π [ Jean_Maes_1994, Jean ]
Spoof that stack boyz!
Stack spoofing now in arsenal kit
https://t.co/wTjcxvOBNI
π https://www.cobaltstrike.com/blog/arsenal-kit-update-thread-stack-spoofing/
π₯ [ tweet ]
Spoof that stack boyz!
Stack spoofing now in arsenal kit
https://t.co/wTjcxvOBNI
π https://www.cobaltstrike.com/blog/arsenal-kit-update-thread-stack-spoofing/
π₯ [ tweet ]
π1
π [ Haus3c, Ryan Hausknecht ]
I merged a PR from @ZephrFish to include support for CloudShell in PowerZure. https://t.co/M39udc9JR1
There's some very cool projects I have planned to release in the next coming months, some of which will affect PowerZure.
π https://github.com/hausec/PowerZure/tree/cloudshell
π₯ [ tweet ]
I merged a PR from @ZephrFish to include support for CloudShell in PowerZure. https://t.co/M39udc9JR1
There's some very cool projects I have planned to release in the next coming months, some of which will affect PowerZure.
π https://github.com/hausec/PowerZure/tree/cloudshell
π₯ [ tweet ]
π1
π [ DirectoryRanger, DirectoryRanger ]
An Introduction to Manual Active Directory Querying with Dsquery and Ldapsearch, by @Icemoonhsv
https://t.co/5BkxKQ1Ru1
π https://posts.specterops.io/an-introduction-to-manual-active-directory-querying-with-dsquery-and-ldapsearch-84943c13d7eb
π₯ [ tweet ]
An Introduction to Manual Active Directory Querying with Dsquery and Ldapsearch, by @Icemoonhsv
https://t.co/5BkxKQ1Ru1
π https://posts.specterops.io/an-introduction-to-manual-active-directory-querying-with-dsquery-and-ldapsearch-84943c13d7eb
π₯ [ tweet ]
π1
π [ DirectoryRanger, DirectoryRanger ]
Combining techniques to defeat Windows Defender and default Applocker rules
https://t.co/FGcEKnqMCw
π https://kymb0.github.io/malwaredev-bypass-av-xml/
π₯ [ tweet ]
Combining techniques to defeat Windows Defender and default Applocker rules
https://t.co/FGcEKnqMCw
π https://kymb0.github.io/malwaredev-bypass-av-xml/
π₯ [ tweet ]
π₯1
π [ DirectoryRanger, DirectoryRanger ]
Total Registry. Replacement for the Windows built-in Regedit.exe tool with several improvements, by @zodiacon
https://t.co/bNB6aXdcV4
π https://github.com/zodiacon/TotalRegistry
π₯ [ tweet ]
Total Registry. Replacement for the Windows built-in Regedit.exe tool with several improvements, by @zodiacon
https://t.co/bNB6aXdcV4
π https://github.com/zodiacon/TotalRegistry
π₯ [ tweet ]
π1
π [ DirectoryRanger, DirectoryRanger ]
Marshmallows & Kerberoasting
https://t.co/7VB1upHLU5
π https://redcanary.com/blog/marshmallows-and-kerberoasting/
π₯ [ tweet ]
Marshmallows & Kerberoasting
https://t.co/7VB1upHLU5
π https://redcanary.com/blog/marshmallows-and-kerberoasting/
π₯ [ tweet ]
π1
This media is not supported in your browser
VIEW IN TELEGRAM
π [ mrd0x, mr.d0x ]
Demo:
Injecting a JS keylogger using WebView2 into login[.]microsoftonline[.]com.
Better quality: https://t.co/rfJmr48s6n
Blog post: https://t.co/61FwQibZol
π https://imgur.com/a/Apl1DRl
π https://mrd0x.com/attacking-with-webview2-applications/
π₯ [ tweet ]
Demo:
Injecting a JS keylogger using WebView2 into login[.]microsoftonline[.]com.
Better quality: https://t.co/rfJmr48s6n
Blog post: https://t.co/61FwQibZol
π https://imgur.com/a/Apl1DRl
π https://mrd0x.com/attacking-with-webview2-applications/
π₯ [ tweet ]
π [ c3rb3ru5d3d53c, ΟΞ΅ΡΞ²Ξ΅ΡΞΌs - ΠΌΞ±βΟΞ±ΡΞ΅ ΡΞ΅sΡαΡΟΠ½Ξ΅Ρ ]
Hey guys, my #malware #analysis for absolute beginners guide just dropped!
β Completely Free
β Mistakes to Avoid
β Setting up your first VM
β Purpose Driven
β Where to get Malware Samples
β Creating a Portfolio
Recording a video soon too! π
https://t.co/zL8Sr0IzHG https://t.co/IYJV7mEatt
π https://c3rb3ru5d3d53c.github.io/docs/malware-analysis-beginner-guide/
π₯ [ tweet ][ quote ]
Hey guys, my #malware #analysis for absolute beginners guide just dropped!
β Completely Free
β Mistakes to Avoid
β Setting up your first VM
β Purpose Driven
β Where to get Malware Samples
β Creating a Portfolio
Recording a video soon too! π
https://t.co/zL8Sr0IzHG https://t.co/IYJV7mEatt
π https://c3rb3ru5d3d53c.github.io/docs/malware-analysis-beginner-guide/
π₯ [ tweet ][ quote ]
π [ Six2dez1, Six2dez ]
git clone https://t.co/yI71DCtPUF
cd cve-2022-22980-exp
mvn install
docker run -d -p 27017:27017 --name example-mongo mongo:latest
java -jar target/mongo-example-0.0.1-SNAPSHOT.jar
π https://github.com/jweny/cve-2022-22980-exp
π₯ [ tweet ]
git clone https://t.co/yI71DCtPUF
cd cve-2022-22980-exp
mvn install
docker run -d -p 27017:27017 --name example-mongo mongo:latest
java -jar target/mongo-example-0.0.1-SNAPSHOT.jar
π https://github.com/jweny/cve-2022-22980-exp
π₯ [ tweet ]
π [ clintgibler, Clint Gibler ]
ποΈ Awesome RCE Techniques
A list of techniques to achieve Remote Code Execution on various apps
Including:
CMS - Joomla, Wordpress
LMS - Moodle
Frameworks - JBoss, Tomcat
Other - GiTea, Jenkins
By @podalirius_
#bugbounty #bugbountytips
https://t.co/9kOdw4ammT
π https://github.com/p0dalirius/Awesome-RCE-techniques
π₯ [ tweet ]
ποΈ Awesome RCE Techniques
A list of techniques to achieve Remote Code Execution on various apps
Including:
CMS - Joomla, Wordpress
LMS - Moodle
Frameworks - JBoss, Tomcat
Other - GiTea, Jenkins
By @podalirius_
#bugbounty #bugbountytips
https://t.co/9kOdw4ammT
π https://github.com/p0dalirius/Awesome-RCE-techniques
π₯ [ tweet ]
π₯2
π [ Tyl0us, Matt Eidelberg ]
Mangle is a tool that manipulates aspects of compiled PEs to avoid detection from EDRs. It can strip out IoCs and inflate files to avoid detection and more. Check it out https://t.co/lpQCrDGnd1 #netsec #redteam #evasion
π https://github.com/optiv/Mangle
π₯ [ tweet ]
Mangle is a tool that manipulates aspects of compiled PEs to avoid detection from EDRs. It can strip out IoCs and inflate files to avoid detection and more. Check it out https://t.co/lpQCrDGnd1 #netsec #redteam #evasion
π https://github.com/optiv/Mangle
π₯ [ tweet ]
π₯1
π [ am0nsec, Paul L. ]
Been trying to find a way to dynamically (introspection?) resolve symbols within the kernel in order to experiment with undocumented/non-exported symbols with the help of PDBs. Getting the inspiration from reversing WinDBG/kdexts and the way they evaluate expressions.
π₯ [ tweet ]
Been trying to find a way to dynamically (introspection?) resolve symbols within the kernel in order to experiment with undocumented/non-exported symbols with the help of PDBs. Getting the inspiration from reversing WinDBG/kdexts and the way they evaluate expressions.
π₯ [ tweet ]
π [ adamsvoboda, Adam Svoboda ]
Want to dump LSASS but dealing with MDE/ATP and ASR rules? Learn how to extract a list of whitelisted exclusion paths from Defender's signature update files in this blog post: https://t.co/08Uo0UpQcm
π https://adamsvoboda.net/extracting-asr-rules/
π₯ [ tweet ]
Want to dump LSASS but dealing with MDE/ATP and ASR rules? Learn how to extract a list of whitelisted exclusion paths from Defender's signature update files in this blog post: https://t.co/08Uo0UpQcm
π https://adamsvoboda.net/extracting-asr-rules/
π₯ [ tweet ]
π₯1
π [ NinjaParanoid, Paranoid Ninja (Brute Ratel C4) ]
Going forward Brute Ratel will focus only on evasions and Red Team and not the purple team counterpart. Anything that does not contribute to Red Team will be Open Sourced. The PowerShell loader which was used in BRc4 is now added here:
https://t.co/PLbYVX93X9
π https://github.com/paranoidninja/Brute-Ratel-C4-Community-Kit
π₯ [ tweet ]
Going forward Brute Ratel will focus only on evasions and Red Team and not the purple team counterpart. Anything that does not contribute to Red Team will be Open Sourced. The PowerShell loader which was used in BRc4 is now added here:
https://t.co/PLbYVX93X9
π https://github.com/paranoidninja/Brute-Ratel-C4-Community-Kit
π₯ [ tweet ]
Offensive Xwitter
π [ adamsvoboda, Adam Svoboda ] Want to dump LSASS but dealing with MDE/ATP and ASR rules? Learn how to extract a list of whitelisted exclusion paths from Defender's signature update files in this blog post: https://t.co/08Uo0UpQcm π https://adamsvoboda.net/extractingβ¦
π [ HackingLZ, Justin Elze ]
The original research has been out over a year now and flew under the radar. This might be useful for people wanting to look at Defender ASR rules/other things. All credit goes to others im just trying to get these semi structured https://t.co/c8J2rBDJKH
π https://github.com/HackingLZ/ExtractedDefender
π₯ [ tweet ]
The original research has been out over a year now and flew under the radar. This might be useful for people wanting to look at Defender ASR rules/other things. All credit goes to others im just trying to get these semi structured https://t.co/c8J2rBDJKH
π https://github.com/HackingLZ/ExtractedDefender
π₯ [ tweet ]
π [ SecurePeacock, Christopher Peacock π¦ ]
Pentests and adversary emulation are not the same...
π₯ [ tweet ]
Pentests and adversary emulation are not the same...
π₯ [ tweet ]
ΠΠΏΡΡΡ ΠΏΠ΅Π½ΡΠ΅ΡΡΠ΅ΡΠΎΠ² ΠΎΠ±ΠΈΠΆΠ°ΡΡβ¦π₯1π’1