๐ [ 0xdf_, 0xdf ]
Really clever unintended solution to StreamIO from @xct_de!
https://t.co/lXQCr5y1D5
๐ https://www.youtube.com/watch?v=3utO6ys2Rhg&t=1130s
๐ฅ [ tweet ]
Really clever unintended solution to StreamIO from @xct_de!
https://t.co/lXQCr5y1D5
๐ https://www.youtube.com/watch?v=3utO6ys2Rhg&t=1130s
๐ฅ [ tweet ]
๐ [ SkelSec, SkelSec ]
My kerberoast project titled... kerberoast has been updated and now it's available on PIP and Github.
No new features, the update is necessary to support the new kerberos and auth libraries that the other libraries using
https://t.co/NtuRqt1oV1
Thx @buherator for the headsup
๐ https://github.com/skelsec/kerberoast
๐ฅ [ tweet ]
My kerberoast project titled... kerberoast has been updated and now it's available on PIP and Github.
No new features, the update is necessary to support the new kerberos and auth libraries that the other libraries using
https://t.co/NtuRqt1oV1
Thx @buherator for the headsup
๐ https://github.com/skelsec/kerberoast
๐ฅ [ tweet ]
๐ [ x86matthew, x86matthew ]
Exploiting a Seagate service to create a SYSTEM shell (CVE-2022-40286)
A brief overview of reverse-engineering a Windows service to discover local privilege escalation exploits.
https://t.co/zKLvaYzryf
๐ https://www.x86matthew.com/view_post?id=windows_seagate_lpe
๐ฅ [ tweet ]
Exploiting a Seagate service to create a SYSTEM shell (CVE-2022-40286)
A brief overview of reverse-engineering a Windows service to discover local privilege escalation exploits.
https://t.co/zKLvaYzryf
๐ https://www.x86matthew.com/view_post?id=windows_seagate_lpe
๐ฅ [ tweet ]
๐น [ snovvcrash, sn๐ฅถvvcr๐ฅsh ]
Making @ShitSecureโs dream of in-memory #LaZagne come true here ๐ Kudos to @naksyn and his awesome #Pyramid project ๐ฅ๐
P. S. Also fixed #KeeThief execution within LaZagne for Python 3
๐ฅ [ tweet ]
Making @ShitSecureโs dream of in-memory #LaZagne come true here ๐ Kudos to @naksyn and his awesome #Pyramid project ๐ฅ๐
P. S. Also fixed #KeeThief execution within LaZagne for Python 3
๐ฅ [ tweet ]
๐ [ splinter_code, Antonio Cocomazzi ]
#JuicyPotato is back! ๐ฅ
Get instant SYSTEM access if you have SeImpersonate or SeAssignPrimaryToken privs!
Checkout our new #JuicyPotatoNG ๐
https://t.co/mqB9dZ3YCA
cc @decoder_it
๐ https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong
๐ฅ [ tweet ]
#JuicyPotato is back! ๐ฅ
Get instant SYSTEM access if you have SeImpersonate or SeAssignPrimaryToken privs!
Checkout our new #JuicyPotatoNG ๐
https://t.co/mqB9dZ3YCA
cc @decoder_it
๐ https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong
๐ฅ [ tweet ]
๐ [ ORCx41, ORCA ]
ever wanted to replace FindResource, LoadResource, LockResource, SizeofResource...
well, now you can :
https://t.co/Xl9F56pd4p
๐ https://github.com/ORCx41/ManualRsrcDataFetching
๐ฅ [ tweet ]
ever wanted to replace FindResource, LoadResource, LockResource, SizeofResource...
well, now you can :
https://t.co/Xl9F56pd4p
๐ https://github.com/ORCx41/ManualRsrcDataFetching
๐ฅ [ tweet ]
๐ [ mariuszbit, mgeeky | Mariusz Banach ]
๐ฆ If you wish to understand what's causing your AMSI detection - whether VBA or WSH, you might check out Matt Graeber's @mattifestation AMSITools.ps1.
I crafted up HOWTO and a helper script that uses his brilliant work to pull AMSI events:
https://t.co/gOjTGuXUSZ
๐ https://github.com/mgeeky/Penetration-Testing-Tools/tree/master/red-teaming/AMSITools
๐ฅ [ tweet ]
๐ฆ If you wish to understand what's causing your AMSI detection - whether VBA or WSH, you might check out Matt Graeber's @mattifestation AMSITools.ps1.
I crafted up HOWTO and a helper script that uses his brilliant work to pull AMSI events:
https://t.co/gOjTGuXUSZ
๐ https://github.com/mgeeky/Penetration-Testing-Tools/tree/master/red-teaming/AMSITools
๐ฅ [ tweet ]
๐ [ zux0x3a, Lawrence ๅๅซๆฏ ]
https://t.co/WWoC7jw9Pi
๐ https://github.com/cepxeo/dll4shell
๐ฅ [ tweet ]
https://t.co/WWoC7jw9Pi
๐ https://github.com/cepxeo/dll4shell
๐ฅ [ tweet ]
ะะต ะผะพะณั ะฝะต ะฟะพัะตะบะพะผะตะฝะดะพะฒะฐัั ะฟะพะดะฟะธััะฒะฐัััั ะฝะฐ @s0i37_channel, ัะฐะบ ะบะฐะบ ัะถะต ะฟัะตะดััะฒััะฒัั ะณะพะดะฝะพัั ะพั @s0i37. ะ ัะพะถะฐะปะตะฝะธั, ะผั ะฝะต ะทะฝะฐะบะพะผั ะปะธัะฝะพ, ะฝะพ ะตะณะพ ัะฐะฑะพัั ะฒะพัั
ะธัะฐัั.
ะะพะต ะปัะฑะธะผะพะต โ ััะพ:
- https://xakep.ru/2020/06/17/windows-mitm/
- https://github.com/s0i37/lateral
ะะพะต ะปัะฑะธะผะพะต โ ััะพ:
- https://xakep.ru/2020/06/17/windows-mitm/
- https://github.com/s0i37/lateral
๐ฅ4๐2
๐ [ Six2dez1, Six2dez ]
This is a superb article for pentesting Cisco networks
https://t.co/spiVfvLyQm
๐ https://medium.com/@in9uz/cisco-nightmare-pentesting-cisco-networks-like-a-devil-f4032eb437b9
๐ฅ [ tweet ]
This is a superb article for pentesting Cisco networks
https://t.co/spiVfvLyQm
๐ https://medium.com/@in9uz/cisco-nightmare-pentesting-cisco-networks-like-a-devil-f4032eb437b9
๐ฅ [ tweet ]
๐ฅ3
๐ [ NationalCyberS1, National Cyber Security Services ]
LinWinPwn:- A bash script that automates a number of Active Directory Enumeration and Vulnerability checks.
Link:https://t.co/pR8suEn8PZ
#hacking #bugbountytips #informationsecurity #cybersecurity #infosec #cybersecuritytips #Ethicalhacking #Pentesting
https://t.co/uJj502OabP
๐ https://github.com/lefayjey/linWinPwn
๐ https://ncybersecurity.com
๐ฅ [ tweet ]
LinWinPwn:- A bash script that automates a number of Active Directory Enumeration and Vulnerability checks.
Link:https://t.co/pR8suEn8PZ
#hacking #bugbountytips #informationsecurity #cybersecurity #infosec #cybersecuritytips #Ethicalhacking #Pentesting
https://t.co/uJj502OabP
๐ https://github.com/lefayjey/linWinPwn
๐ https://ncybersecurity.com
๐ฅ [ tweet ]
๐ [ HackerOtter, OtterHacker ]
Muscle up your game with Kerberos. Abuse tickets and Kerberos extensions to elevate your privileges.
I've built a small lab around the S4U2Self Abuse :
https://t.co/8GSnJuLJcf
Find all you need here :
https://t.co/hXkRocpkSX
Thanks @pentest_swissky for the help on ansible !
๐ https://github.com/OtterHacker/LabS4U2Self
๐ https://otterhacker.github.io/Pentest/Services/Kerberos.html
๐ฅ [ tweet ]
Muscle up your game with Kerberos. Abuse tickets and Kerberos extensions to elevate your privileges.
I've built a small lab around the S4U2Self Abuse :
https://t.co/8GSnJuLJcf
Find all you need here :
https://t.co/hXkRocpkSX
Thanks @pentest_swissky for the help on ansible !
๐ https://github.com/OtterHacker/LabS4U2Self
๐ https://otterhacker.github.io/Pentest/Services/Kerberos.html
๐ฅ [ tweet ]
๐ [ redteamfieldman, RTFM ]
Doing some end of the week research on command and control platforms and ran across a couple great resources. @c2_matrix #C2 #RedTeam
https://t.co/3VPtAFW9sK
https://t.co/SV1nZkJuD7
๐ https://www.thec2matrix.com/matrix
๐ https://github.com/tcostam/awesome-command-control
๐ฅ [ tweet ]
Doing some end of the week research on command and control platforms and ran across a couple great resources. @c2_matrix #C2 #RedTeam
https://t.co/3VPtAFW9sK
https://t.co/SV1nZkJuD7
๐ https://www.thec2matrix.com/matrix
๐ https://github.com/tcostam/awesome-command-control
๐ฅ [ tweet ]
๐ [ an0n_r0, an0n ]
EVERYTHING about relaying attacks by @vendetce. Just scrolled through the slides (here: https://t.co/c4187R98AQ), still watching the video, awesome content. Thanks for this broad comprehensive presentation! ๐๐๐ https://t.co/MMIgE6xboY
๐ https://www.blackhillsinfosec.com/wp-content/uploads/2022/09/Coercions-and-Relays-The-First-Cred-is-the-Deepest.pdf
๐ https://youtu.be/b0lLxLJKaRs
๐ฅ [ tweet ][ quote ]
EVERYTHING about relaying attacks by @vendetce. Just scrolled through the slides (here: https://t.co/c4187R98AQ), still watching the video, awesome content. Thanks for this broad comprehensive presentation! ๐๐๐ https://t.co/MMIgE6xboY
๐ https://www.blackhillsinfosec.com/wp-content/uploads/2022/09/Coercions-and-Relays-The-First-Cred-is-the-Deepest.pdf
๐ https://youtu.be/b0lLxLJKaRs
๐ฅ [ tweet ][ quote ]
Offensive Xwitter
๐ [ an0n_r0, an0n ] EVERYTHING about relaying attacks by @vendetce. Just scrolled through the slides (here: https://t.co/c4187R98AQ), still watching the video, awesome content. Thanks for this broad comprehensive presentation! ๐๐๐ https://t.co/MMIgE6xboYโฆ
Coercions-and-Relays-The-First-Cred-is-the-Deepest.pdf
2.6 MB