π [ M4yFly, Mayfly ]
GOAD exploitation part5 : sAMAccountName spoofing and printNightmare.
https://t.co/F6X1HtUhCr
π https://mayfly277.github.io/posts/GOADv2-pwning-part5/
π₯ [ tweet ]
GOAD exploitation part5 : sAMAccountName spoofing and printNightmare.
https://t.co/F6X1HtUhCr
π https://mayfly277.github.io/posts/GOADv2-pwning-part5/
π₯ [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
π [ kalilinux, Kali Linux ]
You know about our weekly images, but did you know we now have weekly VMs? Or, did you know you can use our build scripts to automate creating your own VMs?
Check it out!
https://t.co/WKekW7dncr
π https://www.kali.org/blog/kali-vm-builder-weekly/
π₯ [ tweet ]
You know about our weekly images, but did you know we now have weekly VMs? Or, did you know you can use our build scripts to automate creating your own VMs?
Check it out!
https://t.co/WKekW7dncr
π https://www.kali.org/blog/kali-vm-builder-weekly/
π₯ [ tweet ]
π [ theluemmel, S4U2LuemmelSec ]
I am not shocked anymore :)
Confluence Questions hardcoded creds for user
CVE-2022-26138
https://t.co/2O3qt6IYee
π https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26138
π₯ [ tweet ]
I am not shocked anymore :)
Confluence Questions hardcoded creds for user
CVE-2022-26138
https://t.co/2O3qt6IYee
π https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26138
π₯ [ tweet ]
π₯2
π [ fluepke, @fluepke@chaos.social ]
Discovered by a fried of mine:
CVE-2022-26138: A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group
The password is disabled1system1user6708
π₯ [ tweet ]
Discovered by a fried of mine:
CVE-2022-26138: A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group
The password is disabled1system1user6708
π₯ [ tweet ]
π₯2
π [ cfalta, Christoph Falta ]
I wrote something to compare the content of two volume shadow copies. Let's hope that's useful π #dfir #PowerShell
https://t.co/ip15QPFaTq
π https://github.com/cfalta/vsctool
π₯ [ tweet ]
I wrote something to compare the content of two volume shadow copies. Let's hope that's useful π #dfir #PowerShell
https://t.co/ip15QPFaTq
π https://github.com/cfalta/vsctool
π₯ [ tweet ]
π [ filip_dragovic, Filip Dragovic ]
Just another way to abuse SeImpersonate privilege...
https://t.co/Q175DkLnyX
Hard work is done by crisprss (dont know twitter handle) , i simply found way to weaponize it. :)
π https://github.com/Wh04m1001/DiagTrackEoP
π₯ [ tweet ]
Just another way to abuse SeImpersonate privilege...
https://t.co/Q175DkLnyX
Hard work is done by crisprss (dont know twitter handle) , i simply found way to weaponize it. :)
π https://github.com/Wh04m1001/DiagTrackEoP
π₯ [ tweet ]
π [ MDSecLabs, MDSec ]
In part 1 of this blog series, @domchell provides an overview on detecting beacons https://t.co/hsTgTqQKs7
π https://www.mdsec.co.uk/2022/07/part-1-how-i-met-your-beacon-overview/
π₯ [ tweet ]
In part 1 of this blog series, @domchell provides an overview on detecting beacons https://t.co/hsTgTqQKs7
π https://www.mdsec.co.uk/2022/07/part-1-how-i-met-your-beacon-overview/
π₯ [ tweet ]
π [ chvancooten, Cas van Cooten ]
Slides for my talk "BYOT: Build Your Own Tools for Fun and Profit" presented at @x33fcon 2022 published here! π
https://t.co/630BRCEi3Q
π https://github.com/chvancooten/conferences/blob/main/2022-07%20-%20BYOT%20Build%20Your%20Own%20Tools%20for%20Fun%20%26%20Profit%20%40%20X33fcon/BYOT%20%20-%20Build%20Your%20Own%20Tools%20For%20Fun%20And%20Profit.pdf
π₯ [ tweet ]
Slides for my talk "BYOT: Build Your Own Tools for Fun and Profit" presented at @x33fcon 2022 published here! π
https://t.co/630BRCEi3Q
π https://github.com/chvancooten/conferences/blob/main/2022-07%20-%20BYOT%20Build%20Your%20Own%20Tools%20for%20Fun%20%26%20Profit%20%40%20X33fcon/BYOT%20%20-%20Build%20Your%20Own%20Tools%20For%20Fun%20And%20Profit.pdf
π₯ [ tweet ]
πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
[#HackTip β] When thereβs not much info revealed about AD sites from CME subnets module, we can combine @_dirkjanβs adidnsdump with @pdiscoveryio mapcidr to get a nicely formatted list of the target intranetworks πΈ
#ad #dns
π₯ [ tweet ]
[#HackTip β] When thereβs not much info revealed about AD sites from CME subnets module, we can combine @_dirkjanβs adidnsdump with @pdiscoveryio mapcidr to get a nicely formatted list of the target intranetworks πΈ
#ad #dns
π₯ [ tweet ]
π₯1
π [ 0xdf_, 0xdf ]
The best part of Catch from @hackthebox_eu is poisoning a config such that the server uses my VM for Redis, and serving a serialized PHP object to get RCE. There's several paths, and lots of interesting exploitation.
https://t.co/hRViK12SW6
π https://0xdf.gitlab.io/2022/07/23/htb-catch.html
π₯ [ tweet ]
The best part of Catch from @hackthebox_eu is poisoning a config such that the server uses my VM for Redis, and serving a serialized PHP object to get RCE. There's several paths, and lots of interesting exploitation.
https://t.co/hRViK12SW6
π https://0xdf.gitlab.io/2022/07/23/htb-catch.html
π₯ [ tweet ]
π [ m3g9tr0n, Spiros Fraganastasis ]
Self-removing PE's with Remote Thread Injection
https://t.co/wSBqhFOl5b
π http://0xthem.blogspot.com/2014/10/self-delete-pe.html
π₯ [ tweet ]
Self-removing PE's with Remote Thread Injection
https://t.co/wSBqhFOl5b
π http://0xthem.blogspot.com/2014/10/self-delete-pe.html
π₯ [ tweet ]
π [ itm4n, ClΓ©ment Labro ]
The July 2022 update of Windows 10/11 killed PPLdump ππ’
Find out how in this blog post...
π https://t.co/o0izvkkSm0
π https://itm4n.github.io/the-end-of-ppldump/
π₯ [ tweet ]
The July 2022 update of Windows 10/11 killed PPLdump ππ’
Find out how in this blog post...
π https://t.co/o0izvkkSm0
π https://itm4n.github.io/the-end-of-ppldump/
π₯ [ tweet ]
π [ s4tan, Antonio 's4tan' Parata ]
With the intent to be more transparent, I decided to release the source code of my C2 framework. Don't be evil :) https://t.co/xgbUxkX5Nl
π https://github.com/enkomio/AlanFramework
π₯ [ tweet ]
With the intent to be more transparent, I decided to release the source code of my C2 framework. Don't be evil :) https://t.co/xgbUxkX5Nl
π https://github.com/enkomio/AlanFramework
π₯ [ tweet ]
π [ last0x00, last ]
Following the news about @microsoft patching the exploit which made @itm4n's PPLDump a reality, it's finally time to make my RIPPL tool public. The project, heavily based off PPLDump, added many offensive functionalities to tamper with EDRs. RIP buddy β€οΈ
https://t.co/tYEYe0eHQS
π https://github.com/last-byte/RIPPL/
π₯ [ tweet ]
Following the news about @microsoft patching the exploit which made @itm4n's PPLDump a reality, it's finally time to make my RIPPL tool public. The project, heavily based off PPLDump, added many offensive functionalities to tamper with EDRs. RIP buddy β€οΈ
https://t.co/tYEYe0eHQS
π https://github.com/last-byte/RIPPL/
π₯ [ tweet ]
π [ MDSecLabs, MDSec ]
In part 2 of the How I Met Your Beacon series, we look at some strategies for detecting Cobalt Strike https://t.co/d3GujiN5QO by @domchell
π https://www.mdsec.co.uk/2022/07/part-2-how-i-met-your-beacon-cobalt-strike/
π₯ [ tweet ]
In part 2 of the How I Met Your Beacon series, we look at some strategies for detecting Cobalt Strike https://t.co/d3GujiN5QO by @domchell
π https://www.mdsec.co.uk/2022/07/part-2-how-i-met-your-beacon-cobalt-strike/
π₯ [ tweet ]
π [ 80vul, heige ]
DeimosC2 https://t.co/iful3m4ErI DeimosC2 is a post-exploitation Command & Control (C2) tool that leverages multiple communication methods in order to control machines that have been compromised. D https://t.co/XfMPOwkr0o #ZoomEye Dork
π https://github.com/DeimosC2/DeimosC2
π https://www.zoomeye.org/searchResult?q=%22%3Ctitle%3EDeimos%20C2%3C%2Ftitle%3E%22
π₯ [ tweet ]
DeimosC2 https://t.co/iful3m4ErI DeimosC2 is a post-exploitation Command & Control (C2) tool that leverages multiple communication methods in order to control machines that have been compromised. D https://t.co/XfMPOwkr0o #ZoomEye Dork
π https://github.com/DeimosC2/DeimosC2
π https://www.zoomeye.org/searchResult?q=%22%3Ctitle%3EDeimos%20C2%3C%2Ftitle%3E%22
π₯ [ tweet ]
π [ cnotin, ClΓ©ment Notin ]
Just noticed that the amazing "Remediation And Hardening Strategies For Microsoft 365 To Defend Against UNC2452" @Mandiant whitepaper has a version 1.2 with two additional techniques from version 1.1
πhttps://t.co/4WhQTixrxE
Awesome reference on #AzureAD, #M365, #ADFS security
π https://www.mandiant.com/sites/default/files/2021-11/wp-m-unc2452-000343.pdf
π₯ [ tweet ]
Just noticed that the amazing "Remediation And Hardening Strategies For Microsoft 365 To Defend Against UNC2452" @Mandiant whitepaper has a version 1.2 with two additional techniques from version 1.1
πhttps://t.co/4WhQTixrxE
Awesome reference on #AzureAD, #M365, #ADFS security
π https://www.mandiant.com/sites/default/files/2021-11/wp-m-unc2452-000343.pdf
π₯ [ tweet ]