SILENTTRINITY. A post-exploitation agent powered by Python, IronPython, C#/.NET
https://github.com/byt3bl33d3r/SILENTTRINITY
https://github.com/byt3bl33d3r/SILENTTRINITY
XS-Searching Google’s bug tracker to find out vulnerable source code
https://medium.com/@luanherrera/xs-searching-googles-bug-tracker-to-find-out-vulnerable-source-code-50d8135b7549
https://medium.com/@luanherrera/xs-searching-googles-bug-tracker-to-find-out-vulnerable-source-code-50d8135b7549
Medium
XS-Searching Google’s bug tracker to find out vulnerable source code
Or how side-channel timing attacks aren’t that impractical
Active Directory Kill Chain Attack & Defense
https://github.com/infosecn1nja/AD-Attack-Defense/blob/master/README.md
https://github.com/infosecn1nja/AD-Attack-Defense/blob/master/README.md
Luckystrike: An Evil Office Document Generator.
https://www.shellntel.com/blog/2016/9/13/luckystrike-a-database-backed-evil-macro-generator
https://www.shellntel.com/blog/2016/9/13/luckystrike-a-database-backed-evil-macro-generator
SynerComm
Luckystrike: An Evil Office Document Generator. - SynerComm
DerbyCon Tool Drop 2.0 Talk here. Luckystrike demo begins at 18:45. <tldr> Luckystrike is a PowerShell based generator of malicious .xls documents (soon to be .doc). All your payloads are saved into a database for easy retrieval & embedding into a new or…
Understanding the AD Account attributes - LastLogon, LastLogonTimeStamp and LastLogonDate
https://social.technet.microsoft.com/wiki/contents/articles/22461.understanding-the-ad-account-attributes-lastlogon-lastlogontimestamp-and-lastlogondate.aspx
https://social.technet.microsoft.com/wiki/contents/articles/22461.understanding-the-ad-account-attributes-lastlogon-lastlogontimestamp-and-lastlogondate.aspx
SMB Named Pipe Pivoting in Meterpreter
https://medium.com/@petergombos/smb-named-pipe-pivoting-in-meterpreter-462580fd41c5
https://medium.com/@petergombos/smb-named-pipe-pivoting-in-meterpreter-462580fd41c5
Medium
SMB Named Pipe Pivoting in Meterpreter
A hidden feature of Metasploit, is the ability to add SMB Named Pipe listeners in a meterpreter session to pivot on an internal network…
Hiding a beacon in a jquery
https://sysopfb.github.io/malware,/reverse-engineering/2018/10/08/Beacon-in-a-jquery.html
https://sysopfb.github.io/malware,/reverse-engineering/2018/10/08/Beacon-in-a-jquery.html
Random RE
Hiding a beacon in a jquery
It’s easy to find yourself as a malware researcher looking at some unimaginative samples, which can be good for learning but sometimes you find one that someone actually invested some time into. While ripping this apart I noticed that most of the setup was…
Tsurugi Linux : A heavily customized Linux distro designed for DFIR investigations, malware analysis and Open Sourced intelligence activities : https://tsurugi-linux.org/index.php
Simple MSBuild payload to pull in and execute an externally hosted .net assembly in memory, using a modified version of the code from @anthemtotheego's SharpCradle project. Allows for assembly execution without a PE having to touch disk.
https://gist.github.com/G0ldenGunSec/62b8166c23573fc64c6eeb29e8c5b818
https://gist.github.com/G0ldenGunSec/62b8166c23573fc64c6eeb29e8c5b818
Twitter
Anthem To The Ego (@anthemtotheego) | Twitter
The latest Tweets from Anthem To The Ego (@anthemtotheego). OSCP - hacker - penetration tester - mediocre coder - musician - work in progress. Midwest
Blacklist3r : Audit/pwn an application using pre-shared Machine Keys :
https://www.notsosecure.com/project-blacklist3r/
https://www.notsosecure.com/project-blacklist3r/