π [ ippsec, ippsec ]
I really hated Linux auditing until I found this. Couple it with Laurel and it becomes really easy to ingest these types of logs. Best of all, logging on linux is so rare most adversaries won't see it coming and get caught instantly. Demo here: https://t.co/G29XsbulRm
π https://www.youtube.com/watch?v=lc1i9h1GyMA
π₯ [ tweet ][ quote ]
I really hated Linux auditing until I found this. Couple it with Laurel and it becomes really easy to ingest these types of logs. Best of all, logging on linux is so rare most adversaries won't see it coming and get caught instantly. Demo here: https://t.co/G29XsbulRm
π https://www.youtube.com/watch?v=lc1i9h1GyMA
π₯ [ tweet ][ quote ]
π2
π [ N4k3dTurtl3, NA ]
The possibility of prison time for illegal hacking seems less serious when faced with writing a report for a 9 week assessment.
π₯ [ tweet ]
The possibility of prison time for illegal hacking seems less serious when faced with writing a report for a 9 week assessment.
π₯ [ tweet ]
π [ m3g9tr0n, Spiros Fraganastasis ]
I really can't understand why there is so much ego in infosec. Relax, life is short to be pissed off all the time. If you think you are too special just consider there are people out there researching on nuclear physics, applied mathematics, beating diseases without bragging.
π₯ [ tweet ]
I really can't understand why there is so much ego in infosec. Relax, life is short to be pissed off all the time. If you think you are too special just consider there are people out there researching on nuclear physics, applied mathematics, beating diseases without bragging.
π₯ [ tweet ]
π1
π [ metasploit, Metasploit Project ]
This week's wrap-up has a vCenter Secret Extractor π€«π€«π€«, named pipe pivoting docs updates π , and service library improvements π -- get it here: https://t.co/tbl5VfQKeU
π https://www.rapid7.com/blog/post/2022/06/17/metasploit-weekly-wrap-up-162/
π₯ [ tweet ]
This week's wrap-up has a vCenter Secret Extractor π€«π€«π€«, named pipe pivoting docs updates π , and service library improvements π -- get it here: https://t.co/tbl5VfQKeU
π https://www.rapid7.com/blog/post/2022/06/17/metasploit-weekly-wrap-up-162/
π₯ [ tweet ]
π1
πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
#CME now supports --codec option for execution methods to make the output readable if the targetβs OS language is not native English π₯³ π Thanks to @mpgn_x64 for merging! https://t.co/cbtvFS1p7z
π https://github.com/byt3bl33d3r/CrackMapExec/pull/570
π₯ [ tweet ]
#CME now supports --codec option for execution methods to make the output readable if the targetβs OS language is not native English π₯³ π Thanks to @mpgn_x64 for merging! https://t.co/cbtvFS1p7z
π https://github.com/byt3bl33d3r/CrackMapExec/pull/570
π₯ [ tweet ]
π [ C5pider, 5pider ]
Ekko
Sleep Obfuscation by using CreateTimerQueueTimer to queue the ROP Chain that performs the sleep obfuscation.
https://t.co/DiZt4NDDVn
π https://github.com/Cracked5pider/Ekko
π₯ [ tweet ]
Ekko
Sleep Obfuscation by using CreateTimerQueueTimer to queue the ROP Chain that performs the sleep obfuscation.
https://t.co/DiZt4NDDVn
π https://github.com/Cracked5pider/Ekko
π₯ [ tweet ]
π1
π [ ORCA10K, ORCA ]
pew pew https://t.co/iRNCUwiCuU
π https://gitlab.com/ORCA000/asmlogger
π₯ [ tweet ][ quote ]
pew pew https://t.co/iRNCUwiCuU
π https://gitlab.com/ORCA000/asmlogger
π₯ [ tweet ][ quote ]
π1
π [ filip_dragovic, Filip Dragovic ]
Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed but you still want to relay DC authentication to ADCS?
Don't worry MS-DFSNM have your back ;)
https://t.co/idwMnM8nIV
π https://github.com/Wh04m1001/DFSCoerce
π₯ [ tweet ]
Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed but you still want to relay DC authentication to ADCS?
Don't worry MS-DFSNM have your back ;)
https://t.co/idwMnM8nIV
π https://github.com/Wh04m1001/DFSCoerce
π₯ [ tweet ]
π [ hasherezade, hasherezade ]
Now you can use #mal_unpack via dedicated Python wrappers: https://t.co/9wy3DVR2Ez
π https://github.com/hasherezade/mal_unpack_py
π₯ [ tweet ][ quote ]
Now you can use #mal_unpack via dedicated Python wrappers: https://t.co/9wy3DVR2Ez
π https://github.com/hasherezade/mal_unpack_py
π₯ [ tweet ][ quote ]
π1
π [ 0xdf_, 0xdf ]
Paper from @hackthebox_eu is themed on The Office, and is a lot of fun. There's a WordPress vuln, a https://t.co/YmCr3bYY7J bot, and a Polkit CVE. In Beyond root I'll show why it is not vulnerable to PwnKit, and then make it vulnerable and exploit it.
https://t.co/noix1pLv5O
π http://Rocket.Chat
π https://0xdf.gitlab.io/2022/06/18/htb-paper.html
π₯ [ tweet ]
Paper from @hackthebox_eu is themed on The Office, and is a lot of fun. There's a WordPress vuln, a https://t.co/YmCr3bYY7J bot, and a Polkit CVE. In Beyond root I'll show why it is not vulnerable to PwnKit, and then make it vulnerable and exploit it.
https://t.co/noix1pLv5O
π http://Rocket.Chat
π https://0xdf.gitlab.io/2022/06/18/htb-paper.html
π₯ [ tweet ]
π1
π [ DirectoryRanger, DirectoryRanger ]
Windows Credential Dumping, by @jangeisbauer
https://t.co/5eNERw95K5
π https://emptydc.com/2022/06/08/windows-credential-dumping/
π₯ [ tweet ]
Windows Credential Dumping, by @jangeisbauer
https://t.co/5eNERw95K5
π https://emptydc.com/2022/06/08/windows-credential-dumping/
π₯ [ tweet ]
π1
π [ SkelSec, SkelSec ]
Pentest framework running entirely* in the browser via @pyodide
OctoPwnWeb has been presented @a41con. This project was in the making for years Support us @porchetta_ind
Talk
https://t.co/l2z0x63cIk
Slides
https://t.co/Nx3Egczptq
Tool
https://t.co/FgZbJHOrsi
*deets in the talk
π https://youtu.be/jStdrDHTmD4
π https://docs.google.com/presentation/d/1XQFYr_OBI1lrpybsLrHWTWcYNZcF_zOmGDHiIBwSMng
π http://octopwn.porchetta.industries/
π₯ [ tweet ]
Pentest framework running entirely* in the browser via @pyodide
OctoPwnWeb has been presented @a41con. This project was in the making for years Support us @porchetta_ind
Talk
https://t.co/l2z0x63cIk
Slides
https://t.co/Nx3Egczptq
Tool
https://t.co/FgZbJHOrsi
*deets in the talk
π https://youtu.be/jStdrDHTmD4
π https://docs.google.com/presentation/d/1XQFYr_OBI1lrpybsLrHWTWcYNZcF_zOmGDHiIBwSMng
π http://octopwn.porchetta.industries/
π₯ [ tweet ]
π2
πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
[#Tooling βοΈ] Added @jor6PSβs DrawNmap project for visualizing Nmap reports to #DivideAndScan. Dunno whether itβs really needed there, but I was just bored I guess. DrawNmap is cool anyway, take a look: https://t.co/6jW8grFb9F
#nmap #portscan
π https://github.com/jor6PS/DrawNmap
π₯ [ tweet ]
[#Tooling βοΈ] Added @jor6PSβs DrawNmap project for visualizing Nmap reports to #DivideAndScan. Dunno whether itβs really needed there, but I was just bored I guess. DrawNmap is cool anyway, take a look: https://t.co/6jW8grFb9F
#nmap #portscan
π https://github.com/jor6PS/DrawNmap
π₯ [ tweet ]
π3
π [ NinjaParanoid, Paranoid Ninja (Brute Ratel C4) ]
A brief explanation on open source Sleep Obfuscation Techniques v/s Brute Ratel C4. Video includes x64dbg and Process Hacker to provide POC!!! Because POC > Shitposting!! Cheers!
https://t.co/1Xizj5CjHJ
π https://youtu.be/nB5QHVtN9_g
π₯ [ tweet ]
A brief explanation on open source Sleep Obfuscation Techniques v/s Brute Ratel C4. Video includes x64dbg and Process Hacker to provide POC!!! Because POC > Shitposting!! Cheers!
https://t.co/1Xizj5CjHJ
π https://youtu.be/nB5QHVtN9_g
π₯ [ tweet ]
π1
π [ an0n_r0, an0n ]
just wanted to see how difficult it is to run CS BOF inside Sliver (tested NoteThief BOF by @trainr3kt). it is super easy! the coff-loader extension in the Sliver armory provides the compatibility layer (code is unchanged), only had to add an ext json: https://t.co/I8dPsvoV3M.
π https://github.com/tothi/NoteThief/blob/main/extension.json
π₯ [ tweet ]
just wanted to see how difficult it is to run CS BOF inside Sliver (tested NoteThief BOF by @trainr3kt). it is super easy! the coff-loader extension in the Sliver armory provides the compatibility layer (code is unchanged), only had to add an ext json: https://t.co/I8dPsvoV3M.
π https://github.com/tothi/NoteThief/blob/main/extension.json
π₯ [ tweet ]
π [ _Kudaes_, Kurosh Dabbagh ]
I've just pushed an small update on Dumpy with some new features:
- x86 support.
- New flag "upload" that allows to send the xored dump through HTTP directly from memory, avoiding to store it on disk.
- New help menu.
https://t.co/dvope0TAD9
π https://github.com/Kudaes/Dumpy
π₯ [ tweet ]
I've just pushed an small update on Dumpy with some new features:
- x86 support.
- New flag "upload" that allows to send the xored dump through HTTP directly from memory, avoiding to store it on disk.
- New help menu.
https://t.co/dvope0TAD9
π https://github.com/Kudaes/Dumpy
π₯ [ tweet ]
π1
π [ BCSecurity1, BC Security ]
Empire 5.0-alpha is entering closed testing starting this week. Community Contributors and Sponsors can access the 5.0-dev branch and test the last builds! Here is a preview of the new integrated Starkiller GUI hosted through the web.
https://t.co/ZvNDIVrb1Z
π https://github.com/sponsors/BC-SECURITY
π₯ [ tweet ]
Empire 5.0-alpha is entering closed testing starting this week. Community Contributors and Sponsors can access the 5.0-dev branch and test the last builds! Here is a preview of the new integrated Starkiller GUI hosted through the web.
https://t.co/ZvNDIVrb1Z
π https://github.com/sponsors/BC-SECURITY
π₯ [ tweet ]
πΉ [ snovvcrash, snπ₯Άvvcrπ₯sh ]
[#HackTip π ] Some tips and links on how NTDS reversible encryption usage (means you can DCSync cleartext passwords) can be enumerated during an AD security assessment:
π https://t.co/pjUzcqzxYK
π https://t.co/km8ZhkrJrt
#ntds #ad #adsecurity
π https://adsecurity.org/?p=2053
π https://www.blackhillsinfosec.com/how-i-cracked-a-128-bit-password/
π₯ [ tweet ]
[#HackTip π ] Some tips and links on how NTDS reversible encryption usage (means you can DCSync cleartext passwords) can be enumerated during an AD security assessment:
π https://t.co/pjUzcqzxYK
π https://t.co/km8ZhkrJrt
#ntds #ad #adsecurity
π https://adsecurity.org/?p=2053
π https://www.blackhillsinfosec.com/how-i-cracked-a-128-bit-password/
π₯ [ tweet ]
π [ DebugPrivilege, - ]
#HuntingTipOfTheDay - 'I bypassed Windows Defender' - Uh not really? I highly recommend Red Teamers that claim this kind of stuff to take a close look to the MpLogs and MpDetection files.
π₯ [ tweet ]
#HuntingTipOfTheDay - 'I bypassed Windows Defender' - Uh not really? I highly recommend Red Teamers that claim this kind of stuff to take a close look to the MpLogs and MpDetection files.
π₯ [ tweet ]