π [ Max Harley @0xdab0 ]
Finally releasing a very beta version of my ADExplorerSnapshot Rust rewrite! There have been a ton of performance optimizations, edges added, and usability improvements since the quoted tweet. I'm really excited for people to start using and breaking it.
π https://github.com/t94j0/adexplorersnapshot-rs
π₯ [ tweet ][ quote ]
Finally releasing a very beta version of my ADExplorerSnapshot Rust rewrite! There have been a ton of performance optimizations, edges added, and usability improvements since the quoted tweet. I'm really excited for people to start using and breaking it.
π https://github.com/t94j0/adexplorersnapshot-rs
π₯ [ tweet ][ quote ]
π7π₯±3
π [ 5pider @C5pider ]
I haven't posted anything about Havoc in a while so imma share something I have been working on. Wrote a custom VM/Interpreter (based on the RISC-V instruction set) to execute exploits and other arbitrary code.
The client is now fully extendable and scriptable via the Python API
π₯ [ tweet ]
I haven't posted anything about Havoc in a while so imma share something I have been working on. Wrote a custom VM/Interpreter (based on the RISC-V instruction set) to execute exploits and other arbitrary code.
The client is now fully extendable and scriptable via the Python API
π₯ [ tweet ]
π7
π [ AurΓ©lien Chalot @Defte_ ]
Super interesting way of blinding EDR's consoles!!
π https://tierzerosecurity.co.nz/2024/07/23/edr-telemetry-blocker.html
π₯ [ tweet ]
Super interesting way of blinding EDR's consoles!!
π https://tierzerosecurity.co.nz/2024/07/23/edr-telemetry-blocker.html
π₯ [ tweet ]
π₯6π2
π [ Print3M @Print3M_ ]
I wrote my first calc.exe "shellcode" in NASM. I find it a little strange that a lot of people write about malware development but almost no one talks about writing your own shellcode. I decided to write something on my own. (good comments, easy readable)
π https://github.com/Print3M/shellcodes/blob/main/calc-exe.asm
π₯ [ tweet ]
#Π΄Π»Ρ_ΡΠ°ΠΌΡΡ _ΠΌΠ°Π»Π΅Π½ΡΠΊΠΈΡ
I wrote my first calc.exe "shellcode" in NASM. I find it a little strange that a lot of people write about malware development but almost no one talks about writing your own shellcode. I decided to write something on my own. (good comments, easy readable)
π https://github.com/Print3M/shellcodes/blob/main/calc-exe.asm
π₯ [ tweet ]
#Π΄Π»Ρ_ΡΠ°ΠΌΡΡ _ΠΌΠ°Π»Π΅Π½ΡΠΊΠΈΡ
π7π₯1
π [ Alex Neff @al3x_n3ff ]
A new module just got merged into NetExec, which extracts the security Questions for local users π
Made by @Adamkadaban
If you want to know the details, you can read his blog post here:
π https://hackback.zip/2024/05/08/Remotely-Dumping-Windows-Security-Questions-With-Impacket.html
π₯ [ tweet ]
A new module just got merged into NetExec, which extracts the security Questions for local users π
Made by @Adamkadaban
If you want to know the details, you can read his blog post here:
π https://hackback.zip/2024/05/08/Remotely-Dumping-Windows-Security-Questions-With-Impacket.html
π₯ [ tweet ]
π₯12π2
π [ Kaspersky @kaspersky ]
A zero-day vulnerability actively exploited by attackers has been discovered in Internet Explorer β the browser that Microsoft supposedly laid to rest over a year ago.
Full story:
π https://www.kaspersky.com/blog/zero-day-in-internet-explorer/51698/
π₯ [ tweet ]
A zero-day vulnerability actively exploited by attackers has been discovered in Internet Explorer β the browser that Microsoft supposedly laid to rest over a year ago.
Full story:
π https://www.kaspersky.com/blog/zero-day-in-internet-explorer/51698/
π₯ [ tweet ]
π7π₯3π3
π [ Check Point Research @_CPResearch_ ]
In this blog we introduce Thread-Name Calling - A new process injection technique using Thread Name. We also discuss various scenarios in which this not widely-known API can be used for offense.
Blog:
π https://research.checkpoint.com/2024/thread-name-calling-using-thread-name-for-offense/
PoC:
π https://github.com/hasherezade/thread_namecalling
π₯ [ tweet ]
In this blog we introduce Thread-Name Calling - A new process injection technique using Thread Name. We also discuss various scenarios in which this not widely-known API can be used for offense.
Blog:
π https://research.checkpoint.com/2024/thread-name-calling-using-thread-name-for-offense/
PoC:
π https://github.com/hasherezade/thread_namecalling
π₯ [ tweet ]
π₯4π1π₯±1
This media is not supported in your browser
VIEW IN TELEGRAM
π [ β£οΈ @0x6rss ]
My first blog post: Creating a PDF Dropper by Injecting Malicious JavaScript into a PDF with a Cobalt Strike Payload
For the source code and PoC, check out my blog post:π
π https://cti.monster/blog/2024/07/25/pdfdropper.html
π₯ [ tweet ]
My first blog post: Creating a PDF Dropper by Injecting Malicious JavaScript into a PDF with a Cobalt Strike Payload
For the source code and PoC, check out my blog post:π
π https://cti.monster/blog/2024/07/25/pdfdropper.html
π₯ [ tweet ]
π9π5π₯±5π₯2π2
π [ Daniel @0x64616e ]
Session Takeover via Pass the Challenge powered by @mcbroom_evan's lsa-whisperer and @ly4k_'s impacket fork.
More details:
π https://research.ifcr.dk/pass-the-challenge-defeating-windows-defender-credential-guard-31a892eee22
π https://github.com/EvanMcBroom/lsa-whisperer/wiki/msv1_0#lm20getchallengeresponse
π https://github.com/ly4k/Impacket/blob/d45afb4bbeaa5b5257a448074ac9e76bf556f080/impacket/ntlm.py#L900
π₯ [ tweet ]
Session Takeover via Pass the Challenge powered by @mcbroom_evan's lsa-whisperer and @ly4k_'s impacket fork.
More details:
π https://research.ifcr.dk/pass-the-challenge-defeating-windows-defender-credential-guard-31a892eee22
π https://github.com/EvanMcBroom/lsa-whisperer/wiki/msv1_0#lm20getchallengeresponse
π https://github.com/ly4k/Impacket/blob/d45afb4bbeaa5b5257a448074ac9e76bf556f080/impacket/ntlm.py#L900
π₯ [ tweet ]
π6π1
π [ Alisa Esage Π¨Π΅Π²ΡΠ΅Π½ΠΊΠΎ @alisaesage ]
Nice little-known writeup on WhatsApp exploitation: < technically interesting for more than one reason
π https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/
π₯ [ tweet ]
Nice little-known writeup on WhatsApp exploitation: < technically interesting for more than one reason
π https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/
π₯ [ tweet ]
π6π3
π [ CICADA8Research @CICADA8Research ]
Hi friends, we felt that the topic of in-memory payload execution was not covered enough, so we've collected our own notes and hacks that we use on pentests to execute in-memory (reflective) payloads.
Enjoy reading!
π https://cicada-8.medium.com/osep-unleashed-the-advance-of-in-memory-payload-execution-c03a4c0d610a
π₯ [ tweet ]
Hi friends, we felt that the topic of in-memory payload execution was not covered enough, so we've collected our own notes and hacks that we use on pentests to execute in-memory (reflective) payloads.
Enjoy reading!
π https://cicada-8.medium.com/osep-unleashed-the-advance-of-in-memory-payload-execution-c03a4c0d610a
π₯ [ tweet ]
π₯10π7π₯±3π€1π€―1
π [ Daniel @0x64616e ]
Binding to port 445 on Windows without WinDivert. This is highly useful for NTLM relaying. Big thanks to @zyn3rgy for the talk:
π https://youtu.be/iBqOOkQGJEA
π₯ [ tweet ][ quote ]
Binding to port 445 on Windows without WinDivert. This is highly useful for NTLM relaying. Big thanks to @zyn3rgy for the talk:
π https://youtu.be/iBqOOkQGJEA
π₯ [ tweet ][ quote ]
π₯9
π [ DSAS by INJECT @DevSecAS ]
#Outlook CVE-2024-21413 to #RCE
π https://blog.injectexp.dev/outlook-cve-2024-21413-for-rce-hacking-through-a-letter/07/rce/
π₯ [ tweet ]
#Outlook CVE-2024-21413 to #RCE
π https://blog.injectexp.dev/outlook-cve-2024-21413-for-rce-hacking-through-a-letter/07/rce/
π₯ [ tweet ]
π₯±8π₯5
π [ TrustedSec @TrustedSec ]
Today, TrustedSec is releasing #Specula (our previously internal framework) into the world, which will transform the Outlook email client into a beaconing C2 agent. @oddvarmoe and @freefirex2 walk through how to use Specula in our latest blog!
π https://trustedsec.com/blog/specula-turning-outlook-into-a-c2-with-one-registry-change
π₯ [ tweet ]
Today, TrustedSec is releasing #Specula (our previously internal framework) into the world, which will transform the Outlook email client into a beaconing C2 agent. @oddvarmoe and @freefirex2 walk through how to use Specula in our latest blog!
π https://trustedsec.com/blog/specula-turning-outlook-into-a-c2-with-one-registry-change
π₯ [ tweet ]
π6π₯3
π [ PT SWARM @ptswarm ]
π€ New article by our researcher Nikita Petrov: "From opcode to code: how AI chatbots can help with decompilation".
Read the blog post:
π https://swarm.ptsecurity.com/from-opcode-to-code-how-ai-chatbots-can-help-with-decompilation/
π₯ [ tweet ]
π€ New article by our researcher Nikita Petrov: "From opcode to code: how AI chatbots can help with decompilation".
Read the blog post:
π https://swarm.ptsecurity.com/from-opcode-to-code-how-ai-chatbots-can-help-with-decompilation/
π₯ [ tweet ]
π6
π [ Will Harris @parityzero ]
With Chrome 127 on Windows, we're introducing enhanced encryption to protect sensitive data, starting with your cookiesπͺ! This helps protect your personal information and keeps your online accounts secure from hackers. Read more about this protection:
π https://security.googleblog.com/2024/07/improving-security-of-chrome-cookies-on.html
π₯ [ tweet ]
With Chrome 127 on Windows, we're introducing enhanced encryption to protect sensitive data, starting with your cookiesπͺ! This helps protect your personal information and keeps your online accounts secure from hackers. Read more about this protection:
π https://security.googleblog.com/2024/07/improving-security-of-chrome-cookies-on.html
π₯ [ tweet ]
Π³Π³, dplootπ’14π2
π [ Dirk-jan @_dirkjan ]
New blog: Persisting on Entra ID applications and User Managed Identities with Federated Credentials.
In this blog we set up our own IdP with roadtools, allowing us to authenticate to apps and user managed identities with federated credentials π
π https://dirkjanm.io/persisting-with-federated-credentials-entra-apps-managed-identities/
π₯ [ tweet ]
New blog: Persisting on Entra ID applications and User Managed Identities with Federated Credentials.
In this blog we set up our own IdP with roadtools, allowing us to authenticate to apps and user managed identities with federated credentials π
π https://dirkjanm.io/persisting-with-federated-credentials-entra-apps-managed-identities/
π₯ [ tweet ]
π5π€2