πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
A short story of extracting KeePassXC passphrase from memory using strings. Providing the resulting dump of strings as a wordlist to hashcat (13400) I cracked the database in a few seconds π
π₯ [ tweet ]
A short story of extracting KeePassXC passphrase from memory using strings. Providing the resulting dump of strings as a wordlist to hashcat (13400) I cracked the database in a few seconds π
π₯ [ tweet ]
π [ C5pider, 5pider ]
What an amazing video from @33y0re explaining modern Windows Kernel Exploitation. Going to start my journey of learning kernel exploit dev soon and this video explained a lot of things. https://t.co/BltKS0XZQp
π https://www.youtube.com/watch?v=nauAlHXrkIk
π₯ [ tweet ]
What an amazing video from @33y0re explaining modern Windows Kernel Exploitation. Going to start my journey of learning kernel exploit dev soon and this video explained a lot of things. https://t.co/BltKS0XZQp
π https://www.youtube.com/watch?v=nauAlHXrkIk
π₯ [ tweet ]
π [ 0xdf_, 0xdf ]
Shared from @hackthebox_eu has SQL injection in a cookie, iPython exploitation, some basic reverse enginnering, and Redis exploitation.
https://t.co/1ayMOYjPOw
π https://0xdf.gitlab.io/2022/11/12/htb-shared.html
π₯ [ tweet ]
Shared from @hackthebox_eu has SQL injection in a cookie, iPython exploitation, some basic reverse enginnering, and Redis exploitation.
https://t.co/1ayMOYjPOw
π https://0xdf.gitlab.io/2022/11/12/htb-shared.html
π₯ [ tweet ]
π [ M4yFly, Mayfly ]
Play with the ad lab goadv2 - part 10 : delegations
- constrained
- unconstrained (with and without protocol transition)
- resource based
https://t.co/47zFWSD7G9
π https://mayfly277.github.io/posts/GOADv2-pwning-part10/
π₯ [ tweet ]
Play with the ad lab goadv2 - part 10 : delegations
- constrained
- unconstrained (with and without protocol transition)
- resource based
https://t.co/47zFWSD7G9
π https://mayfly277.github.io/posts/GOADv2-pwning-part10/
π₯ [ tweet ]
π [ CaptMeelo, Meelo ]
Here's the tool that I demoed during my #SANSHackFest talk. Let's make it better by filing any issues you identified and submitting PRs.
#redteam #maldev
https://t.co/KvCJzVwSxi
π https://github.com/capt-meelo/laZzzy
π₯ [ tweet ]
Here's the tool that I demoed during my #SANSHackFest talk. Let's make it better by filing any issues you identified and submitting PRs.
#redteam #maldev
https://t.co/KvCJzVwSxi
π https://github.com/capt-meelo/laZzzy
π₯ [ tweet ]
π [ mpgn_x64, mpgn ]
CrackMapExec version 5.4.0 "Indestructible G0thm0g" is out for everyone and also available in @kalilinux π
β‘οΈ apt update
β‘οΈ apt install crackmapexec
Happy Hacking ! π₯πͺ
Release blog post π½
https://t.co/gtOA7tt8Ey
π https://wiki.porchetta.industries/news-2022/indestructible-g0thm0g
π₯ [ tweet ]
CrackMapExec version 5.4.0 "Indestructible G0thm0g" is out for everyone and also available in @kalilinux π
β‘οΈ apt update
β‘οΈ apt install crackmapexec
Happy Hacking ! π₯πͺ
Release blog post π½
https://t.co/gtOA7tt8Ey
π https://wiki.porchetta.industries/news-2022/indestructible-g0thm0g
π₯ [ tweet ]
π [ dec0ne, Mor Davidovich ]
Happy to share a new blog post I wrote about how I managed to dump LSASS undetected using a simple MiniDumpWriteDump against some of the most advanced EDRs in the market.
"Itβs all in the details: The curious case of an LSASS dumper gone undetected"
https://t.co/YoDUW8LwKy
π https://dec0ne.github.io/research/2022-11-14-Undetected-Lsass-Dump-Workflow/
π₯ [ tweet ]
Happy to share a new blog post I wrote about how I managed to dump LSASS undetected using a simple MiniDumpWriteDump against some of the most advanced EDRs in the market.
"Itβs all in the details: The curious case of an LSASS dumper gone undetected"
https://t.co/YoDUW8LwKy
π https://dec0ne.github.io/research/2022-11-14-Undetected-Lsass-Dump-Workflow/
π₯ [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
π [ PortSwiggerRes, PortSwigger Research ]
Stealing passwords from infosec Mastodon - without bypassing CSP
https://t.co/kXIqj3tpAU
π https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
π₯ [ tweet ]
Stealing passwords from infosec Mastodon - without bypassing CSP
https://t.co/kXIqj3tpAU
π https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
π₯ [ tweet ]
π [ cerbersec, Cerbersec ]
Here are the #SANSHackFest demos for my Kernel Karnage talk!
WinDbg: https://t.co/RicezA3tkG
Full attack chain: https://t.co/spIcXE27Wk
π https://youtu.be/QHEzyCGz-rk
π https://youtu.be/EQqxQk7ytjw
π₯ [ tweet ]
Here are the #SANSHackFest demos for my Kernel Karnage talk!
WinDbg: https://t.co/RicezA3tkG
Full attack chain: https://t.co/spIcXE27Wk
π https://youtu.be/QHEzyCGz-rk
π https://youtu.be/EQqxQk7ytjw
π₯ [ tweet ]
π [ _EthicalChaos_, Ceri π΄σ §σ ’σ ·σ ¬σ ³σ Ώ ]
Just pushed a small change for the recently released Volumiser tool. You can now read files directly al a NinjaCopy style from physical disk and volume handles. Handy for exfiltrating registry hives or ntds.dit on hosts with EDR's.
π₯ [ tweet ]
Just pushed a small change for the recently released Volumiser tool. You can now read files directly al a NinjaCopy style from physical disk and volume handles. Handy for exfiltrating registry hives or ntds.dit on hosts with EDR's.
π₯ [ tweet ]
π [ zux0x3a, Lawrence εε«ζ― | ΩΩΨ±Ψ§ΩΨ³ ]
https://t.co/nOAPMLpyhw
π https://www.cyberwarfare.live/blog/vectored-syscall-poc
π₯ [ tweet ]
https://t.co/nOAPMLpyhw
π https://www.cyberwarfare.live/blog/vectored-syscall-poc
π₯ [ tweet ]
π [ t3l3machus, Panagiotis Chartas ]
Using ππ’π₯π₯ππ’π§, the evolution of ππ¨ππ±ππ‘ππ₯π₯ to generate an auto-obfuscated PowerShell backdoor payload, bypass Defender and gain access to a Windows 11 Enterprise machine.
Download, install, connect with others & enjoy hacking as a team: https://t.co/PNuUQLhV6J
π https://github.com/t3l3machus/Villain
π₯ [ tweet ]
Using ππ’π₯π₯ππ’π§, the evolution of ππ¨ππ±ππ‘ππ₯π₯ to generate an auto-obfuscated PowerShell backdoor payload, bypass Defender and gain access to a Windows 11 Enterprise machine.
Download, install, connect with others & enjoy hacking as a team: https://t.co/PNuUQLhV6J
π https://github.com/t3l3machus/Villain
π₯ [ tweet ]
Offensive Xwitter
π [ t3l3machus, Panagiotis Chartas ] Using ππ’π₯π₯ππ’π§, the evolution of ππ¨ππ±ππ‘ππ₯π₯ to generate an auto-obfuscated PowerShell backdoor payload, bypass Defender and gain access to a Windows 11 Enterprise machine. Download, install, connect with others & enjoyβ¦
π₯3
π [ cyb3rops, Florian Roth β‘ ]
Imagine you'd get access to an unknown SIEM of a new customer & would be given 10min to find malicious activity by using keyword searches on raw data, what would you search for?
I'll start
'.dmp full'
'whoami'
'delete shadows'
'FromBase64String'
'save HKLM\SAM'
' -w hidden '
π₯ [ tweet ]
Imagine you'd get access to an unknown SIEM of a new customer & would be given 10min to find malicious activity by using keyword searches on raw data, what would you search for?
I'll start
'.dmp full'
'whoami'
'delete shadows'
'FromBase64String'
'save HKLM\SAM'
' -w hidden '
π₯ [ tweet ]
π€1
π [ jack_halon, Jack Halon ]
Today I am releasing part 2 of my 3-part browser exploitation series on Chrome!
In part 2, we take a deep dive into the V8 compiler pipeline by understanding what happens under the hood in Ignition, Sparkplug, and TurboFan!
Enjoy!
https://t.co/XAnbzdnjeQ
π https://jhalon.github.io/chrome-browser-exploitation-2/
π₯ [ tweet ]
Today I am releasing part 2 of my 3-part browser exploitation series on Chrome!
In part 2, we take a deep dive into the V8 compiler pipeline by understanding what happens under the hood in Ignition, Sparkplug, and TurboFan!
Enjoy!
https://t.co/XAnbzdnjeQ
π https://jhalon.github.io/chrome-browser-exploitation-2/
π₯ [ tweet ]
π [ aetsu, π¬ππππ ]
TripleCross: A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
https://t.co/jZ8KQnSUxs
π https://github.com/h3xduck/TripleCross
π₯ [ tweet ]
TripleCross: A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
https://t.co/jZ8KQnSUxs
π https://github.com/h3xduck/TripleCross
π₯ [ tweet ]
π [ testanull, Janggggg ]
You guys must be waiting for this,
So this is the working PoC script of the Exchange 0day exploited ITW
https://t.co/XGx0fYJygm
π https://github.com/testanull/ProxyNotShell-PoC
π₯ [ tweet ]
You guys must be waiting for this,
So this is the working PoC script of the Exchange 0day exploited ITW
https://t.co/XGx0fYJygm
π https://github.com/testanull/ProxyNotShell-PoC
π₯ [ tweet ]
Forwarded from Ralf Hacker Channel (Ralf Hacker)
ΠΠΎΠ²ΡΠ΅ ΡΡΡΠΏΡΠΈΠ·Ρ Π² AD CS... ΠΠΎΠ±Π°Π²ΠΈΠΌ ΡΠ΅Ρ
Π½ΠΈΠΊΡ ESC11π
https://blog.compass-security.com/2022/11/relaying-to-ad-certificate-services-over-rpc/
#ad #pentest #redteam
https://blog.compass-security.com/2022/11/relaying-to-ad-certificate-services-over-rpc/
#ad #pentest #redteam
π [ Ben0xA, Ben Ten (0xA) ]
Releasing a new tool: Orpheus! Bypasses most Kerberoast Detections (including my own). Blog post and video is up at @TrustedSec! Even used @HackingDave's old alias in the demo. https://t.co/qhP8r28s4K #infosec #security #kerberoast
π https://trustedsec.com/blog/the-art-of-bypassing-kerberoast-detections-with-orpheus/
π₯ [ tweet ]
Releasing a new tool: Orpheus! Bypasses most Kerberoast Detections (including my own). Blog post and video is up at @TrustedSec! Even used @HackingDave's old alias in the demo. https://t.co/qhP8r28s4K #infosec #security #kerberoast
π https://trustedsec.com/blog/the-art-of-bypassing-kerberoast-detections-with-orpheus/
π₯ [ tweet ]
π [ BushidoToken, Will | Darknet Diaries #126 ]
πNew Blog: I have attempted to track what happened to Conti this year after the leaks and collapse of the group. Here are my findings, largely based on #OSINT. Enjoy!
https://t.co/0jSd1ZFkLf #Conti #Quantum #BlackBasta #Royal #WizardSpider #CTI
π https://blog.bushidotoken.net/2022/11/the-continuity-of-conti.html
π₯ [ tweet ]
πNew Blog: I have attempted to track what happened to Conti this year after the leaks and collapse of the group. Here are my findings, largely based on #OSINT. Enjoy!
https://t.co/0jSd1ZFkLf #Conti #Quantum #BlackBasta #Royal #WizardSpider #CTI
π https://blog.bushidotoken.net/2022/11/the-continuity-of-conti.html
π₯ [ tweet ]
π [ splinter_code, Antonio Cocomazzi ]
A bad news for all potato lovers π
Starting from Windows 11 22H2 a new code change in lsasrv.dll broke the trick to recover the INTERACTIVE sid group through the logon type New Credentials (9).
More details here π
https://t.co/hfhZxk3zMg
cc @decoder_it
π https://github.com/antonioCoco/JuicyPotatoNG/issues/4
π₯ [ tweet ]
A bad news for all potato lovers π
Starting from Windows 11 22H2 a new code change in lsasrv.dll broke the trick to recover the INTERACTIVE sid group through the logon type New Credentials (9).
More details here π
https://t.co/hfhZxk3zMg
cc @decoder_it
π https://github.com/antonioCoco/JuicyPotatoNG/issues/4
π₯ [ tweet ]
π’1