😈 [ an0n_r0, an0n ]

just wanted to see how difficult it is to run CS BOF inside Sliver (tested NoteThief BOF by @trainr3kt). it is super easy! the coff-loader extension in the Sliver armory provides the compatibility layer (code is unchanged), only had to add an ext json: https://t.co/I8dPsvoV3M.

🔗 https://github.com/tothi/NoteThief/blob/main/extension.json

🐥 [ tweet ]

😈 [ _Kudaes_, Kurosh Dabbagh ]

I've just pushed an small update on Dumpy with some new features:
- x86 support.
- New flag "upload" that allows to send the xored dump through HTTP directly from memory, avoiding to store it on disk.
- New help menu.

https://t.co/dvope0TAD9

🔗 https://github.com/Kudaes/Dumpy

🐥 [ tweet ]

😈 [ BCSecurity1, BC Security ]

Empire 5.0-alpha is entering closed testing starting this week. Community Contributors and Sponsors can access the 5.0-dev branch and test the last builds! Here is a preview of the new integrated Starkiller GUI hosted through the web.
https://t.co/ZvNDIVrb1Z

🔗 https://github.com/sponsors/BC-SECURITY

🐥 [ tweet ]

👹 [ snovvcrash, sn🥶vvcr💥sh ]

[#HackTip 🛠] Some tips and links on how NTDS reversible encryption usage (means you can DCSync cleartext passwords) can be enumerated during an AD security assessment:

🔗 https://t.co/pjUzcqzxYK
🔗 https://t.co/km8ZhkrJrt

#ntds #ad #adsecurity

🔗 https://adsecurity.org/?p=2053
🔗 https://www.blackhillsinfosec.com/how-i-cracked-a-128-bit-password/

🐥 [ tweet ]

😈 [ DebugPrivilege, - ]

#HuntingTipOfTheDay - 'I bypassed Windows Defender' - Uh not really? I highly recommend Red Teamers that claim this kind of stuff to take a close look to the MpLogs and MpDetection files.

🐥 [ tweet ]

😈 [ ReconOne_, ReconOne ]

This is my quick nmap setup, to scan critical ports at fast rate 💪🏻🔥

#portscan #attacksurface #recontips #bugbountytips #recon #nmap

🐥 [ tweet ]

😈 [ tiraniddo, James Forshaw ]

Didn't realize .NET 5 introduced an ASN.1 reader/writer. Also available for Framework from nuget. Pretty convenient if you need a quick ASN.1 parser :-) https://t.co/H7a1YlMyNK

🔗 https://docs.microsoft.com/en-us/dotnet/api/system.formats.asn1

🐥 [ tweet ]

😈 [ ShitSecure, S3cur3Th1sSh1t ]

Cortex XDR. Try to execute:

"C:\windows\system32\calc.exe kerberoast /format:hashcat /outfile:C:\temp\kerb.txt"

Dynamic analysis shows -> Dangerous Hacktool. Calculator is very evil. 🤓

*hust* modifying parameter names for Rubeus 😅

🐥 [ tweet ]

😈 [ _wald0, Andy Robbins ]

This is a fantastic article on attack path analysis by Marius Elmiger (@m8r1us). Available in both English and German:

🇬🇧 - https://t.co/DrNRhHzdWz
🇩🇪 - https://t.co/JW2g2JwPOZ

🔗 https://www.scip.ch/en/?labs.20220616
🔗 https://www.scip.ch/?labs.20220616

🐥 [ tweet ][ quote ]

😈 [ Jean_Maes_1994, Jean ]

Spoof that stack boyz!
Stack spoofing now in arsenal kit

https://t.co/wTjcxvOBNI

🔗 https://www.cobaltstrike.com/blog/arsenal-kit-update-thread-stack-spoofing/

🐥 [ tweet ]

😈 [ Haus3c, Ryan Hausknecht ]

I merged a PR from @ZephrFish to include support for CloudShell in PowerZure. https://t.co/M39udc9JR1

There's some very cool projects I have planned to release in the next coming months, some of which will affect PowerZure.

🔗 https://github.com/hausec/PowerZure/tree/cloudshell

🐥 [ tweet ]

😈 [ DirectoryRanger, DirectoryRanger ]

An Introduction to Manual Active Directory Querying with Dsquery and Ldapsearch, by @Icemoonhsv
https://t.co/5BkxKQ1Ru1

🔗 https://posts.specterops.io/an-introduction-to-manual-active-directory-querying-with-dsquery-and-ldapsearch-84943c13d7eb

🐥 [ tweet ]

😈 [ DirectoryRanger, DirectoryRanger ]

Combining techniques to defeat Windows Defender and default Applocker rules
https://t.co/FGcEKnqMCw

🔗 https://kymb0.github.io/malwaredev-bypass-av-xml/

🐥 [ tweet ]

😈 [ DirectoryRanger, DirectoryRanger ]

Total Registry. Replacement for the Windows built-in Regedit.exe tool with several improvements, by @zodiacon
https://t.co/bNB6aXdcV4

🔗 https://github.com/zodiacon/TotalRegistry

🐥 [ tweet ]

😈 [ DirectoryRanger, DirectoryRanger ]

Marshmallows & Kerberoasting
https://t.co/7VB1upHLU5

🔗 https://redcanary.com/blog/marshmallows-and-kerberoasting/

🐥 [ tweet ]

😈 [ mrd0x, mr.d0x ]

Demo:
Injecting a JS keylogger using WebView2 into login[.]microsoftonline[.]com.

Better quality: https://t.co/rfJmr48s6n
Blog post: https://t.co/61FwQibZol

🔗 https://imgur.com/a/Apl1DRl
🔗 https://mrd0x.com/attacking-with-webview2-applications/

🐥 [ tweet ]

😈 [ c3rb3ru5d3d53c, ςεяβεяμs - мαℓωαяε яεsεαяςнεя ]

Hey guys, my #malware #analysis for absolute beginners guide just dropped!

✅ Completely Free
✅ Mistakes to Avoid
✅ Setting up your first VM
✅ Purpose Driven
✅ Where to get Malware Samples
✅ Creating a Portfolio

Recording a video soon too! 😘

https://t.co/zL8Sr0IzHG https://t.co/IYJV7mEatt

🔗 https://c3rb3ru5d3d53c.github.io/docs/malware-analysis-beginner-guide/

🐥 [ tweet ][ quote ]

😈 [ Six2dez1, Six2dez ]

git clone https://t.co/yI71DCtPUF
cd cve-2022-22980-exp
mvn install
docker run -d -p 27017:27017 --name example-mongo mongo:latest
java -jar target/mongo-example-0.0.1-SNAPSHOT.jar

🔗 https://github.com/jweny/cve-2022-22980-exp

🐥 [ tweet ]

😈 [ clintgibler, Clint Gibler ]

🗒️ Awesome RCE Techniques

A list of techniques to achieve Remote Code Execution on various apps

Including:

CMS - Joomla, Wordpress

LMS - Moodle

Frameworks - JBoss, Tomcat

Other - GiTea, Jenkins

By @podalirius_

#bugbounty #bugbountytips

https://t.co/9kOdw4ammT

🔗 https://github.com/p0dalirius/Awesome-RCE-techniques

🐥 [ tweet ]

😈 [ Tyl0us, Matt Eidelberg ]

Mangle is a tool that manipulates aspects of compiled PEs to avoid detection from EDRs. It can strip out IoCs and inflate files to avoid detection and more. Check it out https://t.co/lpQCrDGnd1 #netsec #redteam #evasion

🔗 https://github.com/optiv/Mangle

🐥 [ tweet ]