π [ _RastaMouse, Rasta Mouse ]
[BLOG]
Crappy post on creating custom implicit and explicit C# class conversions.
https://t.co/8DAIkC8QEa
π https://offensivedefence.co.uk/posts/implicit-explicit-conversions/
π₯ [ tweet ]
[BLOG]
Crappy post on creating custom implicit and explicit C# class conversions.
https://t.co/8DAIkC8QEa
π https://offensivedefence.co.uk/posts/implicit-explicit-conversions/
π₯ [ tweet ]
π [ _Wra7h, Christian W ]
Wrote a script to create a new .csproj for Seatbelt that will build with just the commands/command group you specify. 1/2
https://t.co/DtlM1GNECj
π https://github.com/Wra7h/PowerShell-Scripts/tree/main/Invoke-Retractor
π₯ [ tweet ]
Wrote a script to create a new .csproj for Seatbelt that will build with just the commands/command group you specify. 1/2
https://t.co/DtlM1GNECj
π https://github.com/Wra7h/PowerShell-Scripts/tree/main/Invoke-Retractor
π₯ [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
π [ zux0x3a, Lawrence εε«ζ― | ΩΩΨ±Ψ§ΩΨ³ ]
I have released Linux/Unix-based binary with the same features
check it out: https://t.co/vVZdsTXNKW
π https://ired.dev/discussion/17/a-pascal-reverse-shell-with-encrypted-traffic-using-the-xor-algorithm-linux#latest
π₯ [ tweet ][ quote ]
I have released Linux/Unix-based binary with the same features
check it out: https://t.co/vVZdsTXNKW
π https://ired.dev/discussion/17/a-pascal-reverse-shell-with-encrypted-traffic-using-the-xor-algorithm-linux#latest
π₯ [ tweet ][ quote ]
This media is not supported in your browser
VIEW IN TELEGRAM
π [ Hackers_bot, οΌ¨οΌ‘οΌ£οΌ«οΌ₯οΌ²οΌ³οΌ’οΌ―οΌ΄ ]
'Love', 'Sex', 'Secret' and 'God'.
π₯ [ tweet ]
'Love', 'Sex', 'Secret' and 'God'.
π₯ [ tweet ]
π1
This media is not supported in your browser
VIEW IN TELEGRAM
π [ zux0x3a, Lawrence εε«ζ― | ΩΩΨ±Ψ§ΩΨ³ ]
Hey, 2023, a reverse shell with the XOR encryption for the communication between server/client, but now with C#. (converted from Pascal release)
https://t.co/JNVNlzYZ8z
π https://github.com/0xsp-SRD/0xsp.com/tree/main/rev_shell_xor_enc
π₯ [ tweet ]
Hey, 2023, a reverse shell with the XOR encryption for the communication between server/client, but now with C#. (converted from Pascal release)
https://t.co/JNVNlzYZ8z
π https://github.com/0xsp-SRD/0xsp.com/tree/main/rev_shell_xor_enc
π₯ [ tweet ]
π [ mpgn_x64, mpgn ]
In addition to a bug fix, i've also pushed an update on the RDP protocol so you can authenticate a user using kerberos π₯
Thanks to @SkelSec for this amazing aardwolf lib π«‘
Pushed on @porchetta_ind πͺ
π₯ [ tweet ]
In addition to a bug fix, i've also pushed an update on the RDP protocol so you can authenticate a user using kerberos π₯
Thanks to @SkelSec for this amazing aardwolf lib π«‘
Pushed on @porchetta_ind πͺ
π₯ [ tweet ]
π₯2
π [ _RastaMouse, Rasta Mouse ]
[BLOG]
Backdoor .NET applications via startup hooks.
https://t.co/eh8EibTzHv
π https://rastamouse.me/net-startup-hooks/
π₯ [ tweet ]
[BLOG]
Backdoor .NET applications via startup hooks.
https://t.co/eh8EibTzHv
π https://rastamouse.me/net-startup-hooks/
π₯ [ tweet ]
π [ ORCx41, ORCA ]
Released a new technique to perform clean indirect syscalls, in which the syscall is executed from within ntdll address space, You can check it here: https://t.co/d7HiRgq1KA
π https://repo.maldevacademy.com/
π₯ [ tweet ]
Released a new technique to perform clean indirect syscalls, in which the syscall is executed from within ntdll address space, You can check it here: https://t.co/d7HiRgq1KA
π https://repo.maldevacademy.com/
π₯ [ tweet ]
π1
π [ an0n_r0, an0n ]
WDAC bypass using InstallUtil today. Nothing new, original research by @tiraniddo from 2017. Recreated the technique using ysoserial[.]NET for InstallState file generation (the original tooling is broken for .NET 4.8+). The formatter+gadget chain for arbitrary .NET exec is below.
π₯ [ tweet ][ quote ]
WDAC bypass using InstallUtil today. Nothing new, original research by @tiraniddo from 2017. Recreated the technique using ysoserial[.]NET for InstallState file generation (the original tooling is broken for .NET 4.8+). The formatter+gadget chain for arbitrary .NET exec is below.
π₯ [ tweet ][ quote ]
π [ naksyn, Diego Capriotti ]
Here's a pure Python implementation of MemoryModule technique to load a dll from memory. If using python is an option in your engagement, you can execute your dlls without injection or shellcode.
check it out!
https://t.co/N7yDE061Hs
#redteaming #DYORredteamtip #evasion
π https://github.com/naksyn/PythonMemoryModule/
π₯ [ tweet ]
Here's a pure Python implementation of MemoryModule technique to load a dll from memory. If using python is an option in your engagement, you can execute your dlls without injection or shellcode.
check it out!
https://t.co/N7yDE061Hs
#redteaming #DYORredteamtip #evasion
π https://github.com/naksyn/PythonMemoryModule/
π₯ [ tweet ]
π₯1
π [ zer1t0, Eloy ]
I've been playing and implementing HellsGate technique for learning, but found cumbersome to use 2 procedures (HellsGate and HellDescent) for using syscalls, so implemented zsyscall to use syscall in one step. https://t.co/K2sIRzPQwW
π https://gitlab.com/Zer1t0/zsyscall
π₯ [ tweet ]
I've been playing and implementing HellsGate technique for learning, but found cumbersome to use 2 procedures (HellsGate and HellDescent) for using syscalls, so implemented zsyscall to use syscall in one step. https://t.co/K2sIRzPQwW
π https://gitlab.com/Zer1t0/zsyscall
π₯ [ tweet ]
π [ pdiscoveryio, ProjectDiscovery.io ]
Did you know that with the v9.3.3 release of nuclei-templates that you can now detect the top 200 WordPress Plugins with @pdnuclei?
A huge THANK YOU to @_ricardomaia from our community for this powerful addition to Nuclei Templates! Learn more: https://t.co/DmnF6znCmK
π https://github.com/projectdiscovery/nuclei-templates/pull/6202
π₯ [ tweet ]
Did you know that with the v9.3.3 release of nuclei-templates that you can now detect the top 200 WordPress Plugins with @pdnuclei?
A huge THANK YOU to @_ricardomaia from our community for this powerful addition to Nuclei Templates! Learn more: https://t.co/DmnF6znCmK
π https://github.com/projectdiscovery/nuclei-templates/pull/6202
π₯ [ tweet ]
π [ Nigglxax, weak ]
Today I released Alcaztaz - an x64 binary obfuscator featuring:
- Obfuscation of immediate moves
- Control flow flattening
- Mutation / Obfuscation of certain instructions like MOV, ADD, LEA
- Anti disassembly
- Entry point obfuscation
Read more at: https://t.co/UWMkq1Mt9J
π https://github.com/weak1337/Alcatraz
π₯ [ tweet ]
Today I released Alcaztaz - an x64 binary obfuscator featuring:
- Obfuscation of immediate moves
- Control flow flattening
- Mutation / Obfuscation of certain instructions like MOV, ADD, LEA
- Anti disassembly
- Entry point obfuscation
Read more at: https://t.co/UWMkq1Mt9J
π https://github.com/weak1337/Alcatraz
π₯ [ tweet ]
πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
Submitted another @hackthebox_eu Endgame write-up to Hackplayers (@CyberVaca_, @OscarAkaElvis) - Odyssey this time. Protected with a concatenation of all the flags in the appropriate order. Check it out!
https://t.co/mftkKN7bUx
π https://github.com/Hackplayers/hackthebox-writeups/pull/281
π₯ [ tweet ]
Submitted another @hackthebox_eu Endgame write-up to Hackplayers (@CyberVaca_, @OscarAkaElvis) - Odyssey this time. Protected with a concatenation of all the flags in the appropriate order. Check it out!
https://t.co/mftkKN7bUx
π https://github.com/Hackplayers/hackthebox-writeups/pull/281
π₯ [ tweet ]
π [ daem0nc0re, daem0nc0re ]
Released my CSharp implementation of Phantom DLL Hollowing.
Thanks for your research @_ForrestOrr
https://t.co/kp3OGkauvj
π https://github.com/daem0nc0re/TangledWinExec/tree/main/PhantomDllHollower
π₯ [ tweet ]
Released my CSharp implementation of Phantom DLL Hollowing.
Thanks for your research @_ForrestOrr
https://t.co/kp3OGkauvj
π https://github.com/daem0nc0re/TangledWinExec/tree/main/PhantomDllHollower
π₯ [ tweet ]
π [ D1rkMtr, D1rkMtr ]
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
https://t.co/5qaUEFm78N
π https://github.com/D1rkMtr/UnhookingPatch
π₯ [ tweet ]
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
https://t.co/5qaUEFm78N
π https://github.com/D1rkMtr/UnhookingPatch
π₯ [ tweet ]
π [ an0n_r0, an0n ]
bumped into this openssl `unsupported hash type MD4` error again, this time tried to use Certipy in an offsec lab but not with Kali, used something else.
so here I pushed a micro HOWTO about what to add exactly to openssl cnf in order to solve this:
https://t.co/m0G5MJqC4w
π https://gist.github.com/tothi/392dbb008ae0b60d25cfa4447bc21121
π₯ [ tweet ][ quote ]
bumped into this openssl `unsupported hash type MD4` error again, this time tried to use Certipy in an offsec lab but not with Kali, used something else.
so here I pushed a micro HOWTO about what to add exactly to openssl cnf in order to solve this:
https://t.co/m0G5MJqC4w
π https://gist.github.com/tothi/392dbb008ae0b60d25cfa4447bc21121
π₯ [ tweet ][ quote ]
π [ TrustedSec, TrustedSec ]
Don't suffer a LAPS(e) in judgement! Your tools need protection too. Security Consultant @mega_spl0it outlines how to build #Splunk SPL queries to detect attacks against #MicrosoftLAPS in our new #blog. https://t.co/nhcuC6eZx4
π https://hubs.la/Q01xvpTt0
π₯ [ tweet ]
Don't suffer a LAPS(e) in judgement! Your tools need protection too. Security Consultant @mega_spl0it outlines how to build #Splunk SPL queries to detect attacks against #MicrosoftLAPS in our new #blog. https://t.co/nhcuC6eZx4
π https://hubs.la/Q01xvpTt0
π₯ [ tweet ]
π [ decoder_it, ap ]
We did it again with #LocalPotato!
A not-so-common NTLM reflection attack allowing for arbitrary read/write. Basically EoP from user to SYSTEM.
Tracked as #CVE-2023-21746 - Windows NTLM EoP
Soon more details --> https://t.co/Skyn0xdxNN
cc @splinter_code
π http://www.localpotato.com
π₯ [ tweet ]
We did it again with #LocalPotato!
A not-so-common NTLM reflection attack allowing for arbitrary read/write. Basically EoP from user to SYSTEM.
Tracked as #CVE-2023-21746 - Windows NTLM EoP
Soon more details --> https://t.co/Skyn0xdxNN
cc @splinter_code
π http://www.localpotato.com
π₯ [ tweet ]
π₯3