Offensive Xwitter
π [ Akamai Security Intelligence Group @akamai_research ] Turns out, sometimes it isn't DNS... it's DHCP π See @oridavid123's research on how DHCP can be used to spoof DNS records- potentially leading to Active Directory compromise. Worst part? No credentialsβ¦
π [ Akamai Security Intelligence Group @akamai_research ]
Earlier this month we released research by @oridavid123 on using DHCP to spoof DNS. But wait, there's more!
We are proud to release DDSpoof: a Python-based tool that enables red and blue teams to perform and study DHCP DNS attacks.
Learn how to use it:
π https://www.akamai.com/blog/security-research/weaponizing-dhcp-dns-spoofing-hands-on-guide?filter=123
π₯ [ tweet ]
Earlier this month we released research by @oridavid123 on using DHCP to spoof DNS. But wait, there's more!
We are proud to release DDSpoof: a Python-based tool that enables red and blue teams to perform and study DHCP DNS attacks.
Learn how to use it:
π https://www.akamai.com/blog/security-research/weaponizing-dhcp-dns-spoofing-hands-on-guide?filter=123
π₯ [ tweet ]
π₯6
π [ Grzegorz Tworek @0gtweet ]
Do you store your "DNS dynamic update registration credentials" in a DHCP?
Cute, it means I have a new tool for you ππ
Enjoy the DHCP Server DNS Password Stealer. The C source code, and the compiled exe, as usual:
π https://github.com/gtworek/PSBits/tree/master/PasswordStealing/DHCP
π₯ [ tweet ]
Do you store your "DNS dynamic update registration credentials" in a DHCP?
Cute, it means I have a new tool for you ππ
Enjoy the DHCP Server DNS Password Stealer. The C source code, and the compiled exe, as usual:
π https://github.com/gtworek/PSBits/tree/master/PasswordStealing/DHCP
π₯ [ tweet ]
π€―2π₯1
π [ Synacktiv @Synacktiv ]
One of our ninjas (@_ixty_) wrote a series of articles explaining how to write a win32 keylogger that supports all input languages (that don't use input method editors). Here is the first part which focuses on capturing keyboard events!
π https://www.synacktiv.com/publications/writing-a-decent-win32-keylogger-13
π₯ [ tweet ]
One of our ninjas (@_ixty_) wrote a series of articles explaining how to write a win32 keylogger that supports all input languages (that don't use input method editors). Here is the first part which focuses on capturing keyboard events!
π https://www.synacktiv.com/publications/writing-a-decent-win32-keylogger-13
π₯ [ tweet ]
π₯2
π [ rvrsh3ll @424f424f ]
@chvancooten is a certified #OST badass π«‘
π https://github.com/cobbr/Covenant/issues/391#issuecomment-1859177527
π₯ [ tweet ]
@chvancooten is a certified #OST badass π«‘
π https://github.com/cobbr/Covenant/issues/391#issuecomment-1859177527
π₯ [ tweet ]
ΡΠΌΠ΅ΡΠ½ΡΠ²ΠΊΠ°π8π1π₯±1
π [ VβοΈ @vincenzosantuc1 ]
What's better for Christmas than a nice read about Reflective DLL Injection? π
π https://oldboy21.github.io/posts/2023/12/all-i-want-for-christmas-is-reflective-dll-injection/
#reflectivedll #oldbutgold #cplusplus #code #belloblog
π₯ [ tweet ]
What's better for Christmas than a nice read about Reflective DLL Injection? π
π https://oldboy21.github.io/posts/2023/12/all-i-want-for-christmas-is-reflective-dll-injection/
#reflectivedll #oldbutgold #cplusplus #code #belloblog
π₯ [ tweet ]
π5π2
This media is not supported in your browser
VIEW IN TELEGRAM
π [ Alex neff @al3x_n3ff ]
A small gift: NetExec now supports Tab-Completion π
Made by @Adamkadaban
Merry Christmas!π
π₯ [ tweet ]
A small gift: NetExec now supports Tab-Completion π
Made by @Adamkadaban
Merry Christmas!π
π₯ [ tweet ]
π₯10π₯±1
π [ Ido Veltzman @Idov31 ]
There was no update for a while and the reason being a massive bug fixes, feature checking and a new feature (fun fact: it is the 23th feature!).
Now, you can use Nidhogg to dump credentials from LSASS!
Go check it out:
π https://github.com/Idov31/Nidhogg/tree/dev
#infosec #CyberSecurity
π₯ [ tweet ]
There was no update for a while and the reason being a massive bug fixes, feature checking and a new feature (fun fact: it is the 23th feature!).
Now, you can use Nidhogg to dump credentials from LSASS!
Go check it out:
π https://github.com/Idov31/Nidhogg/tree/dev
#infosec #CyberSecurity
π₯ [ tweet ]
π3π3
π [ Josh @passthehashbrwn ]
THIS is an APT. No "cmd /c net user", just technical capability that's almost indistinguishable from magic
π https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
π https://koeln.ftp.media.ccc.de/congress/2023/h264-hd/37c3-11859-eng-Operation_Triangulation_What_You_Get_When_Attack_iPhones_of_Researchers.mp4
TL;DR
π https://xakep.ru/2023/12/27/operation-triangulation-hardware-mystery/
π₯ [ tweet ]
THIS is an APT. No "cmd /c net user", just technical capability that's almost indistinguishable from magic
π https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
π https://koeln.ftp.media.ccc.de/congress/2023/h264-hd/37c3-11859-eng-Operation_Triangulation_What_You_Get_When_Attack_iPhones_of_Researchers.mp4
TL;DR
π https://xakep.ru/2023/12/27/operation-triangulation-hardware-mystery/
π₯ [ tweet ]
π€―14π₯1
π [ an0n @an0n_r0 ]
OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it is by @netero_1010:
π https://github.com/netero1010/EDRSilencer
π₯ [ tweet ]
OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it is by @netero_1010:
π https://github.com/netero1010/EDRSilencer
π₯ [ tweet ]
π₯2
Offensive Xwitter
π [ an0n @an0n_r0 ] OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here itβ¦
π [ Diego Capriotti @naksyn ]
The shutter project has been hiding in plain sight for quite some time. I've been happily using this for nearly 2 years:
π https://github.com/dsnezhkov/shutter
π₯ [ tweet ]
The shutter project has been hiding in plain sight for quite some time. I've been happily using this for nearly 2 years:
π https://github.com/dsnezhkov/shutter
π₯ [ tweet ]
π3
π [ hackerfantastic.x @hackerfantastic ]
4 new releases from @myhackerhouse for your malware development and analysis purposes with 3 re-created from the CIA's Vault7 leak:
π https://github.com/hackerhouse-opensource/marble
π https://github.com/hackerhouse-opensource/WMIProcessWatcher
π https://github.com/hackerhouse-opensource/Artillery
π https://github.com/hackerhouse-opensource/SignToolEx
Happy New Year & Enjoy 2024!π
π₯ [ tweet ]
4 new releases from @myhackerhouse for your malware development and analysis purposes with 3 re-created from the CIA's Vault7 leak:
π https://github.com/hackerhouse-opensource/marble
π https://github.com/hackerhouse-opensource/WMIProcessWatcher
π https://github.com/hackerhouse-opensource/Artillery
π https://github.com/hackerhouse-opensource/SignToolEx
Happy New Year & Enjoy 2024!π
π₯ [ tweet ]
π4
ΠΡ Ρ Π²Π΄ΠΎΠ²ΠΎΠΉ ΠΠ»ΠΈΠΊΠΎ ΠΏΠΎΠ·Π΄ΡΠ°Π²Π»ΡΠ΅ΠΌ Π²ΡΠ΅Ρ
Ρ ΠΠ°ΡΡΡΠΏΠ°ΡΡΠΈΠΌ! Π£ ΠΌΠ΅Π½Ρ Π½Π΅Ρ ΠΌΠΎΠ΄Π½ΠΎΠΉ ΡΡΠ°ΡΡ Ρ TGStat, Π½ΠΎ ΠΈ ΡΠ°ΠΊ Π²ΠΈΠ΄Π½ΠΎ, ΡΡΠΎ ΠΊΠ°Π½Π°Π» ΡΠ°Π·Π²ΠΈΠ²Π°Π»ΡΡ ΠΏΡΠΎΠ΄ΡΠΊΡΠΈΠ²Π½ΠΎ (Π²ΡΠ΅Ρ
ΠΎΠ±Π½ΡΠ»). ΠΠ°Π»ΡΡΠ΅ β Π±ΠΎΠ»ΡΡΠ΅, stay tuned π πΎ
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯33π5π2π€1
π [ NULL @NUL0x4C ]
Publishing a PoC for an interesting code injection technique
π https://github.com/Maldev-Academy/Christmas
π₯ [ tweet ]
Publishing a PoC for an interesting code injection technique
π https://github.com/Maldev-Academy/Christmas
π₯ [ tweet ]
π5
π [ modexp @modexpblog ]
Compression using undocumented RDP API. Code is a bit rough. Might interest you @0gtweet as there are potentially other ways to do it. e.g. COM
π https://gist.github.com/odzhan/56eb105a611dcdebd1d3a084c7312190
π₯ [ tweet ]
Compression using undocumented RDP API. Code is a bit rough. Might interest you @0gtweet as there are potentially other ways to do it. e.g. COM
π https://gist.github.com/odzhan/56eb105a611dcdebd1d3a084c7312190
π₯ [ tweet ]
π₯4π₯±1
π [ Matt Hand @matterpreter ]
Windows is a meme. I've spent the better part of the afternoon wondering why my code isn't working. Turns out this has been known since at least 2021...
π https://dennisbabkin.com/blog/?t=when-developers-give-up-deletesecuritypackage-function
π₯ [ tweet ]
Windows is a meme. I've spent the better part of the afternoon wondering why my code isn't working. Turns out this has been known since at least 2021...
π https://dennisbabkin.com/blog/?t=when-developers-give-up-deletesecuritypackage-function
π₯ [ tweet ]
Directed by Robert B. Weideπ14π₯±1
π [ p4p1 @p4p1_wt7 ]
Happy New Year all, New module on the #havocframework store to work with Bloodhound CE. Automatically call your SharpHound.exe and upload your .json files directly from the havoc interface!
π https://github.com/p4p1/havoc-bloodhound
π https://p4p1.github.io/havoc-store/
π₯ [ tweet ]
Happy New Year all, New module on the #havocframework store to work with Bloodhound CE. Automatically call your SharpHound.exe and upload your .json files directly from the havoc interface!
π https://github.com/p4p1/havoc-bloodhound
π https://p4p1.github.io/havoc-store/
π₯ [ tweet ]
π5
π [ Cas van Cooten @chvancooten ]
GPT-4-Vision was trained not to solve Captcha prompts... But this is easy to circumvent with the ol' Grandma exploit π
π₯ [ tweet ]
GPT-4-Vision was trained not to solve Captcha prompts... But this is easy to circumvent with the ol' Grandma exploit π
π₯ [ tweet ]
π14π1π€1