😈 [ _wald0, Andy Robbins ]
This week I'm publishing a 3 post series on #Azure Managed Identity attack paths. Here's part 1, where we are looking at Automation Accounts:
https://t.co/gZ6QjGw6CE
Prior work by @kfosaaen, @inversecos, https://t.co/Eb8grvTeOm, and @cibrax
🔗 https://posts.specterops.io/82667d17187a
🔗 http://azsec.azurewebsites.net
🐥 [ tweet ]
This week I'm publishing a 3 post series on #Azure Managed Identity attack paths. Here's part 1, where we are looking at Automation Accounts:
https://t.co/gZ6QjGw6CE
Prior work by @kfosaaen, @inversecos, https://t.co/Eb8grvTeOm, and @cibrax
🔗 https://posts.specterops.io/82667d17187a
🔗 http://azsec.azurewebsites.net
🐥 [ tweet ]
😈 [ _JohnHammond, John Hammond is @ RSAC ]
Active Directory content will slowly trickle out on my YouTube channel over the next many days. We will build a local VM environment, stage out our domain at will with PowerShell, and bounce back and forth between "building" and "breaking" AD concepts
https://t.co/jHw7lS1St6
🔗 https://youtu.be/pKtDQtsubio
🐥 [ tweet ]
Active Directory content will slowly trickle out on my YouTube channel over the next many days. We will build a local VM environment, stage out our domain at will with PowerShell, and bounce back and forth between "building" and "breaking" AD concepts
https://t.co/jHw7lS1St6
🔗 https://youtu.be/pKtDQtsubio
🐥 [ tweet ]
😈 [ DebugPrivilege, • ]
I can see that most people are familiar with AD and understand the enumeration piece of it through tools like PowerView, etc. However, how does this look from a code-level and network-level? My go-to tools are IDA and Wireshark to answer these types of questions.
🐥 [ tweet ]
I can see that most people are familiar with AD and understand the enumeration piece of it through tools like PowerView, etc. However, how does this look from a code-level and network-level? My go-to tools are IDA and Wireshark to answer these types of questions.
🐥 [ tweet ]
😈 [ ReconOne_, ReconOne ]
Want to scan for the TOP Exploited Vulnerabilities according to CISA? Try this 👇
Credits: @pdiscoveryio
#nuclei #CISA #attacksurface #recon #reconone #bugbountytips #recontips
🐥 [ tweet ]
Want to scan for the TOP Exploited Vulnerabilities according to CISA? Try this 👇
Credits: @pdiscoveryio
#nuclei #CISA #attacksurface #recon #reconone #bugbountytips #recontips
🐥 [ tweet ]
😈 [ SagieSec, Sagie Dulce ]
#RPCFirewall version 2.0 is out!
Watch this tutorial that shows how to set it up, and start protecting against various RPC attacks : #petitpotam, #psexec, #dcsync, #wmic and more...
New features:
✔️ Support RPC Filters.
✔️ RPC Firewall as a service
✔️ Monitor & protect new processes
✔️ "Status" command for detailed deployment info
✔️ Better resolution of source host and port
🔗 https://youtu.be/BNzfmYwkioY
🔗 https://github.com/zeronetworks/rpcfirewall
🐥 [ tweet ]
#RPCFirewall version 2.0 is out!
Watch this tutorial that shows how to set it up, and start protecting against various RPC attacks : #petitpotam, #psexec, #dcsync, #wmic and more...
New features:
✔️ Support RPC Filters.
✔️ RPC Firewall as a service
✔️ Monitor & protect new processes
✔️ "Status" command for detailed deployment info
✔️ Better resolution of source host and port
🔗 https://youtu.be/BNzfmYwkioY
🔗 https://github.com/zeronetworks/rpcfirewall
🐥 [ tweet ]
😈 [ DebugPrivilege, • ]
Alert when a group is added to a sensitive Active Directory group https://t.co/2oJmjthu8G
🔗 https://techcommunity.microsoft.com/t5/security-compliance-and-identity/alert-when-a-group-is-added-to-a-sensitive-active-directory/ba-p/3436868
🐥 [ tweet ]
Alert when a group is added to a sensitive Active Directory group https://t.co/2oJmjthu8G
🔗 https://techcommunity.microsoft.com/t5/security-compliance-and-identity/alert-when-a-group-is-added-to-a-sensitive-active-directory/ba-p/3436868
🐥 [ tweet ]
🔥1
😈 [ hackinarticles, Hacking Articles ]
IPV4 vs IPV6
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
🐥 [ tweet ]
IPV4 vs IPV6
#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #cyberattacks #security #vulnerabilities
🐥 [ tweet ]
😈 [ ShitSecure, S3cur3Th1sSh1t ]
The last two weekends plus some evenings I spend my time writing a Nim Packer/Loader, which will be provided to Sponsors only via private repo. It's capable of packing C# Assemblies, Shellcode or PE-Files.
It's using my GetSyscallStub function to retrieve unhooked Syscalls from ntdll.dll to patch AMSI and/or ETW. The shellcode execution is also done via Syscalls from GetSyscallStub. This function will become public in Q1 2022.
The detection rate is at this time pretty good. One more reason for this repo to stay private. And theese binaries had no sandbox evasion checks, no sleep time and were not obfuscated via LLVM. I'll add sandbox evasion methods later on.
🔗 https://www.patreon.com/S3cur3Th1sSh1t
🔗 https://github.com/sponsors/S3cur3Th1sSh1t
🐥 [ tweet ]
The last two weekends plus some evenings I spend my time writing a Nim Packer/Loader, which will be provided to Sponsors only via private repo. It's capable of packing C# Assemblies, Shellcode or PE-Files.
It's using my GetSyscallStub function to retrieve unhooked Syscalls from ntdll.dll to patch AMSI and/or ETW. The shellcode execution is also done via Syscalls from GetSyscallStub. This function will become public in Q1 2022.
The detection rate is at this time pretty good. One more reason for this repo to stay private. And theese binaries had no sandbox evasion checks, no sleep time and were not obfuscated via LLVM. I'll add sandbox evasion methods later on.
🔗 https://www.patreon.com/S3cur3Th1sSh1t
🔗 https://github.com/sponsors/S3cur3Th1sSh1t
🐥 [ tweet ]
👍1
😈 [ m3g9tr0n, Spiros Fraganastasis ]
An excellent article by @martinsohndk about Windows Shares post exploitation activities! You will be impressed with the amount of information which can be found by digging in shares https://t.co/LiriUP3xVE
🔗 https://improsec.com/tech-blog/network-share-risks-deploying-secure-defaults-and-searching-shares-for-sensitive-information-credentials-pii-and-more
🐥 [ tweet ]
An excellent article by @martinsohndk about Windows Shares post exploitation activities! You will be impressed with the amount of information which can be found by digging in shares https://t.co/LiriUP3xVE
🔗 https://improsec.com/tech-blog/network-share-risks-deploying-secure-defaults-and-searching-shares-for-sensitive-information-credentials-pii-and-more
🐥 [ tweet ]
👍1
😈 [ fr0gger_, Thomas Roccia 🤘 ]
I published a blogpost that presents ten useful python libraries that I use for malware analysis and reversing (with code examples)!
Which one are you using the most? 🐍
#python #malware #cybersecurity #infosec
https://t.co/4q7N0ydQJa
🔗 https://blog.securitybreak.io/10-python-libraries-for-malware-analysis-and-reverse-engineering-622751e6ebd0
🐥 [ tweet ]
I published a blogpost that presents ten useful python libraries that I use for malware analysis and reversing (with code examples)!
Which one are you using the most? 🐍
#python #malware #cybersecurity #infosec
https://t.co/4q7N0ydQJa
🔗 https://blog.securitybreak.io/10-python-libraries-for-malware-analysis-and-reverse-engineering-622751e6ebd0
🐥 [ tweet ]
😈 [ ShitSecure, S3cur3Th1sSh1t ]
My DInvoke implementation in Nim is now also public:
https://t.co/4sNjTVsYfv
Feel free with testing and have fun! 🍻👌
Challenge: who modifies the Nim compiler for DInvoke usage?🤓
🔗 https://github.com/S3cur3Th1sSh1t/Nim_DInvoke
🐥 [ tweet ]
My DInvoke implementation in Nim is now also public:
https://t.co/4sNjTVsYfv
Feel free with testing and have fun! 🍻👌
Challenge: who modifies the Nim compiler for DInvoke usage?🤓
🔗 https://github.com/S3cur3Th1sSh1t/Nim_DInvoke
🐥 [ tweet ]
🔥2