Pentester – Telegram

Pentester

2.94K subscribers

120 photos

3 videos

163 files

2.77K links

- Offensive Security (Red Teaming / PenTesting)
- BlueTeam (OperationSec, TreatHunting, DFIR)
- Reverse Engineering / Malware Analisys
- Web Security

Download Telegram

About

Blog

Apps

Platform

2.94K subscribers

https://adapt-and-attack.com/2019/08/29/proxying-com-for-stable-hijacks/amp/?__twitter_impression=true

Adapt and Attack

Proxying COM For Stable Hijacks

COM hijacking presents a unique way to load your rogue DLL into another process. In a post-PowerShell world with increasing optics into in-memory tactics, COM hijacking may provide an alternative t…

63 views04:16

Open Source C++ Crypter. AES-256 Bit Encryption, Virtual Machine Detection and Almost FUD https://t.co/Fp5ogdSja9

Include-sys/hCrypt

Open Source C++ Crypter. AES-256 Bit Encryption, Virtual Machine Detection and Almost FUD - Include-sys/hCrypt

66 views19:29

https://redcanary.com/blog/testing-initial-access-with-generate-macro-in-atomic-red-team/?hss_channel=tw-2349092263

Testing initial access with "Generate-Macro" in Atomic Red Team

Security teams can now generate macros in Atomic Red Team to test their ability to observe and detect emerging initial access techniques.

68 views19:41

https://unit42.paloaltonetworks.com/exploitation-of-windows-cve-2019-0708-bluekeep-three-ways-to-write-data-into-the-kernel-with-rdp-pdu/

Exploitation of Windows CVE-2019-0708 (BlueKeep): Three Ways to Write Data into Kernel with RDP PDU

Executive Summary In May 2019, Microsoft released an out-of-band patch update for remote code execution vulnerability CVE-2019-0708, which is also known

66 views06:30

Common docker image for building software reverse engineering (SRE) framework #Ghidra from Github's source.

https://t.co/YPkDGpjURI

dukebarman/ghidra-builder

Docker image for building ghidra RE framework from source - dukebarman/ghidra-builder

68 views06:46

https://googleprojectzero.blogspot.com/2019/08/implant-teardown.html?m=1

Implant Teardown

Posted by Ian Beer, Project Zero In the earlier posts we examined how the attackers gained unsandboxed code execution as root on iPhone...

71 views06:53

https://github.com/jamesbercegay/advisories/blob/master/%5BGTSA-00130%5D%20Webmin%201.920%20Remote%20Code%20Execution.txt

advisories/[GTSA-00130] Webmin 1.920 Remote Code Execution.txt at master · jamesbercegay/advisories

Security Advisories. Contribute to jamesbercegay/advisories development by creating an account on GitHub.

77 views07:10

https://github.com/staz0t/hashcatch

GitHub - staz0t/hashcatch: Capture handshakes of nearby WiFi networks automatically

Capture handshakes of nearby WiFi networks automatically - staz0t/hashcatch

79 views07:11

https://github.com/Mr-Un1k0d3r/ThunderShell

GitHub - Mr-Un1k0d3r/ThunderShell: Python / C# Unmanaged PowerShell based RAT

Python / C# Unmanaged PowerShell based RAT . Contribute to Mr-Un1k0d3r/ThunderShell development by creating an account on GitHub.

89 views07:12

https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html?m=1

A very deep dive into iOS Exploit chains found in the wild

Posted by Ian Beer, Project Zero Project Zero’s mission is to make 0-day hard. We often work with other companies to find and report se...

74 views05:37

https://medium.com/@marcelx/threat-actor-behind-astaroth-is-now-using-cloudflare-workers-to-bypass-your-security-solutions-2c658d08f4c

Threat Actor behind Astaroth is using Cloudflare Workers to bypass your Security Solutions.

TLDR? Skip to the Final Comments.

74 views06:36

Findomain 0.2.5 is out! It's the best release until now, to have a idea, it can find > 20.000 subdomains in ~20 seconds. Multi-thread support is ready and more sources as been added. https://t.co/zPeeLEBs6t

Edu4rdSHL/findomain

The fastest and cross-platform subdomain enumerator, don't waste your time. - Edu4rdSHL/findomain

69 views03:51

https://www.zerodayinitiative.com/advisories/ZDI-19-780/

Zerodayinitiative

(0Day) Google Android v4l2 Double Free Privilege Escalation Vulnerability

58 views04:26

https://medium.com/@olafhartong/sysmon-10-4-release-7f7480300dff

Sysmon 10.4 release

Sysmon 10.4 has been released and this is one I particularly was looking forward to ever since the release of version 9, which introduced…

78 views05:35

CobaltStrike in docker container

https://t.co/nZ3BVotER5

dockerized-cobalt.sh · master · nv2lt / Containerizing CobaltStrike

87 views11:54

https://www.trustedsec.com/2019/04/next-gen-phishing-leveraging-azure-information-protection/

Cybersecurity Education from the Experts | TrustedSec Blog Posts

Learn more about how to safeguard your company through our educational blog posts on everything from updated tech to the newest scams infiltrating organizations today.

89 views11:56

https://medium.com/bugbountywriteup/pulse-secure-ssl-vpn-post-auth-rce-to-ssh-shell-2b497d35c35b

Red Teamer’s Guide to Pulse Secure SSL VPN

A quick guide on exploiting pulse secure for red teaming purposes.

98 views11:58

Critical Exim mail transfer agent (MTA) TLS Flaw Lets Attackers Remotely Execute Commands as Root

https://t.co/tv9KvjxZsd

CVE-2019-15846 : Exim SNI RCE

https://t.co/sfr7M1oFYK

BleepingComputer

Critical Exim TLS Flaw Lets Attackers Remotely Execute Commands as Root

The Exim mail transfer agent (MTA) software is impacted by a critical severity vulnerability present in versions 4.80 up to and including 4.92.1.

93 views12:23

89 views05:36

BashNotesForProfessionals.pdf

184 views05:36

http://woshub.com/port-forwarding-in-windows/

Configuring Port Forwarding in Windows | Windows OS Hub

You can configure network port forwarding in all Windows versions without using third-party tools. Using a port forwarding rule, you can redirect an incoming TCP connection (IPv4 or IPv6) from…

83 views16:14