π [ _nwodtuhs, Charlie Bromberg βShutdownβ ]
Thank you @BlWasp_ for contributing to The Hacker Tools, documenting Impacket's ping, ping6, GetNPUsers and GetUserSPNs example scripts
- https://t.co/h3gTvWV4ia
- https://t.co/PRR2wdZkcT
- https://t.co/tApF0oAmBx
- https://t.co/GM1yyW78sF
https://t.co/PjOo8FoZ0p
π https://tools.thehacker.recipes/impacket/examples/ping.py
π https://tools.thehacker.recipes/impacket/examples/ping6.py
π https://tools.thehacker.recipes/impacket/examples/getnpusers.py
π https://tools.thehacker.recipes/impacket/examples/getuserspns.py
π https://tools.thehacker.recipes/impacket/examples
π₯ [ tweet ]
Thank you @BlWasp_ for contributing to The Hacker Tools, documenting Impacket's ping, ping6, GetNPUsers and GetUserSPNs example scripts
- https://t.co/h3gTvWV4ia
- https://t.co/PRR2wdZkcT
- https://t.co/tApF0oAmBx
- https://t.co/GM1yyW78sF
https://t.co/PjOo8FoZ0p
π https://tools.thehacker.recipes/impacket/examples/ping.py
π https://tools.thehacker.recipes/impacket/examples/ping6.py
π https://tools.thehacker.recipes/impacket/examples/getnpusers.py
π https://tools.thehacker.recipes/impacket/examples/getuserspns.py
π https://tools.thehacker.recipes/impacket/examples
π₯ [ tweet ]
π [ NinjaParanoid, Chetan Nayak (Brute Ratel C4 Author) ]
Heres all the nighthawk samples which mdsec tried to hide by blasting VT with fake samples. Enjoy hunting TAs! Sharing for attribution purposes!
https://t.co/Nrlr6CU7TF
https://t.co/7V8r5QObeP
https://t.co/lWNZctPTy8
https://t.co/aIg3QecyTg
https://t.co/ERvg61wELk
π https://anonfiles.com/H1N4XbIby5/f3bba2bfd4ed48b5426e36eba3b7613973226983a784d24d7a20fcf9df0de74e_exe
π https://anonfiles.com/IbN5X4Ify4/b775a8f7629966592cc7727e2081924a7d7cf83edd7447aa60627a2b67d87c94_exe
π https://anonfiles.com/JfN1XcIfy1/9a57919cc5c194e28acd62719487c563a8f0ef1205b65adbe535386e34e418b8_exe
π https://anonfiles.com/K3N4X0Iby5/0551ca07f05c2a8278229c1dc651a2b1273a39914857231b075733753cb2b988_exe
π https://anonfiles.com/E7tdy5J0y4/ea7a1363c5f304c206bc8450ed1d4b14d76eb492a1011b8f2c1d2f218de8c770
π₯ [ tweet ]
Heres all the nighthawk samples which mdsec tried to hide by blasting VT with fake samples. Enjoy hunting TAs! Sharing for attribution purposes!
https://t.co/Nrlr6CU7TF
https://t.co/7V8r5QObeP
https://t.co/lWNZctPTy8
https://t.co/aIg3QecyTg
https://t.co/ERvg61wELk
π https://anonfiles.com/H1N4XbIby5/f3bba2bfd4ed48b5426e36eba3b7613973226983a784d24d7a20fcf9df0de74e_exe
π https://anonfiles.com/IbN5X4Ify4/b775a8f7629966592cc7727e2081924a7d7cf83edd7447aa60627a2b67d87c94_exe
π https://anonfiles.com/JfN1XcIfy1/9a57919cc5c194e28acd62719487c563a8f0ef1205b65adbe535386e34e418b8_exe
π https://anonfiles.com/K3N4X0Iby5/0551ca07f05c2a8278229c1dc651a2b1273a39914857231b075733753cb2b988_exe
π https://anonfiles.com/E7tdy5J0y4/ea7a1363c5f304c206bc8450ed1d4b14d76eb492a1011b8f2c1d2f218de8c770
π₯ [ tweet ]
π [ _nwodtuhs, Charlie Bromberg βShutdownβ ]
Updated the DACL abuse mindmap. New dark theme, used BloodHound's iconography, added the ACE inheritance path for Containers and Organizational Unit.
π§βπ³ The Hacker Recipes https://t.co/iMrOGWv63j
π https://www.thehacker.recipes/ad/movement/dacl
π₯ [ tweet ]
Updated the DACL abuse mindmap. New dark theme, used BloodHound's iconography, added the ACE inheritance path for Containers and Organizational Unit.
π§βπ³ The Hacker Recipes https://t.co/iMrOGWv63j
π https://www.thehacker.recipes/ad/movement/dacl
π₯ [ tweet ]
Offensive Xwitter
π [ _nwodtuhs, Charlie Bromberg βShutdownβ ] Updated the DACL abuse mindmap. New dark theme, used BloodHound's iconography, added the ACE inheritance path for Containers and Organizational Unit. π§βπ³ The Hacker Recipes https://t.co/iMrOGWv63j π https://β¦
IMG_5325.PNG
1.1 MB
This media is not supported in your browser
VIEW IN TELEGRAM
π [ OutflankNL, Outflank ]
New BOF released to our OST customers: Coercer
Coercer triggers a novel and non-public coercion method that forces SMB authentication from the computer account on workstations. From there on, you can for example relay to ADCS for generating a computer certificate.
π₯ [ tweet ]
New BOF released to our OST customers: Coercer
Coercer triggers a novel and non-public coercion method that forces SMB authentication from the computer account on workstations. From there on, you can for example relay to ADCS for generating a computer certificate.
π₯ [ tweet ]
π [ _RastaMouse, Rasta Mouse ]
[BLOG]
Short post on alternate ways to impersonate access tokens in C#, including in other threads. Thanks @GuhnooPlusLinux for providing the inspiration.
https://t.co/TRdI5zuR5j
π https://rastamouse.me/token-impersonation-in-csharp/
π₯ [ tweet ]
[BLOG]
Short post on alternate ways to impersonate access tokens in C#, including in other threads. Thanks @GuhnooPlusLinux for providing the inspiration.
https://t.co/TRdI5zuR5j
π https://rastamouse.me/token-impersonation-in-csharp/
π₯ [ tweet ]
π [ 0xdf_, 0xdf ]
Support is the 4th box I've released on @hackthebox_eu! It retires today. Light .NET reverseing, LDAP enumeration, and genericall on the DC -> a fake machine AD attack.
Inspiration for the box comes from a @7minsec "tales of pentest pwnage" episode.
https://t.co/79G4EUS7Nt
π https://0xdf.gitlab.io/2022/12/17/htb-support.html
π₯ [ tweet ]
Support is the 4th box I've released on @hackthebox_eu! It retires today. Light .NET reverseing, LDAP enumeration, and genericall on the DC -> a fake machine AD attack.
Inspiration for the box comes from a @7minsec "tales of pentest pwnage" episode.
https://t.co/79G4EUS7Nt
π https://0xdf.gitlab.io/2022/12/17/htb-support.html
π₯ [ tweet ]
π₯3
π [ Idov31, Ido Veltzman ]
I'm happy to release Venom - A C++ single header file for evasive network communication which using a stolen browser's socket to perform all of its network activities and by that can make it hard to trace it back to the process.
https://t.co/AVxQbNru3Z
#infosec #CyberSecurity
π https://github.com/Idov31/Venom
π₯ [ tweet ]
I'm happy to release Venom - A C++ single header file for evasive network communication which using a stolen browser's socket to perform all of its network activities and by that can make it hard to trace it back to the process.
https://t.co/AVxQbNru3Z
#infosec #CyberSecurity
π https://github.com/Idov31/Venom
π₯ [ tweet ]
π [ an0n_r0, an0n ]
1. remove disk from target laptop
2. virtualize system (VBoxManage convertfromraw)
3. abuse local admin (chntpw using alt booted system)
4. run mimikatz by reflective loading (bypass ESET :) )
5. extract machine cert / secrets
NEVER deploy company laptop without BitLocker.
π₯ [ tweet ]
1. remove disk from target laptop
2. virtualize system (VBoxManage convertfromraw)
3. abuse local admin (chntpw using alt booted system)
4. run mimikatz by reflective loading (bypass ESET :) )
5. extract machine cert / secrets
NEVER deploy company laptop without BitLocker.
π₯ [ tweet ]
π5π₯2π₯±1
π [ namazso, namazso ]
After being asked for it a few times in DMs, I decided to just publish my ptrace-less injector for x64 Linux
https://t.co/zqsP0xiJdZ
(via @namazso@mastodon.cloud)
π https://github.com/namazso/linux_injector
π₯ [ tweet ]
After being asked for it a few times in DMs, I decided to just publish my ptrace-less injector for x64 Linux
https://t.co/zqsP0xiJdZ
(via @namazso@mastodon.cloud)
π https://github.com/namazso/linux_injector
π₯ [ tweet ]
π [ _nwodtuhs, Charlie Bromberg βShutdownβ ]
π xmas contribution to one of the tools I used most in 2022. #BloodHound
https://t.co/KqJYEOfzOs
π https://github.com/BloodHoundAD/BloodHound/pull/625
π₯ [ tweet ]
π xmas contribution to one of the tools I used most in 2022. #BloodHound
https://t.co/KqJYEOfzOs
π https://github.com/BloodHoundAD/BloodHound/pull/625
π₯ [ tweet ]
π [ IKalendarov, Ilan Kalendarov ]
New research of mine about using hardware breakpoint for EDR evasion. Thanks to @rad9800 for the inspiration on this topic.
https://t.co/Ax2IZkSOI2
π https://cymulate.com/blog/blindside-a-new-technique-for-edr-evasion-with-hardware-breakpoints?utm_campaign=Oktopost-Research&utm_content=Oktopost-Twitter&utm_medium=Twitter&utm_source=Organic_Social
π₯ [ tweet ]
New research of mine about using hardware breakpoint for EDR evasion. Thanks to @rad9800 for the inspiration on this topic.
https://t.co/Ax2IZkSOI2
π https://cymulate.com/blog/blindside-a-new-technique-for-edr-evasion-with-hardware-breakpoints?utm_campaign=Oktopost-Research&utm_content=Oktopost-Twitter&utm_medium=Twitter&utm_source=Organic_Social
π₯ [ tweet ]
π [ mariuszbit, mgeeky | Mariusz Banach ]
β’οΈ Recently we started seeing Threat Actors abusing MSI Windows Installation files for Initial Access & code execution
π₯ I now release Part 1 insights into how MSIs can be abused, PoCs for π΄ & dissection utility for π΅
π¦ Let me know what you think!
https://t.co/X7vi6BGQg5
π https://mgeeky.tech/msi-shenanigans-part-1/
π https://github.com/mgeeky/msi-shenanigans
π https://github.com/mgeeky/msidump
π₯ [ tweet ]
β’οΈ Recently we started seeing Threat Actors abusing MSI Windows Installation files for Initial Access & code execution
π₯ I now release Part 1 insights into how MSIs can be abused, PoCs for π΄ & dissection utility for π΅
π¦ Let me know what you think!
https://t.co/X7vi6BGQg5
π https://mgeeky.tech/msi-shenanigans-part-1/
π https://github.com/mgeeky/msi-shenanigans
π https://github.com/mgeeky/msidump
π₯ [ tweet ]
X (formerly Twitter)
mgeeky | Mariusz Banach (@mariuszbit) on X
π΄ Red Team operator, ex-MWR/F-Secure pentester, ex-AV engine developer @ESET, green tea addict. π« @mgeeky@infosec.exchange
π [ _RastaMouse, Rasta Mouse ]
I've been trying to get NtCreateUserProcess working in C#, but no joy yet. If anyone wants to take a stab at fixing the code, it's here:
https://t.co/ma3iuCSFjj
π https://gist.github.com/rasta-mouse/2f6316083dd2f38bb91f160cca2088df
π₯ [ tweet ]
I've been trying to get NtCreateUserProcess working in C#, but no joy yet. If anyone wants to take a stab at fixing the code, it's here:
https://t.co/ma3iuCSFjj
π https://gist.github.com/rasta-mouse/2f6316083dd2f38bb91f160cca2088df
π₯ [ tweet ]
π [ M4yFly, Mayfly ]
Finally, the last part of GOAD writeups is done ! π₯³
Part 12 : Trusts
https://t.co/q6XDr8GTUD
π https://mayfly277.github.io/posts/GOADv2-pwning-part12/
π₯ [ tweet ]
Finally, the last part of GOAD writeups is done ! π₯³
Part 12 : Trusts
https://t.co/q6XDr8GTUD
π https://mayfly277.github.io/posts/GOADv2-pwning-part12/
π₯ [ tweet ]
ΠΠΈΡΠ°Π» ΡΡΡ Π½Π° ΠΊΠΎΠ»Π΅Π½ΠΊΠ΅ ΡΠΊΡΠΈΠΏΡ Π΄Π»Ρ ΡΠ½ΡΠΌΠ° ΡΡΡΠ΅ΡΡΠ²ΡΡΡΠΈΡ
Π΅ΠΌΠ΅ΠΉΠ»ΠΎΠ² Π½Π° Mail.ru ΡΠ΅ΡΠ΅Π· Tor. Π’Π΅ΠΊΡΡΠΎΠΌ Π½Π΅ ΠΎΡΠ΄Π°ΠΌ, ΠΏΡΠΈΠ΄Π΅ΡΡΡ ΠΏΠ΅ΡΠ΅ΠΏΠΈΡΡΠ²Π°ΡΡ π
π₯6
π [ sprocket_ed, ed ]
Not bad - https://t.co/RdbIsLfGRy
π https://github.com/m1guelpf/plz-cli
π₯ [ tweet ]
Not bad - https://t.co/RdbIsLfGRy
π https://github.com/m1guelpf/plz-cli
π₯ [ tweet ]
π₯4
π [ an0n_r0, an0n ]
what a wonderful technique for stealing chrome/edge cookies without knowing the user password via chrome debug mode by @mangopdf:
https://t.co/T2ct1WI6e3
have not known it before (what a shameπ), although it is 4+ yrs old and still working.
here it is, demo using Sliver C2.π₯
π https://mango.pdf.zone/stealing-chrome-cookies-without-a-password
π₯ [ tweet ]
what a wonderful technique for stealing chrome/edge cookies without knowing the user password via chrome debug mode by @mangopdf:
https://t.co/T2ct1WI6e3
have not known it before (what a shameπ), although it is 4+ yrs old and still working.
here it is, demo using Sliver C2.π₯
π https://mango.pdf.zone/stealing-chrome-cookies-without-a-password
π₯ [ tweet ]