😈 [ DebugPrivilege, • ]

Great blog post on hijacking Azure subnoscriptions. https://t.co/i2zQHrazu2

🔗 https://derkvanderwoude.medium.com/azure-subnoscription-hijacking-and-cryptomining-86c2ac018983

🐥 [ tweet ]

😈 [ bohops, bohops ]

[Quick Update] Added a few new and old resources/techniques to the WDAC Block List

https://t.co/2AhEtQ2aS0

I'll post a few more blogs in the coming months to include Part 3 of the "Exploring the Microsoft Recommended Block Rules" series as well as some new
techniques

🔗 https://github.com/bohops/UltimateWDACBypassList

🐥 [ tweet ]

😈 [ byt3bl33d3r, Marcello ]

This is neato
"Alpine, Ubuntu, Fedora, and Arch based containers containing full desktop environments in officially supported flavors accessible via any modern web browser."
https://t.co/VSTYMXDYma

🔗 https://docs.linuxserver.io/images/docker-webtop

🐥 [ tweet ]

😈 [ Six2dez1, Six2dez ]

I can't say enough about how useful @TomNomNom's hacks repository is. Lately whenever I need something I go there to take a look because it almost always has the solution, so I can never improve my Golang skills!

Latest discovery https://t.co/0DYgf4qkko

long live open source❤️

🔗 https://github.com/tomnomnom/hacks/tree/master/inscope

🐥 [ tweet ]

😈 [ mttaggart, Taggart ]

I'd just like to point out that a number of us have been providing free, high quality infosec content on Twitch for years without so much as a blurb in the Register.

@goproslowyo
@0xTib3rius
@Alh4zr3d
@xfootpics4salex
@ShawnLo

And many more at https://t.co/LnMWvE4jwN https://t.co/MB2rYdNPjC

🔗 https://infosecstreams.github.io/

🐥 [ tweet ][ quote ]

👹 [ snovvcrash, sn🥶vvcr💥sh ]

Was trying to improve my #password #spraying approach in AD by previewing FGPPs and mapping them to the users they’re applied to, but it turns out you have to be an admin to do that 😒

🐥 [ tweet ]

😈 [ CyberarkLabs, CyberArk Labs ]

Passwords and cookies are stored in Chrome’s memory in clear-text. Attackers can load into memory all the passwords that are stored in the password manager (“Login Data” file).

https://t.co/L1JRO22ktu

🔗 http://spr.ly/6017zZ6Ft

🐥 [ tweet ]

😈 [ 0xBoku, Bobby Cooke ]

BokuLoader now uses its best evasion features out of the box, +ASM Caesar cipher string obfuscation, +bug fixes, and +code enhancements. Dropped 32bit for now and all around slimmed down the code. Needed a clean base for coming feature updates ;)

https://t.co/At0dcvYZF0

🔗 https://github.com/boku7/BokuLoader

🐥 [ tweet ]

😈 [ 0gtweet, Grzegorz Tworek ]

3 pieces of information:
1. The interesting one - if svchost.exe cannot find "Parameters" subkey, it tries to read ServiceDll entry from the parent (service) key!
2. The bad one - tools rarely check such DLLs.
3. The great one - my tool was just updated - https://t.co/ySr6QM0f3b

🔗 https://github.com/gtworek/PSBits/blob/master/Services/Get-ServiceDlls.ps1

🐥 [ tweet ]

😈 [ _wald0, Andy Robbins ]

ICYMI: This week I published a 3-part blog series on managed identity attack paths in various #Azure services:

Part 1, Automation Accounts: https://t.co/gZ6QjGw6CE
Part 2, Logic Apps: https://t.co/3Jtw4rcHdm
Part 3, Function Apps: https://t.co/MJh46fqs2m

🔗 https://posts.specterops.io/82667d17187a
🔗 https://posts.specterops.io/52b29354fc54
🔗 https://posts.specterops.io/300065251cbe

🐥 [ tweet ]

😈 [ Cneelis, Cn33liz ]

It's #BOFFriday so time for a new @OutflankNL C2-Tool-Collection update:
> Psx - Show detailed process information incl. OPSEC checks.
> Psc - Show detailed information from processes with established TCP and RDP connections.
https://t.co/Wq1obZDfRU

🔗 https://github.com/outflanknl/C2-Tool-Collection

🐥 [ tweet ]

😈 [ Cx01N_, Cx01N ]

Here is the material from #defcon29 in case anyone missed last years.

https://t.co/4lk4Y6UWXe

🔗 https://github.com/BC-SECURITY/Beginners-Guide-to-Obfuscation

🐥 [ tweet ][ quote ]

😈 [ _wald0, Andy Robbins ]

Today is Friday, which means it's #BloodHoundBasics day.

BloodHound collects user logons in a somewhat non-intuitive way. In this video I try my best explain exactly how BloodHound's logon session collection works: https://t.co/4XQqJ0Zulq

🔗 https://www.youtube.com/watch?v=q86VgM2Tafc

🐥 [ tweet ]

😈 [ exploitph, Charlie Clark ]

Been working on some new features for PowerView, it's still a work in progress but just pushed a few, cert auth for LDAPS and StartTLS for Get-DomainObject, Get-DomainUser, Get-DomainComputer and Set-DomainObject 1/2

https://t.co/H9rrPiTZeD

🔗 https://github.com/0xe7/PowerSploit/blob/master/Recon/PowerView.ps1

🐥 [ tweet ]

😈 [ _RastaMouse, Rasta Mouse ]

[BLOG]
GPO WMI filters - how they can screw you over, and some ways to deal with them.

https://t.co/9kBZQlYw7D

🔗 https://rastamouse.me/ous-and-gpos-and-wmi-filters-oh-my/

🐥 [ tweet ]

😈 [ OscarAkaElvis, Óscar Alfonso Díaz ]

New Evil-WinRM release (v3.4). Released for the @uad360 cyber security event. C'mon @msftsecurity how about a new Defender signature? Let's dance 😁

https://t.co/PEwvSTxt8p

Thanks @CyberVaca_ @_Laox @arale61

#evilwinrm #winrm #hacking #pentesting

🔗 https://github.com/Hackplayers/evil-winrm

🐥 [ tweet ]

😈 [ 0xdf_, 0xdf ]

Meta is a fun box from @hackthebox_eu centered around image processing. There's exiftool and ImageMagick exploits, and then abusing environment variables with sudo neofetch.

https://t.co/dnavhTIrwF

🔗 https://0xdf.gitlab.io/2022/06/11/htb-meta.html

🐥 [ tweet ]

😈 [ ShitSecure, S3cur3Th1sSh1t ]

Made a short Video regarding to usage && feature denoscription for my Packer. Mostly for my Sponsors but maybe others will also find some interesting things in it as inspiration:
https://t.co/MsJ1sP0ZPt

🔗 https://www.youtube.com/watch?v=UHaIgdzqHDA

🐥 [ tweet ]