APT
@APT_Notes
12.9K subscribers
550 photos
27 videos
24 files
890 links
This channel discusses:

— Offensive Security
— RedTeam
— Malware Research
— OSINT
— etc

Disclaimer:
t.me/APT_Notes/6

Chat Link:
t.me/APT_Notes_PublicChat
Download Telegram
About
Blog
Apps
Platform
Join
APT
12.9K subscribers
APT
SharpSystemTriggers

Collection of remote authentication triggers in C#

https://github.com/cube0x0/SharpSystemTriggers

#coerce #authentication #petitpotam #spoolsample #dcom
GitHub
GitHub - cube0x0/SharpSystemTriggers: Collection of remote authentication triggers in C#
Collection of remote authentication triggers in C# - GitHub - cube0x0/SharpSystemTriggers: Collection of remote authentication triggers in C#
290 viewsedited  
APT
🌐 DLHell

DLHell is a tool for performing local and remote DCOM Windows DLL proxying. It can intercept DLLs on remote objects to execute arbitrary commands. The tool supports various authentication methods and provides capabilities for local and remote DLL proxying, as well as DCOM DLL proxying.

🔗 Source:
https://github.com/synacktiv/DLHell

#windows #dll #proxing #dcom
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - synacktiv/DLHell: Local & remote Windows DLL Proxying
Local & remote Windows DLL Proxying. Contribute to synacktiv/DLHell development by creating an account on GitHub.
👍63
4.55K views
APT
🔑 Three-Headed Potato Dog: NTLM and Kerberos Coercion

New research demonstrates how DCOM can coerce Windows systems to authenticate remotely, allowing attackers to relay NTLM or Kerberos authentication to AD CS over HTTP. This enables remote and cross-session authentication relay attacks, targeting both machine and user accounts.

🔗 Research:
https://blog.compass-security.com/2024/09/three-headed-potato-dog/

🔗 Source:
https://github.com/sploutchy/impacket/blob/potato/examples/potato.py

#ad #windows #dcom #relay #potato
13👍3
6.46K views