NEW BOT Телеграм, страница

Forwarded from RedTeam brazzers (Миша)

Всем привет!

Делюсь презентацией с Underconf :)) запись будет чуть позже

👾7

1.06K views13:58

Through the Cortex XDR Lens: Uncovering a New Activity Group Targeting Governments in the Middle East and Africa

Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite

#Chinese #APT

👾3

1.12K views05:13

ＳｅｃＮｏｔｅ

New LockBit 5.0 Targets Windows, Linux, ESXi

LockBit 5.0 Ransomware – Analysis, How It Works, and What to Do If You’re Hit

#lockbit

👾3

1.17K views05:25

ＳｅｃＮｏｔｅ

Forwarded from Source Byte

Exposing CharmingKitten's malicious activity for IRGC-IO devision Counterintelligence devision (1500)

https://github.com/KittenBusters/CharmingKitten

👾3

945 views06:04

ＳｅｃＮｏｔｅ

How to kill AV/EDR (of different kinds) with a couple of clicks

Requirements:
- Admin rights on the machine;
- Ability to deliver procmon.
And then everything is more than straightforward.

1. Enable the "EnableBootLogging" feature;
2. Create a symbolic link:
mklink C:\Windows\Procmon.pmb "<Full path to the file that needs to be overwritten>"
3. Reboot the machine.

Magic happens.

More details:
https://www.zerosalarium.com/2025/09/Break-Protective-Shell-Windows-Defender-Folder-Redirect-Technique-Symlink.html

👾7

1.38K views18:13

ＳｅｃＮｏｔｅ

Recent additions to LOLBAS-Project.github.io:

• iscsicpl.exe for DLL exec+UAC bypass
• eudcedit.exe for UAC bypass
• reset.exe/change.exe/query.exe for proxy exec
• pixtool.exe/applauncher.exe/mpiexec.exe for dev tool proxy exec

👾6

1.29K views22:06

ＳｅｃＮｏｔｅ

Game Hacking - Valve Anti-Cheat (VAC)

#gh

👾10

2.07K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 21:13

ＳｅｃＮｏｔｅ

NET R&D Digest (September, 2025)
Oleg Karasik .NET R&D Digest October 3, 2025 6 Minutes

The summer is over, September is left behind and .NET 10 is coming closer and closer (in fact, it is so close that Stephen Toub has already published his amazing “Performance Improvements in .NET 10” novel), which means it is just about time to read something new about the upcoming release (for instance, the great “Exploring the .NET 10 preview” series by Andrew Lock).

However, if, by any chance, you are interested in something besides .NET 10, then this issue of .NET R&D Digest is here to provide you with various bits of software development 🙂

This issue includes bits of AI, software development, learning, C#, performance, security, C, programming languages, ruby, and of course .NET and .NET Internals.

#guide

👾4

1.05K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, edited 11:48

ＳｅｃＮｏｔｅ

Bypassing Enrollment Restrictions to Break BYOD Barriers in Intune (bring your own device)

Ways of device ownership spoofing and more for persistent access to Intune

This byod is not that byod😅

👾9

2.37K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, edited 16:43

ＳｅｃＮｏｔｅ

Forwarded from Order of Six Angles

ANALYZING WINPMEM DRIVER VULNERABILITIES

https://static.ernw.de/whitepaper/ERNW_White_Paper_73-Analyzing_WinpMem_Driver_Vulnerabilities_1.0_signed.pdf

👾1

1.04K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, 05:53

ＳｅｃＮｏｔｅ

Do we have to say goodbye to DLL hijacking?

#ml

👾3

2.26K views‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌P҉d҉y҉👾, edited 08:13

ＳｅｃＮｏｔｅ

Forwarded from 1N73LL1G3NC3

OWA Pentest Guide

В статье разобраны все основные атаки и уязвимости OWA и MS Exchange:

• OSINT
• Password spraying
• GAL/OAB
• Архитектура работы
• ZDI-CAN-22101
• OWA CAP Bypass
• CVE-2020-0688
• ProxyLogon
• CVE-2021-26855 - Pre-auth SSRF
• CVE-2021-27065 - Post-auth Arbitrary-File-Write
• ProxyOracle
• CVE-2021-31196 - The Padding Oracle
• CVE-2021-31195 - XSS
• Обход HttpOnly
• ProxyShell
• CVE-2021-34473 - Pre-auth Path Confusion leads to ACL Bypass
• CVE-2021-34523 - Exchange PowerShell Backend Elevation-of-Privilege
• CVE-2021-31207 - Post-auth Arbitrary-File-Write
• ProxyNotShell
• ProxyRelay
• Relay атаки