π [ ippsec, ippsec ]
Uploaded a video on detecting Responder when it is setup to respond to LLMNR Requests. Nothing fancy, and there are tools that have done this for a long time like Respounder. However, we keep it simple with just powershell and a scheduled task https://t.co/0DOccIhMHF
π https://youtu.be/h_cWWL-yyb0
π₯ [ tweet ]
Uploaded a video on detecting Responder when it is setup to respond to LLMNR Requests. Nothing fancy, and there are tools that have done this for a long time like Respounder. However, we keep it simple with just powershell and a scheduled task https://t.co/0DOccIhMHF
π https://youtu.be/h_cWWL-yyb0
π₯ [ tweet ]
π [ _choisec, Sunggwan Choi ]
New blog post:
https://t.co/68Epz4z0ke
poc Github:
https://t.co/fGbKBZjsv4
Blogged about recreating/simulating an MSI payload from the recent ASEC's blog post(https://t.co/g7KSbhg4tj) and @HuskyHacksMK 's blog post(https://t.co/F7T8DoE6ec). Learned MSI payload generation.
π https://blog.sunggwanchoi.com/recreating-a-msi-payload-for-fun-and-no-profit/
π https://github.com/ChoiSG/GwisinMsi
π https://asec.ahnlab.com/en/37483/
π https://notes.huskyhacks.dev/notes/ms-interloper-on-the-subject-of-malicious-msis
π₯ [ tweet ]
New blog post:
https://t.co/68Epz4z0ke
poc Github:
https://t.co/fGbKBZjsv4
Blogged about recreating/simulating an MSI payload from the recent ASEC's blog post(https://t.co/g7KSbhg4tj) and @HuskyHacksMK 's blog post(https://t.co/F7T8DoE6ec). Learned MSI payload generation.
π https://blog.sunggwanchoi.com/recreating-a-msi-payload-for-fun-and-no-profit/
π https://github.com/ChoiSG/GwisinMsi
π https://asec.ahnlab.com/en/37483/
π https://notes.huskyhacks.dev/notes/ms-interloper-on-the-subject-of-malicious-msis
π₯ [ tweet ]
π [ Markak_, Zhenpeng Lin ]
I just released the #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable. Feel free to check it out at https://t.co/IUuvuoLUbX!
π https://github.com/Markakd/CVE-2022-2588
π₯ [ tweet ]
I just released the #DirtyCred version of exploit to CVE-2022-2588 (an 8-year-old bug) along with a brief write-up. Ideally, the exploit could work on different distros if the kernel is vulnerable. Feel free to check it out at https://t.co/IUuvuoLUbX!
π https://github.com/Markakd/CVE-2022-2588
π₯ [ tweet ]
π [ pdiscoveryio, ProjectDiscovery.io ]
A Guide to DNS Takeovers: The Misunderstood Cousin of Subdomain Takeovers by @pry0cc / @hakluke
https://t.co/E25vgmyCN4
#hackwithautomation #security #bugbounty
π https://blog.projectdiscovery.io/guide-to-dns-takeovers/
π₯ [ tweet ]
A Guide to DNS Takeovers: The Misunderstood Cousin of Subdomain Takeovers by @pry0cc / @hakluke
https://t.co/E25vgmyCN4
#hackwithautomation #security #bugbounty
π https://blog.projectdiscovery.io/guide-to-dns-takeovers/
π₯ [ tweet ]
πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
Iβm not a big fan of the Cyberpunk 2077 game itself but these new #Edgerunners series are surprisingly very cool and full of the classic βhigh tech, low lifeβ spirit π€€
π₯ [ tweet ]
Iβm not a big fan of the Cyberpunk 2077 game itself but these new #Edgerunners series are surprisingly very cool and full of the classic βhigh tech, low lifeβ spirit π€€
π₯ [ tweet ]
ΡΠ΅Π°Π»ΡΠ½ΠΎ ΡΡΠΏΠ΅Ρ ΡΠΎΠΏ, Π·Π°ΡΠ΅Π½ΠΈΡΠ΅π₯5
π [ LittleJoeTables, Moloch ]
I've collected a few community tutorials/guides/resources for Sliver, feel free to send us more!
https://t.co/FRiBbHpVWa
π https://github.com/BishopFox/sliver/wiki/Community-Guides
π₯ [ tweet ]
I've collected a few community tutorials/guides/resources for Sliver, feel free to send us more!
https://t.co/FRiBbHpVWa
π https://github.com/BishopFox/sliver/wiki/Community-Guides
π₯ [ tweet ]
π [ gregdarwin, Greg Darwin ]
Cobalt Strike 4.7.1 is live. This is a patch release to fix an issue with the sleep mask, and a vulnerability in the teamserver. Full details on the blog: https://t.co/Jug1Qg3ede
If you may want to revert back to 4.7 at some point, make a backup of your CS folder before updating.
π https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-1/
π₯ [ tweet ]
Cobalt Strike 4.7.1 is live. This is a patch release to fix an issue with the sleep mask, and a vulnerability in the teamserver. Full details on the blog: https://t.co/Jug1Qg3ede
If you may want to revert back to 4.7 at some point, make a backup of your CS folder before updating.
π https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-1/
π₯ [ tweet ]
π [ 0xdf_, 0xdf ]
Really clever unintended solution to StreamIO from @xct_de!
https://t.co/lXQCr5y1D5
π https://www.youtube.com/watch?v=3utO6ys2Rhg&t=1130s
π₯ [ tweet ]
Really clever unintended solution to StreamIO from @xct_de!
https://t.co/lXQCr5y1D5
π https://www.youtube.com/watch?v=3utO6ys2Rhg&t=1130s
π₯ [ tweet ]
π [ SkelSec, SkelSec ]
My kerberoast project titled... kerberoast has been updated and now it's available on PIP and Github.
No new features, the update is necessary to support the new kerberos and auth libraries that the other libraries using
https://t.co/NtuRqt1oV1
Thx @buherator for the headsup
π https://github.com/skelsec/kerberoast
π₯ [ tweet ]
My kerberoast project titled... kerberoast has been updated and now it's available on PIP and Github.
No new features, the update is necessary to support the new kerberos and auth libraries that the other libraries using
https://t.co/NtuRqt1oV1
Thx @buherator for the headsup
π https://github.com/skelsec/kerberoast
π₯ [ tweet ]
π [ x86matthew, x86matthew ]
Exploiting a Seagate service to create a SYSTEM shell (CVE-2022-40286)
A brief overview of reverse-engineering a Windows service to discover local privilege escalation exploits.
https://t.co/zKLvaYzryf
π https://www.x86matthew.com/view_post?id=windows_seagate_lpe
π₯ [ tweet ]
Exploiting a Seagate service to create a SYSTEM shell (CVE-2022-40286)
A brief overview of reverse-engineering a Windows service to discover local privilege escalation exploits.
https://t.co/zKLvaYzryf
π https://www.x86matthew.com/view_post?id=windows_seagate_lpe
π₯ [ tweet ]
πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
Making @ShitSecureβs dream of in-memory #LaZagne come true here π Kudos to @naksyn and his awesome #Pyramid project π₯π
P. S. Also fixed #KeeThief execution within LaZagne for Python 3
π₯ [ tweet ]
Making @ShitSecureβs dream of in-memory #LaZagne come true here π Kudos to @naksyn and his awesome #Pyramid project π₯π
P. S. Also fixed #KeeThief execution within LaZagne for Python 3
π₯ [ tweet ]
π [ splinter_code, Antonio Cocomazzi ]
#JuicyPotato is back! π₯
Get instant SYSTEM access if you have SeImpersonate or SeAssignPrimaryToken privs!
Checkout our new #JuicyPotatoNG π
https://t.co/mqB9dZ3YCA
cc @decoder_it
π https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong
π₯ [ tweet ]
#JuicyPotato is back! π₯
Get instant SYSTEM access if you have SeImpersonate or SeAssignPrimaryToken privs!
Checkout our new #JuicyPotatoNG π
https://t.co/mqB9dZ3YCA
cc @decoder_it
π https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong
π₯ [ tweet ]
π [ ORCx41, ORCA ]
ever wanted to replace FindResource, LoadResource, LockResource, SizeofResource...
well, now you can :
https://t.co/Xl9F56pd4p
π https://github.com/ORCx41/ManualRsrcDataFetching
π₯ [ tweet ]
ever wanted to replace FindResource, LoadResource, LockResource, SizeofResource...
well, now you can :
https://t.co/Xl9F56pd4p
π https://github.com/ORCx41/ManualRsrcDataFetching
π₯ [ tweet ]
π [ mariuszbit, mgeeky | Mariusz Banach ]
π¦ If you wish to understand what's causing your AMSI detection - whether VBA or WSH, you might check out Matt Graeber's @mattifestation AMSITools.ps1.
I crafted up HOWTO and a helper script that uses his brilliant work to pull AMSI events:
https://t.co/gOjTGuXUSZ
π https://github.com/mgeeky/Penetration-Testing-Tools/tree/master/red-teaming/AMSITools
π₯ [ tweet ]
π¦ If you wish to understand what's causing your AMSI detection - whether VBA or WSH, you might check out Matt Graeber's @mattifestation AMSITools.ps1.
I crafted up HOWTO and a helper script that uses his brilliant work to pull AMSI events:
https://t.co/gOjTGuXUSZ
π https://github.com/mgeeky/Penetration-Testing-Tools/tree/master/red-teaming/AMSITools
π₯ [ tweet ]
π [ zux0x3a, Lawrence εε«ζ― ]
https://t.co/WWoC7jw9Pi
π https://github.com/cepxeo/dll4shell
π₯ [ tweet ]
https://t.co/WWoC7jw9Pi
π https://github.com/cepxeo/dll4shell
π₯ [ tweet ]