😈 [ tiraniddo, James Forshaw ]

I recommended to @_dirkjan to try my NtObjectManager PS module to do an AD access check, but of course I provided no guidance. Therefore, here's a quick blog post with an overview of the checking process and how to use the Get-AccessibleDsObject command. https://t.co/ZOoJe6DHAS

🔗 https://www.tiraniddo.dev/2022/07/access-checking-active-directory.html

🐥 [ tweet ]

😈 [ 0gtweet, Grzegorz Tworek ]

Didn't described it precisely so far:
If you put 'mpnotify' value into the HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, your exe will be launched by winlogon.exe when user logs on. After 30s the process will be terminated.
https://t.co/36luTJ3vqB

🔗 https://persistence-info.github.io/Data/mpnotify.html

🐥 [ tweet ]

😈 [ m3g9tr0n, Spiros Fraganastasis ]

Malware Mutation Using Reinforcement Learning and Generative Adversarial Networks https://t.co/WxPdaOEkhj

🔗 https://github.com/CyberForce/Pesidious

🐥 [ tweet ]

👹 [ snovvcrash, sn🥶vvcr💥sh ]

[#Tooling ⚔️] Inspired by @s4ntiago_p and NanoDump I’ve fully switched to API Hashing for Windows API and syscalls resolution in DInjector. A quick re-hashing can be performed before compilation with a Python script.

🐥 [ tweet ]

😈 [ Cx01N_, Cx01N ]

This is great!
https://t.co/xkvlT03Wf1

🔗 https://github.com/NARKOZ/hacker-scripts

🐥 [ tweet ]

😈 [ _nwodtuhs, Charlie Bromberg (Shutdown) ]

After 4 months of testing/peer-review and the PR being in draft, dacledit is now ready for official review and merge in Impacket 💪 This script can be used to read, write, remove, backup, restore ACEs in an object's DACL, see you soon when merged 😊

https://t.co/nQGZy1dnbR

🔗 https://github.com/SecureAuthCorp/impacket/pull/1291

🐥 [ tweet ]

😈 [ lpha3ch0, Steve Campbell ]

My latest blog post, Pivoting for Pentesters https://t.co/9N1gxtdJXn #infosec #pentest #redteam

🔗 https://www.stevencampbell.info/Pivoting-for-pentesters/

🐥 [ tweet ]

😈 [ ReconOne_, ReconOne ]

Shodan Dork in Manual mode - Part 1

Now that you all have Shodan membership it's time to try Shodan Dorks 👀👇

Credits: @securitytrails

#recon #Shodan #attacksurface #bugbountytips #BugBounty #cybersecurity

🐥 [ tweet ]

😈 [ C5pider, 5pider ]

CoffeeLdr
A Beacon Object File Loader
https://t.co/vD2QlGhLov

🔗 https://github.com/Cracked5pider/CoffeeLdr

🐥 [ tweet ]

😈 [ i_bo0om, Bo0oM ]

20 years of payment processing problems

Ru: https://t.co/Xp81RFL9hQ
En: https://t.co/aDep1kdgyu

🔗 https://bo0om.ru/20-years-of-payment-processing-problems
🔗 https://bo0om.ru/20-years-of-payment-processing-problems-en

🐥 [ tweet ]

😈 [ mpgn_x64, mpgn ]

I just merged one of the most craziest module in CrackMapExec called "hash_spider" from @hackerm00n 🚀

With an initial admin access, it will dump lsass recursively using BloodHound to find local admins path (adminTo) to harvest more users and find new paths until DA 🔥

🪂

🐥 [ tweet ]

😈 [ an0n_r0, an0n ]

elevated CVE-2022-30166 EoP to SYSTEM. the work was done by @tiraniddo, here I just modified their PoC for getting TGT dump, did some custom ticket conversion stuff then RBCD attack with the machine Kerberos TGT. works only if AllowTgtSessionKey (non-default) is enabled.

🐥 [ tweet ][ quote ]

😈 [ _RastaMouse, Rasta Mouse ]

I spent some of time I was glued to my chair with sweat to put rportfwd into SharpC2 as well.

🔗 https://github.com/SharpC2/SharpC2/tree/dev

🐥 [ tweet ]

😈 [ CoreAdvisories, CoreLabs Research ]

Get an in-depth analysis of recent #Windows #vulnerability, CVE-2022-22029> from cybersecurity expert and #exploit writer @ricnar456
https://t.co/i4nyYDiapH

🔗 https://www.coresecurity.com/core-labs/articles/analysis-cve-2022-22029-windows-network-file-system-vulnerability

🐥 [ tweet ]

😈 [ HuskyHacksMK, Matt | HuskyHacks ]

Confirmed that the new Apache Spark OS Command Injection works 🎆

CVE-2022-33891 Apache Spark Shell Command Injection Vulnerability (disc. by Kostya Kortchinsky, not me)

Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1

POC soon!

🐥 [ tweet ]