๐ [ d3lb3_, Julien Bedel ]
After January's patch of KeePass trigger abuse technique, I decided to take a deep dive into the software features, ending up with new ways to extract passwords through the the configuration file!
Details and mitigations below, enjoy the read โ๏ธ
https://t.co/nhaad3p6dw
๐ https://d3lb3.github.io/keepass_triggers_arent_dead
๐ฅ [ tweet ]
After January's patch of KeePass trigger abuse technique, I decided to take a deep dive into the software features, ending up with new ways to extract passwords through the the configuration file!
Details and mitigations below, enjoy the read โ๏ธ
https://t.co/nhaad3p6dw
๐ https://d3lb3.github.io/keepass_triggers_arent_dead
๐ฅ [ tweet ]
๐คฏ4๐ฅ2
๐ [ bohops, bohops ]
[Blog] No Alloc, No Problem: Leveraging Program Entry Points for Process Injection
An analysis of AddressOfEntryPoint and the 'new' ThreadQuerySetWin32StartAddress (ThreadQuery) process injection techniques
https://t.co/K9DuL5he0h
๐ https://bohops.com/2023/06/09/no-alloc-no-problem-leveraging-program-entry-points-for-process-injection/
๐ฅ [ tweet ]
[Blog] No Alloc, No Problem: Leveraging Program Entry Points for Process Injection
An analysis of AddressOfEntryPoint and the 'new' ThreadQuerySetWin32StartAddress (ThreadQuery) process injection techniques
https://t.co/K9DuL5he0h
๐ https://bohops.com/2023/06/09/no-alloc-no-problem-leveraging-program-entry-points-for-process-injection/
๐ฅ [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
๐ [ t3l3machus, Panagiotis Chartas ]
A browser Man-In-The-Middle attack in 58 seconds, using #toxssin.
โ GitHub -> https://t.co/1IVyfjakJ5
๐ฅ Full video -> https://t.co/v1Oapbw8uU
Please subscribe -> https://t.co/Gcekp1Gagb
#hacking #hackingtools #xss #pentesting #redteam #t3l3machus https://t.co/zJ2Fv99iOR
๐ https://github.com/t3l3machus/toxssin
๐ https://youtu.be/Z9I4UJUBrrY
๐ https://www.youtube.com/@HaxorTechTones
๐ฅ [ tweet ]
A browser Man-In-The-Middle attack in 58 seconds, using #toxssin.
โ GitHub -> https://t.co/1IVyfjakJ5
๐ฅ Full video -> https://t.co/v1Oapbw8uU
Please subscribe -> https://t.co/Gcekp1Gagb
#hacking #hackingtools #xss #pentesting #redteam #t3l3machus https://t.co/zJ2Fv99iOR
๐ https://github.com/t3l3machus/toxssin
๐ https://youtu.be/Z9I4UJUBrrY
๐ https://www.youtube.com/@HaxorTechTones
๐ฅ [ tweet ]
๐ฅ7
๐ [ zimnyaatishina, zimnyaa ]
It's an okay language.
https://t.co/mr46UrK4CL
๐ https://tishina.in/execution/golang-winmaldev-basics
๐ฅ [ tweet ]
It's an okay language.
https://t.co/mr46UrK4CL
๐ https://tishina.in/execution/golang-winmaldev-basics
๐ฅ [ tweet ]
Offensive Xwitter
๐ [ ZeroMemoryEx, V2 ] Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes https://t.co/UGt7cd1DYu ๐ https://github.com/ZeroMemoryEx/Terminator ๐ฅ [ tweet ]
๐ [ merterpreter, mert ]
SharpTerminatator is a C# port of ZeroMemoryEx's art piece called Terminator. It can be used with Cobalt Strike's execute-assembly or as a standalone executable.
All hail goes to him.
and ofcourse spyboy :)
https://t.co/m8KqH4kVAt
๐ https://github.com/mertdas/SharpTerminator
๐ฅ [ tweet ]
SharpTerminatator is a C# port of ZeroMemoryEx's art piece called Terminator. It can be used with Cobalt Strike's execute-assembly or as a standalone executable.
All hail goes to him.
and ofcourse spyboy :)
https://t.co/m8KqH4kVAt
๐ https://github.com/mertdas/SharpTerminator
๐ฅ [ tweet ]
๐ [ DarkCoderSc, Jean-Pierre LESUEUR ]
๐ธ๐ฝ Interested in C2 over FTP(S)? Explore my new project, SharpFtpC2, which enables execution of shell commands on remote systems via FTP(S). Currently in beta and lacking encryption, but it's on the way: https://t.co/9Dkf19MhJL
#InfoSec #Malware #Network #Evasion #FTP
๐ https://github.com/DarkCoderSc/SharpFtpC2
๐ฅ [ tweet ]
๐ธ๐ฝ Interested in C2 over FTP(S)? Explore my new project, SharpFtpC2, which enables execution of shell commands on remote systems via FTP(S). Currently in beta and lacking encryption, but it's on the way: https://t.co/9Dkf19MhJL
#InfoSec #Malware #Network #Evasion #FTP
๐ https://github.com/DarkCoderSc/SharpFtpC2
๐ฅ [ tweet ]
๐ฅ3
๐ [ 0xdeaddood, leandro ]
๐Want to know more? Check out my new blogpost! Forging tickets in 2023 with Impacket ๐๏ธ.
https://t.co/TYEiUMVNEc
๐ https://0xdeaddood.rocks/2023/05/11/forging-tickets-in-2023/
๐ฅ [ tweet ]
๐Want to know more? Check out my new blogpost! Forging tickets in 2023 with Impacket ๐๏ธ.
https://t.co/TYEiUMVNEc
๐ https://0xdeaddood.rocks/2023/05/11/forging-tickets-in-2023/
๐ฅ [ tweet ]
๐2
๐ [ mariuszbit, mgeeky | Mariusz Banach ]
Game cheaters don't get along with Red Teamers very well ๐ญ
https://t.co/J4cktI3qDg
๐ https://www.unknowncheats.me/forum/anti-cheat-bypass/587585-terminator.html
๐ฅ [ tweet ]
Game cheaters don't get along with Red Teamers very well ๐ญ
https://t.co/J4cktI3qDg
๐ https://www.unknowncheats.me/forum/anti-cheat-bypass/587585-terminator.html
๐ฅ [ tweet ]
ะท. ั. ะบะพะผะผะตะฝัั ะฒ ัะฒะธััะตั ััะตะดะต ะดะพััะฐะฒะปััั ะฝะต ะผะตะฝััะต ะบะพะผะผะตะฝัะพะฒ ะฝะฐ unknowncheats๐4
๐ [ _RastaMouse, Rasta Mouse ]
Dang 600,000...
๐ฅ [ tweet ]
Dang 600,000...
๐ฅ [ tweet ]
ะผั ััั ัะฐะบะธะต ัะตัััะฝัะต, ั ะฝะฐั pbkdf2 ะฒัััะฐะฒะปะตะฝ ะฒ 600ะบ ะธัะตัะฐัะธะนโฆ ะฟัะฐะฒะดะฐ ะฝะฐั ะปะพะผะฐัั ัะตัะตะท ะดะตะฝั, ะฝะพ ััะพ ะดััะณะพะต, ัะพ-ะพ-ะพัะฝะพโฆ ัะฑะตะณะฐะนัะต ะพั ััะธั
ะฝะตะฐะดะตะบะฒะฐัะพะฒ ะฝะฐ ัะตะปั-ั
ะพััะตะด ะฑะธัะฒะฐัะดะตะฝ, ะบััะฐัะธ๐2๐2
๐ [ an0n_r0, an0n ]
poor man's browser pivot through chrome remote debugging.๐ฅ
no need to inject into iexplorer anymore.๐ช
just came across this awesome solution shared by @NotMedic long ago: https://t.co/oPU8cZnecv
and this is also working with msedge (it shares the same chromium engine)!๐
๐ https://gist.github.com/NotMedic/b1ab7809eea94cc05513905b26964663
๐ฅ [ tweet ]
poor man's browser pivot through chrome remote debugging.๐ฅ
no need to inject into iexplorer anymore.๐ช
just came across this awesome solution shared by @NotMedic long ago: https://t.co/oPU8cZnecv
and this is also working with msedge (it shares the same chromium engine)!๐
๐ https://gist.github.com/NotMedic/b1ab7809eea94cc05513905b26964663
๐ฅ [ tweet ]
๐ [ ghostlulz1337, ghostlulz ]
If you want to learn more about Internal Pentesting & Red Teaming these are some really good resources
๐ https://book.hacktricks.xyz/
๐ https://www.thehacker.recipes/
๐ https://ppn.snovvcrash.rocks/
๐ https://cheats.philkeeble.com/
๐ https://dmcxblue.gitbook.io/
๐ https://www.vincentyiu.com/
๐ https://www.ired.team/
๐ฅ [ tweet ]
If you want to learn more about Internal Pentesting & Red Teaming these are some really good resources
๐ https://book.hacktricks.xyz/
๐ https://www.thehacker.recipes/
๐ https://ppn.snovvcrash.rocks/
๐ https://cheats.philkeeble.com/
๐ https://dmcxblue.gitbook.io/
๐ https://www.vincentyiu.com/
๐ https://www.ired.team/
๐ฅ [ tweet ]
๐ฅ9
๐ [ ippsec, ippsec ]
Third part in my Configuring Parrot via Ansible Series is now up. This one configures both Firefox and Burpsuite, and hopefully will serve as a good intro to Jinja2 Templating, which makes customizing scripts/files a breeze. Check out the video here:
Part 1
๐ https://youtu.be/2y68gluYTcc
Part 2
๐ https://youtu.be/VRz_vtPBZzA
Part 3
๐ https://youtu.be/XDJB0TVKtNk
๐ฅ [ tweet ]
Third part in my Configuring Parrot via Ansible Series is now up. This one configures both Firefox and Burpsuite, and hopefully will serve as a good intro to Jinja2 Templating, which makes customizing scripts/files a breeze. Check out the video here:
Part 1
๐ https://youtu.be/2y68gluYTcc
Part 2
๐ https://youtu.be/VRz_vtPBZzA
Part 3
๐ https://youtu.be/XDJB0TVKtNk
๐ฅ [ tweet ]
๐ฅ3๐1
๐ [ ZephrFish, Andy ]
Great post from @_RayRT on abusing different Active Directory object controls and how to detect them https://t.co/CFQvEuA0Rv #RedTeam #blueteam #purpleteam #cti
๐ http://labs.lares.com/securing-active-directory-via-acls/
๐ฅ [ tweet ]
Great post from @_RayRT on abusing different Active Directory object controls and how to detect them https://t.co/CFQvEuA0Rv #RedTeam #blueteam #purpleteam #cti
๐ http://labs.lares.com/securing-active-directory-via-acls/
๐ฅ [ tweet ]
๐6
๐ [ an0n_r0, an0n ]
Mini-HOWTO about setting up Full Disk Encryption with unattended auto-unlock using TPM2 w/ Secure Boot on Kali.
Useful for rogue devices (auto-connecting to C2), headless pentest boxes, etc. storing confidential information but lacking physical security.
https://t.co/vOXnlpZcm6
๐ https://gist.github.com/tothi/c7fdaaca3d61b7e3298863ada358fc1e
๐ฅ [ tweet ]
Mini-HOWTO about setting up Full Disk Encryption with unattended auto-unlock using TPM2 w/ Secure Boot on Kali.
Useful for rogue devices (auto-connecting to C2), headless pentest boxes, etc. storing confidential information but lacking physical security.
https://t.co/vOXnlpZcm6
๐ https://gist.github.com/tothi/c7fdaaca3d61b7e3298863ada358fc1e
๐ฅ [ tweet ]
๐ฅ2
๐ [ virustotal, VirusTotal ]
In late 2022 we started monitoring PyPI, the most important Python repository. In a few weeks, we found dozens of suspicious packages. Here is our deep dive into PyPI hosted malware, by
@alexey_firsh: https://t.co/EdGdlOFw9L
๐ https://blog.virustotal.com/2023/06/inside-of-wasps-nest-deep-dive-into.html
๐ฅ [ tweet ]
In late 2022 we started monitoring PyPI, the most important Python repository. In a few weeks, we found dozens of suspicious packages. Here is our deep dive into PyPI hosted malware, by
@alexey_firsh: https://t.co/EdGdlOFw9L
๐ https://blog.virustotal.com/2023/06/inside-of-wasps-nest-deep-dive-into.html
๐ฅ [ tweet ]
๐ฅ1
๐ [ d4rksystem, Kyle Cucci ]
Really nice analysis from @voidsec of the vulnerable driver used by Spybot's Terminator tool.
https://t.co/08M2Dr5AMF
๐ https://voidsec.com/reverse-engineering-terminator-aka-zemana-antimalware-antilogger-driver/
๐ฅ [ tweet ]
Really nice analysis from @voidsec of the vulnerable driver used by Spybot's Terminator tool.
https://t.co/08M2Dr5AMF
๐ https://voidsec.com/reverse-engineering-terminator-aka-zemana-antimalware-antilogger-driver/
๐ฅ [ tweet ]
๐ [ HackingLZ, Justin Elze ]
CS COFFLoader is public now thanks @_snus https://t.co/NIaNFWR47z https://t.co/nFahK7ZZX2
๐ https://github.com/trustedsec/CS_COFFLoader/
๐ฅ [ tweet ]
CS COFFLoader is public now thanks @_snus https://t.co/NIaNFWR47z https://t.co/nFahK7ZZX2
๐ https://github.com/trustedsec/CS_COFFLoader/
๐ฅ [ tweet ]
๐2