😈 [ DirectoryRanger, DirectoryRanger ]
From RPE to RCE - Workstation Takeover via RBCD and MR-RPC, by @gladiatx0r
https://t.co/k6JZznbLke
🔗 https://gist.github.com/gladiatx0r/1ffe59031d42c08603a3bde0ff678feb
🐥 [ tweet ]
From RPE to RCE - Workstation Takeover via RBCD and MR-RPC, by @gladiatx0r
https://t.co/k6JZznbLke
🔗 https://gist.github.com/gladiatx0r/1ffe59031d42c08603a3bde0ff678feb
🐥 [ tweet ]
👍1
😈 [ last0x00, last ]
I wrote a non technical post on my blog regarding cybersecurity, nihilistic behavior, and how to stay positive. Sometimes we need a reminder that, after all, things are not that bad.
https://t.co/OGl17xTwco
🔗 https://blog.notso.pro/2022-06-12-avoiding-cyber-nihilism/
🐥 [ tweet ]
I wrote a non technical post on my blog regarding cybersecurity, nihilistic behavior, and how to stay positive. Sometimes we need a reminder that, after all, things are not that bad.
https://t.co/OGl17xTwco
🔗 https://blog.notso.pro/2022-06-12-avoiding-cyber-nihilism/
🐥 [ tweet ]
🔥1
😈 [ NandanLohitaksh, Lohitaksh Nandan ]
Best ever Tools 🔧 for Bug Bounty Hunters...
→Amass
→Sublister
→Gauplus
→HTTPX
→Gf tool
→Kxss
→Sqlmap
→Commix
→Tplmap
→HYDRA
→John the ripper
→Burpsuite
→Arjun
→Paramspider
→NoSQLmap
→NMAP
→Nikto
→FFUF
→403-Bypass
→Gobuster
#bugbounty #cybersecurity
🐥 [ tweet ]
Best ever Tools 🔧 for Bug Bounty Hunters...
→Amass
→Sublister
→Gauplus
→HTTPX
→Gf tool
→Kxss
→Sqlmap
→Commix
→Tplmap
→HYDRA
→John the ripper
→Burpsuite
→Arjun
→Paramspider
→NoSQLmap
→NMAP
→Nikto
→FFUF
→403-Bypass
→Gobuster
#bugbounty #cybersecurity
🐥 [ tweet ]
👍2
😈 [ nas_bench, Nasreddine Bencherchali ]
In addition to the documented "-e/--exec" flag in #lolbas about the "wsl.exe" binary (https://t.co/OrgJ7c7o9N). We can also use the "--system" flag to run Linux (as root) /Windows commands.
wsl --system [Command]
🔗 https://lolbas-project.github.io/lolbas/OtherMSBinaries/Wsl/
🐥 [ tweet ]
In addition to the documented "-e/--exec" flag in #lolbas about the "wsl.exe" binary (https://t.co/OrgJ7c7o9N). We can also use the "--system" flag to run Linux (as root) /Windows commands.
wsl --system [Command]
🔗 https://lolbas-project.github.io/lolbas/OtherMSBinaries/Wsl/
🐥 [ tweet ]
😈 [ Flangvik, Melvin langvik ]
👀👀 @_RastaMouse https://t.co/QIeLHNngVz
🔗 https://training.zeropointsecurity.co.uk/courses/red-team-ops-II
🐥 [ tweet ]
👀👀 @_RastaMouse https://t.co/QIeLHNngVz
🔗 https://training.zeropointsecurity.co.uk/courses/red-team-ops-II
🐥 [ tweet ]
👍1
😈 [ reverseame, reverseame ]
The curious case of mavinject.exe https://t.co/UcUjZ2wsFR
🔗 https://fourcore.io/blogs/mavinject-curious-process-injection
🐥 [ tweet ]
The curious case of mavinject.exe https://t.co/UcUjZ2wsFR
🔗 https://fourcore.io/blogs/mavinject-curious-process-injection
🐥 [ tweet ]
👍1
😈 [ elkement, elkement ]
One more post about Microsoft's recent security updates - re changes to Kerberos and the new certificate extension containing the requester's SID: https://t.co/TbACZaFARl
🔗 https://elkement.blog/2022/06/13/defused-that-san-flag/
🐥 [ tweet ]
One more post about Microsoft's recent security updates - re changes to Kerberos and the new certificate extension containing the requester's SID: https://t.co/TbACZaFARl
🔗 https://elkement.blog/2022/06/13/defused-that-san-flag/
🐥 [ tweet ]
👍1
😈 [ ORCA10K, ORCA ]
just published "RelocAlloc", a poc to allocate memory for your shellcode, using .reloc section(s), avoiding VirtualAlloc and others
https://t.co/9UNT0aDnJJ
🔗 https://gitlab.com/ORCA666/relocalloc
🐥 [ tweet ]
just published "RelocAlloc", a poc to allocate memory for your shellcode, using .reloc section(s), avoiding VirtualAlloc and others
https://t.co/9UNT0aDnJJ
🔗 https://gitlab.com/ORCA666/relocalloc
🐥 [ tweet ]
👍1
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ x86matthew, x86matthew ]
ProcEnvInjection - Remote code injection by abusing process environment strings in CreateProcess.
Another method of injecting code into a remote process without using WriteProcessMemory. 🙂
https://t.co/PxaiiFVjV8
🔗 https://www.x86matthew.com/view_post?id=proc_env_injection
🐥 [ tweet ]
ProcEnvInjection - Remote code injection by abusing process environment strings in CreateProcess.
Another method of injecting code into a remote process without using WriteProcessMemory. 🙂
https://t.co/PxaiiFVjV8
🔗 https://www.x86matthew.com/view_post?id=proc_env_injection
🐥 [ tweet ]
👍2
😈 [ DebugPrivilege, • ]
The right answer:
I've seen lots of incomplete answers, but only a few people got it right. Also, no. We technically don't even need SeDebugPrivilege :)
🐥 [ tweet ][ quote ]
The right answer:
I've seen lots of incomplete answers, but only a few people got it right. Also, no. We technically don't even need SeDebugPrivilege :)
🐥 [ tweet ][ quote ]
😈 [ PortSwiggerRes, PortSwigger Research ]
Bypassing CSP with dangling iframes by @garethheyes
https://t.co/G3yPQQfYR2
🔗 https://portswigger.net/research/bypassing-csp-with-dangling-iframes
🐥 [ tweet ]
Bypassing CSP with dangling iframes by @garethheyes
https://t.co/G3yPQQfYR2
🔗 https://portswigger.net/research/bypassing-csp-with-dangling-iframes
🐥 [ tweet ]
👍1
😈 [ hasherezade, hasherezade ]
Updated #mal_unpack (v0.9.5) is ready! check it out: https://t.co/OCcdgd5AiO // (#PEsieve-based)
🔗 https://github.com/hasherezade/mal_unpack/releases
🐥 [ tweet ]
Updated #mal_unpack (v0.9.5) is ready! check it out: https://t.co/OCcdgd5AiO // (#PEsieve-based)
🔗 https://github.com/hasherezade/mal_unpack/releases
🐥 [ tweet ]
👍1
😈 [ Tyl0us, Matt Eidelberg ]
Small update to ScareCrow. Shoutout to @mariuszbit for the feature request. Check it out: https://t.co/VIQVnKd2tJ
#netsec #redteam #EDR #evasion
🔗 https://github.com/optiv/ScareCrow
🐥 [ tweet ]
Small update to ScareCrow. Shoutout to @mariuszbit for the feature request. Check it out: https://t.co/VIQVnKd2tJ
#netsec #redteam #EDR #evasion
🔗 https://github.com/optiv/ScareCrow
🐥 [ tweet ]
👍1
😈 [ tiraniddo, James Forshaw ]
The reason I didn't open my RCG bug last month was because MS didn't fix it correctly. As I found out before the 30 day patch soak time was up they got the remainder of the 90 days to really fix it. I guess we'll find out if they did or not soon enough😁https://t.co/YxbpQTR7La
🔗 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30150
🐥 [ tweet ]
The reason I didn't open my RCG bug last month was because MS didn't fix it correctly. As I found out before the 30 day patch soak time was up they got the remainder of the 90 days to really fix it. I guess we'll find out if they did or not soon enough😁https://t.co/YxbpQTR7La
🔗 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30150
🐥 [ tweet ]
👍1
😈 [ mariuszbit, Mariusz Banach ]
🔥Working hard on a public release of my Malware Dev CI/CD toolkit
☢️ProtectMyTooling - Multi-Packer, supporting 23+ obfuscators
☢️RedBackdoorer - PE shellcode injection via 6 techniques
☢️RedWatermarker - IOC injector for implants tracking
Already available to my sponsors 😁✨
🐥 [ tweet ]
🔥Working hard on a public release of my Malware Dev CI/CD toolkit
☢️ProtectMyTooling - Multi-Packer, supporting 23+ obfuscators
☢️RedBackdoorer - PE shellcode injection via 6 techniques
☢️RedWatermarker - IOC injector for implants tracking
Already available to my sponsors 😁✨
🐥 [ tweet ]
👍1
😈 [ 0gtweet, Grzegorz Tworek ]
A new tool has arrived! 😎
Somewhat like netstat, but with timestamps for connections!⏱
The C source code, and the compiled exe, as usual - https://t.co/dz7BOPzOpW
🔗 https://github.com/gtworek/PSBits/tree/master/NetstatWithTimestamps
🐥 [ tweet ]
A new tool has arrived! 😎
Somewhat like netstat, but with timestamps for connections!⏱
The C source code, and the compiled exe, as usual - https://t.co/dz7BOPzOpW
🔗 https://github.com/gtworek/PSBits/tree/master/NetstatWithTimestamps
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM