/MITRE%20ATT%26CK/PNG
🐥 [ tweet ]
😈 [ Tarlogic, Tarlogic ]
Vulnerability CVE-2022-26134 has compromised Atlassian @Confluence servers and data centers and, along the way, the security of a multitude of companies. Our colleague @TuLkHaXs analyzes the scale of the incident and how to neutralize it 👇
https://t.co/6k6ILkif0i
🔗 https://www.tarlogic.com/blog/cve-2022-26134-zero-day-vulnerability-affecting-atlassian-confluence/
🐥 [ tweet ]
Vulnerability CVE-2022-26134 has compromised Atlassian @Confluence servers and data centers and, along the way, the security of a multitude of companies. Our colleague @TuLkHaXs analyzes the scale of the incident and how to neutralize it 👇
https://t.co/6k6ILkif0i
🔗 https://www.tarlogic.com/blog/cve-2022-26134-zero-day-vulnerability-affecting-atlassian-confluence/
🐥 [ tweet ]
😈 [ ReconOne_, ReconOne ]
GitHub Recon in Manual mode - Part 3 - Database
credits: techgaun/github-dorks
#recon #recontips #github #AttackSurface #bugbountytips #reconone #Database #gitrecon
🐥 [ tweet ]
GitHub Recon in Manual mode - Part 3 - Database
credits: techgaun/github-dorks
#recon #recontips #github #AttackSurface #bugbountytips #reconone #Database #gitrecon
🐥 [ tweet ]
😈 [ _wald0, Andy Robbins ]
This week I'm publishing a 3 post series on #Azure Managed Identity attack paths. Here's part 1, where we are looking at Automation Accounts:
https://t.co/gZ6QjGw6CE
Prior work by @kfosaaen, @inversecos, https://t.co/Eb8grvTeOm, and @cibrax
🔗 https://posts.specterops.io/82667d17187a
🔗 http://azsec.azurewebsites.net
🐥 [ tweet ]
This week I'm publishing a 3 post series on #Azure Managed Identity attack paths. Here's part 1, where we are looking at Automation Accounts:
https://t.co/gZ6QjGw6CE
Prior work by @kfosaaen, @inversecos, https://t.co/Eb8grvTeOm, and @cibrax
🔗 https://posts.specterops.io/82667d17187a
🔗 http://azsec.azurewebsites.net
🐥 [ tweet ]
😈 [ _JohnHammond, John Hammond is @ RSAC ]
Active Directory content will slowly trickle out on my YouTube channel over the next many days. We will build a local VM environment, stage out our domain at will with PowerShell, and bounce back and forth between "building" and "breaking" AD concepts
https://t.co/jHw7lS1St6
🔗 https://youtu.be/pKtDQtsubio
🐥 [ tweet ]
Active Directory content will slowly trickle out on my YouTube channel over the next many days. We will build a local VM environment, stage out our domain at will with PowerShell, and bounce back and forth between "building" and "breaking" AD concepts
https://t.co/jHw7lS1St6
🔗 https://youtu.be/pKtDQtsubio
🐥 [ tweet ]
😈 [ DebugPrivilege, • ]
I can see that most people are familiar with AD and understand the enumeration piece of it through tools like PowerView, etc. However, how does this look from a code-level and network-level? My go-to tools are IDA and Wireshark to answer these types of questions.
🐥 [ tweet ]
I can see that most people are familiar with AD and understand the enumeration piece of it through tools like PowerView, etc. However, how does this look from a code-level and network-level? My go-to tools are IDA and Wireshark to answer these types of questions.
🐥 [ tweet ]
😈 [ ReconOne_, ReconOne ]
Want to scan for the TOP Exploited Vulnerabilities according to CISA? Try this 👇
Credits: @pdiscoveryio
#nuclei #CISA #attacksurface #recon #reconone #bugbountytips #recontips
🐥 [ tweet ]
Want to scan for the TOP Exploited Vulnerabilities according to CISA? Try this 👇
Credits: @pdiscoveryio
#nuclei #CISA #attacksurface #recon #reconone #bugbountytips #recontips
🐥 [ tweet ]
😈 [ SagieSec, Sagie Dulce ]
#RPCFirewall version 2.0 is out!
Watch this tutorial that shows how to set it up, and start protecting against various RPC attacks : #petitpotam, #psexec, #dcsync, #wmic and more...
New features:
✔️ Support RPC Filters.
✔️ RPC Firewall as a service
✔️ Monitor & protect new processes
✔️ "Status" command for detailed deployment info
✔️ Better resolution of source host and port
🔗 https://youtu.be/BNzfmYwkioY
🔗 https://github.com/zeronetworks/rpcfirewall
🐥 [ tweet ]
#RPCFirewall version 2.0 is out!
Watch this tutorial that shows how to set it up, and start protecting against various RPC attacks : #petitpotam, #psexec, #dcsync, #wmic and more...
New features:
✔️ Support RPC Filters.
✔️ RPC Firewall as a service
✔️ Monitor & protect new processes
✔️ "Status" command for detailed deployment info
✔️ Better resolution of source host and port
🔗 https://youtu.be/BNzfmYwkioY
🔗 https://github.com/zeronetworks/rpcfirewall
🐥 [ tweet ]
😈 [ DebugPrivilege, • ]
Alert when a group is added to a sensitive Active Directory group https://t.co/2oJmjthu8G
🔗 https://techcommunity.microsoft.com/t5/security-compliance-and-identity/alert-when-a-group-is-added-to-a-sensitive-active-directory/ba-p/3436868
🐥 [ tweet ]
Alert when a group is added to a sensitive Active Directory group https://t.co/2oJmjthu8G
🔗 https://techcommunity.microsoft.com/t5/security-compliance-and-identity/alert-when-a-group-is-added-to-a-sensitive-active-directory/ba-p/3436868
🐥 [ tweet ]
🔥1
😈 [ hackinarticles, Hacking Articles ]
IPV4 vs IPV6
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
🐥 [ tweet ]
IPV4 vs IPV6
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
🐥 [ tweet ]
😈 [ ShitSecure, S3cur3Th1sSh1t ]
The last two weekends plus some evenings I spend my time writing a Nim Packer/Loader, which will be provided to Sponsors only via private repo. It's capable of packing C# Assemblies, Shellcode or PE-Files.
It's using my GetSyscallStub function to retrieve unhooked Syscalls from ntdll.dll to patch AMSI and/or ETW. The shellcode execution is also done via Syscalls from GetSyscallStub. This function will become public in Q1 2022.
The detection rate is at this time pretty good. One more reason for this repo to stay private. And theese binaries had no sandbox evasion checks, no sleep time and were not obfuscated via LLVM. I'll add sandbox evasion methods later on.
🔗 https://www.patreon.com/S3cur3Th1sSh1t
🔗 https://github.com/sponsors/S3cur3Th1sSh1t
🐥 [ tweet ]
The last two weekends plus some evenings I spend my time writing a Nim Packer/Loader, which will be provided to Sponsors only via private repo. It's capable of packing C# Assemblies, Shellcode or PE-Files.
It's using my GetSyscallStub function to retrieve unhooked Syscalls from ntdll.dll to patch AMSI and/or ETW. The shellcode execution is also done via Syscalls from GetSyscallStub. This function will become public in Q1 2022.
The detection rate is at this time pretty good. One more reason for this repo to stay private. And theese binaries had no sandbox evasion checks, no sleep time and were not obfuscated via LLVM. I'll add sandbox evasion methods later on.
🔗 https://www.patreon.com/S3cur3Th1sSh1t
🔗 https://github.com/sponsors/S3cur3Th1sSh1t
🐥 [ tweet ]
👍1