Forwarded from Android Security & Malware
Get external IP address of the user during Telegram call. Now it works well and returns public instead of local IP
https://twitter.com/androidmalware2/status/1711313647576686621
https://twitter.com/androidmalware2/status/1711313647576686621
X (formerly Twitter)
Mobile Hacker (@androidmalware2) on X
Get external IP address of the user during #Telegram call. Now it works well and returns public instead of local IP
https://t.co/hfiK1Lz6Mh
https://t.co/hfiK1Lz6Mh
Collection of Cyber Threat Intelligence sources from the deep and dark web
https://github.com/fastfire/deepdarkCTI
https://github.com/fastfire/deepdarkCTI
GitHub
GitHub - fastfire/deepdarkCTI: Collection of Cyber Threat Intelligence sources from the deep and dark web
Collection of Cyber Threat Intelligence sources from the deep and dark web - fastfire/deepdarkCTI
Forwarded from vx-underground
This media is not supported in your browser
VIEW IN TELEGRAM
Nerds applying for Red Teaming jobs after being raided by the FBI
😁2
BlueTeamHandbookIR.pdf
50.7 MB
Blue Team Handbook: Incident Response Edition
(not available on z-library)
(not available on z-library)
Pretty cool video explaining how cellphone signals are intercepted with Femtocell and mentioning access over HDMI.
https://youtu.be/IcE8A2Z1Pk0
https://youtu.be/IcE8A2Z1Pk0
YouTube
Intercept cell signals with femtocell
Find original video here: https://youtu.be/UYt0r5Rw2gE
// Previous Videos in the Series //
Mr Robot Ep 1: https://youtu.be/3yiT_WMlosg
Mr Robot Ep 2: https://youtu.be/7V9_x97s4g8
Mr Robot Ep 3: https://youtu.be/5LvqU3-iINk
// David's SOCIAL //
Discord:…
// Previous Videos in the Series //
Mr Robot Ep 1: https://youtu.be/3yiT_WMlosg
Mr Robot Ep 2: https://youtu.be/7V9_x97s4g8
Mr Robot Ep 3: https://youtu.be/5LvqU3-iINk
// David's SOCIAL //
Discord:…
Machines to practice for OSCP, OSEP and OSWE
https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8
https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8
Google Docs
NetSecFocus Trophy Room
❤3
This media is not supported in your browser
VIEW IN TELEGRAM
HE SAID IT!!
(Prison Break S04E03 00:09:46)
(Prison Break S04E03 00:09:46)
Enable RDP via PowerShell:
Set-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\' -Name "fDenyTSConnections" -Value 0
Set-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\' -Name "UserAuthentication" -Value 1
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
🔥1
Mimikatz: If you see (null) in the passwords fields that probably means that the user haven't logged in yet and is using the Default Password that you can grab with lsadump::secrets
This media is not supported in your browser
VIEW IN TELEGRAM
>Me reviewing the source code to find an Account Takeover vulnerability on RegisterUserController.java
😁2
New Whatsapp exploit.
You can send reply messages to other users even though the original message does not exist. You can control the text of both messages.
Have fun while you can:
https://github.com/lichti/whats-spoofing
You can send reply messages to other users even though the original message does not exist. You can control the text of both messages.
Have fun while you can:
https://github.com/lichti/whats-spoofing
👀1
Quirkiest technique I have seen in quite a while. Local Privilege Escalation to SYSTEM using .msi installers.
https://badoption.eu/blog/2023/10/03/MSIFortune.html
https://badoption.eu/blog/2023/10/03/MSIFortune.html
BadOption.eu
MSIFortune - LPE with MSI Installers
MSIFortune - LPE with MSI Installers or MSI - Might (be) stupid idea MSI installers are still pretty alive today. It is a lesser known feature, that a low privileged user can start the repair function of an installation which will run with SYSTEM privileges.…