π [ n00py1, n00py ]
Web vulns you should look for on an internal pentest: XXE.
We often think of XXE as a way to read local files, but you can also use it to coerce auth. HTTP NTLM does not request signing so you can easily relay it to LDAP. Web service accounts are often over permissioned.
π₯ [ tweet ]
Web vulns you should look for on an internal pentest: XXE.
We often think of XXE as a way to read local files, but you can also use it to coerce auth. HTTP NTLM does not request signing so you can easily relay it to LDAP. Web service accounts are often over permissioned.
π₯ [ tweet ]
π [ HackerGautam, Frooti ]
Not only crawling but you can do Subdomain Enumeration using Wayback.
β¬οΈ
curl --insecure --silent "http://web.archive.org/cdx/search/cdx" | sed -e 's_https*://__' -e "s/\/.*//" -e 's/:.*//' -e 's/^www\.//' | sed "/@/d" | sed -e 's/\.$//' | sort -u
#bugbounty #hacking #infosec
π₯ [ tweet ]
Not only crawling but you can do Subdomain Enumeration using Wayback.
β¬οΈ
curl --insecure --silent "http://web.archive.org/cdx/search/cdx" | sed -e 's_https*://__' -e "s/\/.*//" -e 's/:.*//' -e 's/^www\.//' | sed "/@/d" | sed -e 's/\.$//' | sort -u
#bugbounty #hacking #infosec
π₯ [ tweet ]
πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
This is how easter eggs are found π @_nwodtuhs @podalirius_
π₯ [ tweet ]
This is how easter eggs are found π @_nwodtuhs @podalirius_
π₯ [ tweet ]
π₯2
π [ ORCx41, ORCA ]
decided to release this, a highly capable pe packer, with a lot of nice features
https://t.co/iedhKbTlzm
π https://github.com/ORCx41/AtomPePacker
π₯ [ tweet ]
decided to release this, a highly capable pe packer, with a lot of nice features
https://t.co/iedhKbTlzm
π https://github.com/ORCx41/AtomPePacker
π₯ [ tweet ]
π [ g0h4n_0, g0h4n ]
Today I share with you #RustHoundπ¦. A new AD collector written in #Rust for #BloodHound!
It is cross-platform, cross-compiled and generates all json files needed.
Other modules will be available as under development!π₯
Hope you will enjoy it!
https://t.co/bxjCVyocfv https://t.co/8jEcSuEdEj
π https://github.com/OPENCYBER-FR/RustHound
π₯ [ tweet ][ quote ]
Today I share with you #RustHoundπ¦. A new AD collector written in #Rust for #BloodHound!
It is cross-platform, cross-compiled and generates all json files needed.
Other modules will be available as under development!π₯
Hope you will enjoy it!
https://t.co/bxjCVyocfv https://t.co/8jEcSuEdEj
π https://github.com/OPENCYBER-FR/RustHound
π₯ [ tweet ][ quote ]
π [ pdiscoveryio, ProjectDiscovery.io ]
The Ultimate Guide to Finding Bugs With Nuclei by @v3natoris
https://t.co/2GY3QZlTft
#hackwithautomation #cybersecurity #infosec #bugbounty
π https://blog.projectdiscovery.io/ultimate-nuclei-guide/
π₯ [ tweet ]
The Ultimate Guide to Finding Bugs With Nuclei by @v3natoris
https://t.co/2GY3QZlTft
#hackwithautomation #cybersecurity #infosec #bugbounty
π https://blog.projectdiscovery.io/ultimate-nuclei-guide/
π₯ [ tweet ]
π [ FortaliceLLC, Fortalice Solutions ]
NTLM Relaying to SCCM for the win πππ Fortalice's @Tw1sm just added SCCM support to NtlmRelayX. Check out the PR at: https://t.co/hWfNeiuqxp
π https://github.com/SecureAuthCorp/impacket/pull/1425
π₯ [ tweet ]
NTLM Relaying to SCCM for the win πππ Fortalice's @Tw1sm just added SCCM support to NtlmRelayX. Check out the PR at: https://t.co/hWfNeiuqxp
π https://github.com/SecureAuthCorp/impacket/pull/1425
π₯ [ tweet ]
π [ mpgn_x64, mpgn ]
New update on CrackMapExec π½
β‘οΈ Upload/download with MSSQL -guervild
β‘οΈ Exploit KeePass (discover, trigger) @d3lb3_ π₯
β‘οΈ ACL read with LDAP @BlWasp_
β‘οΈ Check ntlmv1 (postex) @Tw1sm
β‘οΈ Check alwayselevated (postex) -bogey3
β‘οΈ Improved export on cmedb @gray_sec
πͺ
π₯ [ tweet ]
New update on CrackMapExec π½
β‘οΈ Upload/download with MSSQL -guervild
β‘οΈ Exploit KeePass (discover, trigger) @d3lb3_ π₯
β‘οΈ ACL read with LDAP @BlWasp_
β‘οΈ Check ntlmv1 (postex) @Tw1sm
β‘οΈ Check alwayselevated (postex) -bogey3
β‘οΈ Improved export on cmedb @gray_sec
πͺ
π₯ [ tweet ]
πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
Based on @dec0neβs work on ShadowSpray Iβve pushed a small update to #pywhisker of @_nwodtuhs and @podalirius_ implementing the βsprayβ action. Now you can pass a list of users and try to add the same Shadow Credentials for each of them with pywhisker from Linux ππ»
π₯ [ tweet ]
Based on @dec0neβs work on ShadowSpray Iβve pushed a small update to #pywhisker of @_nwodtuhs and @podalirius_ implementing the βsprayβ action. Now you can pass a list of users and try to add the same Shadow Credentials for each of them with pywhisker from Linux ππ»
π₯ [ tweet ]
π₯1
This media is not supported in your browser
VIEW IN TELEGRAM
π [ zux0x3a, Lawrence εε«ζ― ]
Ported the pascal version to C#, and becomes even better while smuggling the payload using Created Service DisplayName
https://t.co/EhR9yNybF2
what's new? => https://t.co/t7Tkv2AW4O
π https://github.com/0xsp-SRD/0xsp.com/tree/main/chopper
π https://ired.dev/discussion/13/chopper-payload-smuggling/p1?new=1
π₯ [ tweet ]
Ported the pascal version to C#, and becomes even better while smuggling the payload using Created Service DisplayName
https://t.co/EhR9yNybF2
what's new? => https://t.co/t7Tkv2AW4O
π https://github.com/0xsp-SRD/0xsp.com/tree/main/chopper
π https://ired.dev/discussion/13/chopper-payload-smuggling/p1?new=1
π₯ [ tweet ]
π [ 0xdf_, 0xdf ]
Perspective from @hackthebox_eu is all about exploitation of a ASP.NET application. There's file read, ssrf, cookie signing, crypto, deserialization, and much more. Beyond Root has JuicyPotatoNG that's almost blocked but not.
π https://0xdf.gitlab.io/2022/10/15/htb-perspective.html
π₯ [ tweet ]
Perspective from @hackthebox_eu is all about exploitation of a ASP.NET application. There's file read, ssrf, cookie signing, crypto, deserialization, and much more. Beyond Root has JuicyPotatoNG that's almost blocked but not.
π https://0xdf.gitlab.io/2022/10/15/htb-perspective.html
π₯ [ tweet ]
π [ dr4k0nia, dr4k0nia ]
Time for another blog post :) This time Im writing about building my own string encryption obfuscator in C#. Featuring a simple XOR based cipher and unique per string encryption keys. Works from .NET Framework 4.6+ up to latest .NET
https://t.co/htjR6XdS1Q
π https://dr4k0nia.github.io/dotnet/coding/2022/10/15/Encrypting-Strings-In-NET.html
π₯ [ tweet ]
Time for another blog post :) This time Im writing about building my own string encryption obfuscator in C#. Featuring a simple XOR based cipher and unique per string encryption keys. Works from .NET Framework 4.6+ up to latest .NET
https://t.co/htjR6XdS1Q
π https://dr4k0nia.github.io/dotnet/coding/2022/10/15/Encrypting-Strings-In-NET.html
π₯ [ tweet ]
π [ zux0x3a, Lawrence εε«ζ― | ΩΩΨ±Ψ§ΩΨ³ ]
https://t.co/QOrhGwKctm
CredUI shellcoder runner shared !
π https://ired.dev/discussion/comment/4/#Comment_4
π₯ [ tweet ]
https://t.co/QOrhGwKctm
CredUI shellcoder runner shared !
π https://ired.dev/discussion/comment/4/#Comment_4
π₯ [ tweet ]
π [ dr4k0nia, dr4k0nia ]
Alongside my latest blog post about string encryption in .NET Im also releasing the source code of my string encryption obfuscator. https://t.co/eQVP1ZVAjt
π https://github.com/dr4k0nia/XorStringsNET
π₯ [ tweet ]
Alongside my latest blog post about string encryption in .NET Im also releasing the source code of my string encryption obfuscator. https://t.co/eQVP1ZVAjt
π https://github.com/dr4k0nia/XorStringsNET
π₯ [ tweet ]
π [ 424f424f, rvrsh3ll ]
Minor update to my BOF_Collection to make compiling a bit easier. https://t.co/SP7Bp4QTxg
π https://github.com/rvrsh3ll/BOF_Collection
π₯ [ tweet ]
Minor update to my BOF_Collection to make compiling a bit easier. https://t.co/SP7Bp4QTxg
π https://github.com/rvrsh3ll/BOF_Collection
π₯ [ tweet ]
π [ ORCx41, ORCA ]
Ever wanted to run your payload without being boring ? here you go ...
https://t.co/FmMEwiGWKV
π https://github.com/ORCx41/NoRunPI
π₯ [ tweet ]
Ever wanted to run your payload without being boring ? here you go ...
https://t.co/FmMEwiGWKV
π https://github.com/ORCx41/NoRunPI
π₯ [ tweet ]
π [ 424f424f, rvrsh3ll ]
A shellcode loader in the @MicrosoftStore ? What could go wrong.
https://t.co/V8M5iqHu9t
π https://apps.microsoft.com/store/detail/shellcode-loader/9P6M7GWNH769
π₯ [ tweet ]
A shellcode loader in the @MicrosoftStore ? What could go wrong.
https://t.co/V8M5iqHu9t
π https://apps.microsoft.com/store/detail/shellcode-loader/9P6M7GWNH769
π₯ [ tweet ]