😈 [ aniqfakhrul, Aniq Fakhrul ]
TIL: If ldap/ldaps ports are blocked by firewall but gc port (3268) is accessible. In my case, kerberoasting with impacket can't be achieved. Simply switch ldap:// protocol to gc:// in impacket and win!
🐥 [ tweet ]
TIL: If ldap/ldaps ports are blocked by firewall but gc port (3268) is accessible. In my case, kerberoasting with impacket can't be achieved. Simply switch ldap:// protocol to gc:// in impacket and win!
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ citronneur, Sylvain Peyrefitte ]
Disable SSL certificate verification using #eBPF :
https://t.co/UBsT4TU43H
🔗 https://github.com/citronneur/blindssl
🐥 [ tweet ]
Disable SSL certificate verification using #eBPF :
https://t.co/UBsT4TU43H
🔗 https://github.com/citronneur/blindssl
🐥 [ tweet ]
😈 [ 0xdf_, 0xdf ]
Acute from @hackthebox_eu was just a hard pure Windows box. I'll pivot between two hosts largely relying on credentials and enumeration to get domain admin.
https://t.co/p0Fhgak2dI
🔗 https://0xdf.gitlab.io/2022/07/16/htb-acute.html
🐥 [ tweet ]
Acute from @hackthebox_eu was just a hard pure Windows box. I'll pivot between two hosts largely relying on credentials and enumeration to get domain admin.
https://t.co/p0Fhgak2dI
🔗 https://0xdf.gitlab.io/2022/07/16/htb-acute.html
🐥 [ tweet ]
😈 [ ippsec, ippsec ]
#HackTheBox Acute video is now up! This was a tough Windows box with all the pivots between users. I decided to try out ConPtyShell to get a full PTY on Windows, had to do some light modifications to bypass Defender. https://t.co/hey5QSjGDr
🔗 https://youtu.be/jDYte7xNY1g
🐥 [ tweet ]
#HackTheBox Acute video is now up! This was a tough Windows box with all the pivots between users. I decided to try out ConPtyShell to get a full PTY on Windows, had to do some light modifications to bypass Defender. https://t.co/hey5QSjGDr
🔗 https://youtu.be/jDYte7xNY1g
🐥 [ tweet ]
😈 [ HuskyHacksMK, Matt | HuskyHacks ]
📝New note is up on https://t.co/DIZF98zvlm
Threat emulation for Windows Installer (MSI) -> DLL malware. Learn how to make a malicious MSI like all the cool kids!
https://t.co/6vWFQckIWE
🔗 http://notes.huskyhacks.dev
🔗 https://notes.huskyhacks.dev/notes/ms-interloper-on-the-subject-of-malicious-msis
🐥 [ tweet ]
📝New note is up on https://t.co/DIZF98zvlm
Threat emulation for Windows Installer (MSI) -> DLL malware. Learn how to make a malicious MSI like all the cool kids!
https://t.co/6vWFQckIWE
🔗 http://notes.huskyhacks.dev
🔗 https://notes.huskyhacks.dev/notes/ms-interloper-on-the-subject-of-malicious-msis
🐥 [ tweet ]
😈 [ an0n_r0, an0n ]
may be obsolete, because impacket has already included this in its examples, but added Kerberos auth support for writing msDS-AllowedToActOnBehalfOfOtherIdentity property. https://t.co/UGjU3Rt357
🔗 https://github.com/tothi/rbcd-attack
🐥 [ tweet ]
may be obsolete, because impacket has already included this in its examples, but added Kerberos auth support for writing msDS-AllowedToActOnBehalfOfOtherIdentity property. https://t.co/UGjU3Rt357
🔗 https://github.com/tothi/rbcd-attack
🐥 [ tweet ]
😈 [ campuscodi, Catalin Cimpanu ]
Pretender, a cross-platform tool to obtain a machine-in-the-middle position inside Windows networks
Blog: https://t.co/RS2REMMeA1
GitHub: https://t.co/GCXEgBsOPF
🔗 https://blog.redteam-pentesting.de/2022/introducing-pretender/
🔗 https://github.com/RedTeamPentesting/pretender
🐥 [ tweet ]
Pretender, a cross-platform tool to obtain a machine-in-the-middle position inside Windows networks
Blog: https://t.co/RS2REMMeA1
GitHub: https://t.co/GCXEgBsOPF
🔗 https://blog.redteam-pentesting.de/2022/introducing-pretender/
🔗 https://github.com/RedTeamPentesting/pretender
🐥 [ tweet ]
😈 [ LittleJoeTables, Moloch ]
For anyone that wants wants to follow along with the Sliver GUI development I've open sourced what I've completed so far. However, it's not a priority and no timeline on feature-complete: https://t.co/YcKmTL0nRi
PRs welcome :)
🔗 https://github.com/BishopFox/sliver-gui
🐥 [ tweet ]
For anyone that wants wants to follow along with the Sliver GUI development I've open sourced what I've completed so far. However, it's not a priority and no timeline on feature-complete: https://t.co/YcKmTL0nRi
PRs welcome :)
🔗 https://github.com/BishopFox/sliver-gui
🐥 [ tweet ]
😈 [ tiraniddo, James Forshaw ]
I recommended to @_dirkjan to try my NtObjectManager PS module to do an AD access check, but of course I provided no guidance. Therefore, here's a quick blog post with an overview of the checking process and how to use the Get-AccessibleDsObject command. https://t.co/ZOoJe6DHAS
🔗 https://www.tiraniddo.dev/2022/07/access-checking-active-directory.html
🐥 [ tweet ]
I recommended to @_dirkjan to try my NtObjectManager PS module to do an AD access check, but of course I provided no guidance. Therefore, here's a quick blog post with an overview of the checking process and how to use the Get-AccessibleDsObject command. https://t.co/ZOoJe6DHAS
🔗 https://www.tiraniddo.dev/2022/07/access-checking-active-directory.html
🐥 [ tweet ]
😈 [ 0gtweet, Grzegorz Tworek ]
Didn't described it precisely so far:
If you put 'mpnotify' value into the HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, your exe will be launched by winlogon.exe when user logs on. After 30s the process will be terminated.
https://t.co/36luTJ3vqB
🔗 https://persistence-info.github.io/Data/mpnotify.html
🐥 [ tweet ]
Didn't described it precisely so far:
If you put 'mpnotify' value into the HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, your exe will be launched by winlogon.exe when user logs on. After 30s the process will be terminated.
https://t.co/36luTJ3vqB
🔗 https://persistence-info.github.io/Data/mpnotify.html
🐥 [ tweet ]
😈 [ m3g9tr0n, Spiros Fraganastasis ]
Malware Mutation Using Reinforcement Learning and Generative Adversarial Networks https://t.co/WxPdaOEkhj
🔗 https://github.com/CyberForce/Pesidious
🐥 [ tweet ]
Malware Mutation Using Reinforcement Learning and Generative Adversarial Networks https://t.co/WxPdaOEkhj
🔗 https://github.com/CyberForce/Pesidious
🐥 [ tweet ]
👹 [ snovvcrash, sn🥶vvcr💥sh ]
[#Tooling ⚔️] Inspired by @s4ntiago_p and NanoDump I’ve fully switched to API Hashing for Windows API and syscalls resolution in DInjector. A quick re-hashing can be performed before compilation with a Python script.
🐥 [ tweet ]
[#Tooling ⚔️] Inspired by @s4ntiago_p and NanoDump I’ve fully switched to API Hashing for Windows API and syscalls resolution in DInjector. A quick re-hashing can be performed before compilation with a Python script.
🐥 [ tweet ]
😈 [ Cx01N_, Cx01N ]
This is great!
https://t.co/xkvlT03Wf1
🔗 https://github.com/NARKOZ/hacker-scripts
🐥 [ tweet ]
This is great!
https://t.co/xkvlT03Wf1
🔗 https://github.com/NARKOZ/hacker-scripts
🐥 [ tweet ]
😈 [ _nwodtuhs, Charlie Bromberg (Shutdown) ]
After 4 months of testing/peer-review and the PR being in draft, dacledit is now ready for official review and merge in Impacket 💪 This script can be used to read, write, remove, backup, restore ACEs in an object's DACL, see you soon when merged 😊
https://t.co/nQGZy1dnbR
🔗 https://github.com/SecureAuthCorp/impacket/pull/1291
🐥 [ tweet ]
After 4 months of testing/peer-review and the PR being in draft, dacledit is now ready for official review and merge in Impacket 💪 This script can be used to read, write, remove, backup, restore ACEs in an object's DACL, see you soon when merged 😊
https://t.co/nQGZy1dnbR
🔗 https://github.com/SecureAuthCorp/impacket/pull/1291
🐥 [ tweet ]
😈 [ lpha3ch0, Steve Campbell ]
My latest blog post, Pivoting for Pentesters https://t.co/9N1gxtdJXn #infosec #pentest #redteam
🔗 https://www.stevencampbell.info/Pivoting-for-pentesters/
🐥 [ tweet ]
My latest blog post, Pivoting for Pentesters https://t.co/9N1gxtdJXn #infosec #pentest #redteam
🔗 https://www.stevencampbell.info/Pivoting-for-pentesters/
🐥 [ tweet ]
😈 [ ReconOne_, ReconOne ]
Shodan Dork in Manual mode - Part 1
Now that you all have Shodan membership it's time to try Shodan Dorks 👀👇
Credits: @securitytrails
#recon #Shodan #attacksurface #bugbountytips #BugBounty #cybersecurity
🐥 [ tweet ]
Shodan Dork in Manual mode - Part 1
Now that you all have Shodan membership it's time to try Shodan Dorks 👀👇
Credits: @securitytrails
#recon #Shodan #attacksurface #bugbountytips #BugBounty #cybersecurity
🐥 [ tweet ]