π [ DirectoryRanger, DirectoryRanger ]
Windows Credential Dumping, by @jangeisbauer
https://t.co/5eNERw95K5
π https://emptydc.com/2022/06/08/windows-credential-dumping/
π₯ [ tweet ]
Windows Credential Dumping, by @jangeisbauer
https://t.co/5eNERw95K5
π https://emptydc.com/2022/06/08/windows-credential-dumping/
π₯ [ tweet ]
π1
π [ SkelSec, SkelSec ]
Pentest framework running entirely* in the browser via @pyodide
OctoPwnWeb has been presented @a41con. This project was in the making for years Support us @porchetta_ind
Talk
https://t.co/l2z0x63cIk
Slides
https://t.co/Nx3Egczptq
Tool
https://t.co/FgZbJHOrsi
*deets in the talk
π https://youtu.be/jStdrDHTmD4
π https://docs.google.com/presentation/d/1XQFYr_OBI1lrpybsLrHWTWcYNZcF_zOmGDHiIBwSMng
π http://octopwn.porchetta.industries/
π₯ [ tweet ]
Pentest framework running entirely* in the browser via @pyodide
OctoPwnWeb has been presented @a41con. This project was in the making for years Support us @porchetta_ind
Talk
https://t.co/l2z0x63cIk
Slides
https://t.co/Nx3Egczptq
Tool
https://t.co/FgZbJHOrsi
*deets in the talk
π https://youtu.be/jStdrDHTmD4
π https://docs.google.com/presentation/d/1XQFYr_OBI1lrpybsLrHWTWcYNZcF_zOmGDHiIBwSMng
π http://octopwn.porchetta.industries/
π₯ [ tweet ]
π2
πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
[#Tooling βοΈ] Added @jor6PSβs DrawNmap project for visualizing Nmap reports to #DivideAndScan. Dunno whether itβs really needed there, but I was just bored I guess. DrawNmap is cool anyway, take a look: https://t.co/6jW8grFb9F
#nmap #portscan
π https://github.com/jor6PS/DrawNmap
π₯ [ tweet ]
[#Tooling βοΈ] Added @jor6PSβs DrawNmap project for visualizing Nmap reports to #DivideAndScan. Dunno whether itβs really needed there, but I was just bored I guess. DrawNmap is cool anyway, take a look: https://t.co/6jW8grFb9F
#nmap #portscan
π https://github.com/jor6PS/DrawNmap
π₯ [ tweet ]
π3
π [ NinjaParanoid, Paranoid Ninja (Brute Ratel C4) ]
A brief explanation on open source Sleep Obfuscation Techniques v/s Brute Ratel C4. Video includes x64dbg and Process Hacker to provide POC!!! Because POC > Shitposting!! Cheers!
https://t.co/1Xizj5CjHJ
π https://youtu.be/nB5QHVtN9_g
π₯ [ tweet ]
A brief explanation on open source Sleep Obfuscation Techniques v/s Brute Ratel C4. Video includes x64dbg and Process Hacker to provide POC!!! Because POC > Shitposting!! Cheers!
https://t.co/1Xizj5CjHJ
π https://youtu.be/nB5QHVtN9_g
π₯ [ tweet ]
π1
π [ an0n_r0, an0n ]
just wanted to see how difficult it is to run CS BOF inside Sliver (tested NoteThief BOF by @trainr3kt). it is super easy! the coff-loader extension in the Sliver armory provides the compatibility layer (code is unchanged), only had to add an ext json: https://t.co/I8dPsvoV3M.
π https://github.com/tothi/NoteThief/blob/main/extension.json
π₯ [ tweet ]
just wanted to see how difficult it is to run CS BOF inside Sliver (tested NoteThief BOF by @trainr3kt). it is super easy! the coff-loader extension in the Sliver armory provides the compatibility layer (code is unchanged), only had to add an ext json: https://t.co/I8dPsvoV3M.
π https://github.com/tothi/NoteThief/blob/main/extension.json
π₯ [ tweet ]
π [ _Kudaes_, Kurosh Dabbagh ]
I've just pushed an small update on Dumpy with some new features:
- x86 support.
- New flag "upload" that allows to send the xored dump through HTTP directly from memory, avoiding to store it on disk.
- New help menu.
https://t.co/dvope0TAD9
π https://github.com/Kudaes/Dumpy
π₯ [ tweet ]
I've just pushed an small update on Dumpy with some new features:
- x86 support.
- New flag "upload" that allows to send the xored dump through HTTP directly from memory, avoiding to store it on disk.
- New help menu.
https://t.co/dvope0TAD9
π https://github.com/Kudaes/Dumpy
π₯ [ tweet ]
π1
π [ BCSecurity1, BC Security ]
Empire 5.0-alpha is entering closed testing starting this week. Community Contributors and Sponsors can access the 5.0-dev branch and test the last builds! Here is a preview of the new integrated Starkiller GUI hosted through the web.
https://t.co/ZvNDIVrb1Z
π https://github.com/sponsors/BC-SECURITY
π₯ [ tweet ]
Empire 5.0-alpha is entering closed testing starting this week. Community Contributors and Sponsors can access the 5.0-dev branch and test the last builds! Here is a preview of the new integrated Starkiller GUI hosted through the web.
https://t.co/ZvNDIVrb1Z
π https://github.com/sponsors/BC-SECURITY
π₯ [ tweet ]
πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
[#HackTip π ] Some tips and links on how NTDS reversible encryption usage (means you can DCSync cleartext passwords) can be enumerated during an AD security assessment:
π https://t.co/pjUzcqzxYK
π https://t.co/km8ZhkrJrt
#ntds #ad #adsecurity
π https://adsecurity.org/?p=2053
π https://www.blackhillsinfosec.com/how-i-cracked-a-128-bit-password/
π₯ [ tweet ]
[#HackTip π ] Some tips and links on how NTDS reversible encryption usage (means you can DCSync cleartext passwords) can be enumerated during an AD security assessment:
π https://t.co/pjUzcqzxYK
π https://t.co/km8ZhkrJrt
#ntds #ad #adsecurity
π https://adsecurity.org/?p=2053
π https://www.blackhillsinfosec.com/how-i-cracked-a-128-bit-password/
π₯ [ tweet ]
π [ DebugPrivilege, - ]
#HuntingTipOfTheDay - 'I bypassed Windows Defender' - Uh not really? I highly recommend Red Teamers that claim this kind of stuff to take a close look to the MpLogs and MpDetection files.
π₯ [ tweet ]
#HuntingTipOfTheDay - 'I bypassed Windows Defender' - Uh not really? I highly recommend Red Teamers that claim this kind of stuff to take a close look to the MpLogs and MpDetection files.
π₯ [ tweet ]
π [ ReconOne_, ReconOne ]
This is my quick nmap setup, to scan critical ports at fast rate πͺπ»π₯
#portscan #attacksurface #recontips #bugbountytips #recon #nmap
π₯ [ tweet ]
This is my quick nmap setup, to scan critical ports at fast rate πͺπ»π₯
#portscan #attacksurface #recontips #bugbountytips #recon #nmap
π₯ [ tweet ]
π [ tiraniddo, James Forshaw ]
Didn't realize .NET 5 introduced an ASN.1 reader/writer. Also available for Framework from nuget. Pretty convenient if you need a quick ASN.1 parser :-) https://t.co/H7a1YlMyNK
π https://docs.microsoft.com/en-us/dotnet/api/system.formats.asn1
π₯ [ tweet ]
Didn't realize .NET 5 introduced an ASN.1 reader/writer. Also available for Framework from nuget. Pretty convenient if you need a quick ASN.1 parser :-) https://t.co/H7a1YlMyNK
π https://docs.microsoft.com/en-us/dotnet/api/system.formats.asn1
π₯ [ tweet ]
π1
π [ ShitSecure, S3cur3Th1sSh1t ]
Cortex XDR. Try to execute:
"C:\windows\system32\calc.exe kerberoast /format:hashcat /outfile:C:\temp\kerb.txt"
Dynamic analysis shows -> Dangerous Hacktool. Calculator is very evil. π€
*hust* modifying parameter names for Rubeus π
π₯ [ tweet ]
Cortex XDR. Try to execute:
"C:\windows\system32\calc.exe kerberoast /format:hashcat /outfile:C:\temp\kerb.txt"
Dynamic analysis shows -> Dangerous Hacktool. Calculator is very evil. π€
*hust* modifying parameter names for Rubeus π
π₯ [ tweet ]
π1
π [ _wald0, Andy Robbins ]
This is a fantastic article on attack path analysis by Marius Elmiger (@m8r1us). Available in both English and German:
π¬π§ - https://t.co/DrNRhHzdWz
π©πͺ - https://t.co/JW2g2JwPOZ
π https://www.scip.ch/en/?labs.20220616
π https://www.scip.ch/?labs.20220616
π₯ [ tweet ][ quote ]
This is a fantastic article on attack path analysis by Marius Elmiger (@m8r1us). Available in both English and German:
π¬π§ - https://t.co/DrNRhHzdWz
π©πͺ - https://t.co/JW2g2JwPOZ
π https://www.scip.ch/en/?labs.20220616
π https://www.scip.ch/?labs.20220616
π₯ [ tweet ][ quote ]
π1
π [ Jean_Maes_1994, Jean ]
Spoof that stack boyz!
Stack spoofing now in arsenal kit
https://t.co/wTjcxvOBNI
π https://www.cobaltstrike.com/blog/arsenal-kit-update-thread-stack-spoofing/
π₯ [ tweet ]
Spoof that stack boyz!
Stack spoofing now in arsenal kit
https://t.co/wTjcxvOBNI
π https://www.cobaltstrike.com/blog/arsenal-kit-update-thread-stack-spoofing/
π₯ [ tweet ]
π1
π [ Haus3c, Ryan Hausknecht ]
I merged a PR from @ZephrFish to include support for CloudShell in PowerZure. https://t.co/M39udc9JR1
There's some very cool projects I have planned to release in the next coming months, some of which will affect PowerZure.
π https://github.com/hausec/PowerZure/tree/cloudshell
π₯ [ tweet ]
I merged a PR from @ZephrFish to include support for CloudShell in PowerZure. https://t.co/M39udc9JR1
There's some very cool projects I have planned to release in the next coming months, some of which will affect PowerZure.
π https://github.com/hausec/PowerZure/tree/cloudshell
π₯ [ tweet ]
π1
π [ DirectoryRanger, DirectoryRanger ]
An Introduction to Manual Active Directory Querying with Dsquery and Ldapsearch, by @Icemoonhsv
https://t.co/5BkxKQ1Ru1
π https://posts.specterops.io/an-introduction-to-manual-active-directory-querying-with-dsquery-and-ldapsearch-84943c13d7eb
π₯ [ tweet ]
An Introduction to Manual Active Directory Querying with Dsquery and Ldapsearch, by @Icemoonhsv
https://t.co/5BkxKQ1Ru1
π https://posts.specterops.io/an-introduction-to-manual-active-directory-querying-with-dsquery-and-ldapsearch-84943c13d7eb
π₯ [ tweet ]
π1
π [ DirectoryRanger, DirectoryRanger ]
Combining techniques to defeat Windows Defender and default Applocker rules
https://t.co/FGcEKnqMCw
π https://kymb0.github.io/malwaredev-bypass-av-xml/
π₯ [ tweet ]
Combining techniques to defeat Windows Defender and default Applocker rules
https://t.co/FGcEKnqMCw
π https://kymb0.github.io/malwaredev-bypass-av-xml/
π₯ [ tweet ]
π₯1
π [ DirectoryRanger, DirectoryRanger ]
Total Registry. Replacement for the Windows built-in Regedit.exe tool with several improvements, by @zodiacon
https://t.co/bNB6aXdcV4
π https://github.com/zodiacon/TotalRegistry
π₯ [ tweet ]
Total Registry. Replacement for the Windows built-in Regedit.exe tool with several improvements, by @zodiacon
https://t.co/bNB6aXdcV4
π https://github.com/zodiacon/TotalRegistry
π₯ [ tweet ]
π1
π [ DirectoryRanger, DirectoryRanger ]
Marshmallows & Kerberoasting
https://t.co/7VB1upHLU5
π https://redcanary.com/blog/marshmallows-and-kerberoasting/
π₯ [ tweet ]
Marshmallows & Kerberoasting
https://t.co/7VB1upHLU5
π https://redcanary.com/blog/marshmallows-and-kerberoasting/
π₯ [ tweet ]
π1
This media is not supported in your browser
VIEW IN TELEGRAM
π [ mrd0x, mr.d0x ]
Demo:
Injecting a JS keylogger using WebView2 into login[.]microsoftonline[.]com.
Better quality: https://t.co/rfJmr48s6n
Blog post: https://t.co/61FwQibZol
π https://imgur.com/a/Apl1DRl
π https://mrd0x.com/attacking-with-webview2-applications/
π₯ [ tweet ]
Demo:
Injecting a JS keylogger using WebView2 into login[.]microsoftonline[.]com.
Better quality: https://t.co/rfJmr48s6n
Blog post: https://t.co/61FwQibZol
π https://imgur.com/a/Apl1DRl
π https://mrd0x.com/attacking-with-webview2-applications/
π₯ [ tweet ]
π [ c3rb3ru5d3d53c, ΟΞ΅ΡΞ²Ξ΅ΡΞΌs - ΠΌΞ±βΟΞ±ΡΞ΅ ΡΞ΅sΡαΡΟΠ½Ξ΅Ρ ]
Hey guys, my #malware #analysis for absolute beginners guide just dropped!
β Completely Free
β Mistakes to Avoid
β Setting up your first VM
β Purpose Driven
β Where to get Malware Samples
β Creating a Portfolio
Recording a video soon too! π
https://t.co/zL8Sr0IzHG https://t.co/IYJV7mEatt
π https://c3rb3ru5d3d53c.github.io/docs/malware-analysis-beginner-guide/
π₯ [ tweet ][ quote ]
Hey guys, my #malware #analysis for absolute beginners guide just dropped!
β Completely Free
β Mistakes to Avoid
β Setting up your first VM
β Purpose Driven
β Where to get Malware Samples
β Creating a Portfolio
Recording a video soon too! π
https://t.co/zL8Sr0IzHG https://t.co/IYJV7mEatt
π https://c3rb3ru5d3d53c.github.io/docs/malware-analysis-beginner-guide/
π₯ [ tweet ][ quote ]