😈 [ 0gtweet, Grzegorz Tworek ]
Didn't described it precisely so far:
If you put 'mpnotify' value into the HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, your exe will be launched by winlogon.exe when user logs on. After 30s the process will be terminated.
https://t.co/36luTJ3vqB
🔗 https://persistence-info.github.io/Data/mpnotify.html
🐥 [ tweet ]
Didn't described it precisely so far:
If you put 'mpnotify' value into the HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, your exe will be launched by winlogon.exe when user logs on. After 30s the process will be terminated.
https://t.co/36luTJ3vqB
🔗 https://persistence-info.github.io/Data/mpnotify.html
🐥 [ tweet ]
😈 [ m3g9tr0n, Spiros Fraganastasis ]
Malware Mutation Using Reinforcement Learning and Generative Adversarial Networks https://t.co/WxPdaOEkhj
🔗 https://github.com/CyberForce/Pesidious
🐥 [ tweet ]
Malware Mutation Using Reinforcement Learning and Generative Adversarial Networks https://t.co/WxPdaOEkhj
🔗 https://github.com/CyberForce/Pesidious
🐥 [ tweet ]
👹 [ snovvcrash, sn🥶vvcr💥sh ]
[#Tooling ⚔️] Inspired by @s4ntiago_p and NanoDump I’ve fully switched to API Hashing for Windows API and syscalls resolution in DInjector. A quick re-hashing can be performed before compilation with a Python noscript.
🐥 [ tweet ]
[#Tooling ⚔️] Inspired by @s4ntiago_p and NanoDump I’ve fully switched to API Hashing for Windows API and syscalls resolution in DInjector. A quick re-hashing can be performed before compilation with a Python noscript.
🐥 [ tweet ]
😈 [ Cx01N_, Cx01N ]
This is great!
https://t.co/xkvlT03Wf1
🔗 https://github.com/NARKOZ/hacker-noscripts
🐥 [ tweet ]
This is great!
https://t.co/xkvlT03Wf1
🔗 https://github.com/NARKOZ/hacker-noscripts
🐥 [ tweet ]
😈 [ _nwodtuhs, Charlie Bromberg (Shutdown) ]
After 4 months of testing/peer-review and the PR being in draft, dacledit is now ready for official review and merge in Impacket 💪 This noscript can be used to read, write, remove, backup, restore ACEs in an object's DACL, see you soon when merged 😊
https://t.co/nQGZy1dnbR
🔗 https://github.com/SecureAuthCorp/impacket/pull/1291
🐥 [ tweet ]
After 4 months of testing/peer-review and the PR being in draft, dacledit is now ready for official review and merge in Impacket 💪 This noscript can be used to read, write, remove, backup, restore ACEs in an object's DACL, see you soon when merged 😊
https://t.co/nQGZy1dnbR
🔗 https://github.com/SecureAuthCorp/impacket/pull/1291
🐥 [ tweet ]
😈 [ lpha3ch0, Steve Campbell ]
My latest blog post, Pivoting for Pentesters https://t.co/9N1gxtdJXn #infosec #pentest #redteam
🔗 https://www.stevencampbell.info/Pivoting-for-pentesters/
🐥 [ tweet ]
My latest blog post, Pivoting for Pentesters https://t.co/9N1gxtdJXn #infosec #pentest #redteam
🔗 https://www.stevencampbell.info/Pivoting-for-pentesters/
🐥 [ tweet ]
😈 [ ReconOne_, ReconOne ]
Shodan Dork in Manual mode - Part 1
Now that you all have Shodan membership it's time to try Shodan Dorks 👀👇
Credits: @securitytrails
#recon #Shodan #attacksurface #bugbountytips #BugBounty #cybersecurity
🐥 [ tweet ]
Shodan Dork in Manual mode - Part 1
Now that you all have Shodan membership it's time to try Shodan Dorks 👀👇
Credits: @securitytrails
#recon #Shodan #attacksurface #bugbountytips #BugBounty #cybersecurity
🐥 [ tweet ]
😈 [ C5pider, 5pider ]
CoffeeLdr
A Beacon Object File Loader
https://t.co/vD2QlGhLov
🔗 https://github.com/Cracked5pider/CoffeeLdr
🐥 [ tweet ]
CoffeeLdr
A Beacon Object File Loader
https://t.co/vD2QlGhLov
🔗 https://github.com/Cracked5pider/CoffeeLdr
🐥 [ tweet ]
😈 [ i_bo0om, Bo0oM ]
20 years of payment processing problems
Ru: https://t.co/Xp81RFL9hQ
En: https://t.co/aDep1kdgyu
🔗 https://bo0om.ru/20-years-of-payment-processing-problems
🔗 https://bo0om.ru/20-years-of-payment-processing-problems-en
🐥 [ tweet ]
20 years of payment processing problems
Ru: https://t.co/Xp81RFL9hQ
En: https://t.co/aDep1kdgyu
🔗 https://bo0om.ru/20-years-of-payment-processing-problems
🔗 https://bo0om.ru/20-years-of-payment-processing-problems-en
🐥 [ tweet ]
😈 [ mpgn_x64, mpgn ]
I just merged one of the most craziest module in CrackMapExec called "hash_spider" from @hackerm00n 🚀
With an initial admin access, it will dump lsass recursively using BloodHound to find local admins path (adminTo) to harvest more users and find new paths until DA 🔥
🪂
🐥 [ tweet ]
I just merged one of the most craziest module in CrackMapExec called "hash_spider" from @hackerm00n 🚀
With an initial admin access, it will dump lsass recursively using BloodHound to find local admins path (adminTo) to harvest more users and find new paths until DA 🔥
🪂
🐥 [ tweet ]
😈 [ an0n_r0, an0n ]
elevated CVE-2022-30166 EoP to SYSTEM. the work was done by @tiraniddo, here I just modified their PoC for getting TGT dump, did some custom ticket conversion stuff then RBCD attack with the machine Kerberos TGT. works only if AllowTgtSessionKey (non-default) is enabled.
🐥 [ tweet ][ quote ]
elevated CVE-2022-30166 EoP to SYSTEM. the work was done by @tiraniddo, here I just modified their PoC for getting TGT dump, did some custom ticket conversion stuff then RBCD attack with the machine Kerberos TGT. works only if AllowTgtSessionKey (non-default) is enabled.
🐥 [ tweet ][ quote ]
😈 [ _RastaMouse, Rasta Mouse ]
I spent some of time I was glued to my chair with sweat to put rportfwd into SharpC2 as well.
🔗 https://github.com/SharpC2/SharpC2/tree/dev
🐥 [ tweet ]
I spent some of time I was glued to my chair with sweat to put rportfwd into SharpC2 as well.
🔗 https://github.com/SharpC2/SharpC2/tree/dev
🐥 [ tweet ]
😈 [ CoreAdvisories, CoreLabs Research ]
Get an in-depth analysis of recent #Windows #vulnerability, CVE-2022-22029> from cybersecurity expert and #exploit writer @ricnar456
https://t.co/i4nyYDiapH
🔗 https://www.coresecurity.com/core-labs/articles/analysis-cve-2022-22029-windows-network-file-system-vulnerability
🐥 [ tweet ]
Get an in-depth analysis of recent #Windows #vulnerability, CVE-2022-22029> from cybersecurity expert and #exploit writer @ricnar456
https://t.co/i4nyYDiapH
🔗 https://www.coresecurity.com/core-labs/articles/analysis-cve-2022-22029-windows-network-file-system-vulnerability
🐥 [ tweet ]
😈 [ HuskyHacksMK, Matt | HuskyHacks ]
Confirmed that the new Apache Spark OS Command Injection works 🎆
CVE-2022-33891 Apache Spark Shell Command Injection Vulnerability (disc. by Kostya Kortchinsky, not me)
Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1
POC soon!
🐥 [ tweet ]
Confirmed that the new Apache Spark OS Command Injection works 🎆
CVE-2022-33891 Apache Spark Shell Command Injection Vulnerability (disc. by Kostya Kortchinsky, not me)
Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1
POC soon!
🐥 [ tweet ]
😈 [ HuskyHacksMK, Matt | HuskyHacks ]
🐍My Python POC for CVE-2022-33891, Apache Spark OS Command Injection Vulnerability
hacky, slapdash, just the way I like it
Can check if a target is vuln, do a quick reverse shell, and even has an "Interactive" mode!
comes with a vuln version of Spark
https://t.co/bOXMlXYmzd
🔗 https://github.com/HuskyHacks/cve-2022-33891
🐥 [ tweet ]
🐍My Python POC for CVE-2022-33891, Apache Spark OS Command Injection Vulnerability
hacky, slapdash, just the way I like it
Can check if a target is vuln, do a quick reverse shell, and even has an "Interactive" mode!
comes with a vuln version of Spark
https://t.co/bOXMlXYmzd
🔗 https://github.com/HuskyHacks/cve-2022-33891
🐥 [ tweet ]