π [ VβοΈ @vincenzosantuc1 ]
What's better for Christmas than a nice read about Reflective DLL Injection? π
π https://oldboy21.github.io/posts/2023/12/all-i-want-for-christmas-is-reflective-dll-injection/
#reflectivedll #oldbutgold #cplusplus #code #belloblog
π₯ [ tweet ]
What's better for Christmas than a nice read about Reflective DLL Injection? π
π https://oldboy21.github.io/posts/2023/12/all-i-want-for-christmas-is-reflective-dll-injection/
#reflectivedll #oldbutgold #cplusplus #code #belloblog
π₯ [ tweet ]
π5π2
This media is not supported in your browser
VIEW IN TELEGRAM
π [ Alex neff @al3x_n3ff ]
A small gift: NetExec now supports Tab-Completion π
Made by @Adamkadaban
Merry Christmas!π
π₯ [ tweet ]
A small gift: NetExec now supports Tab-Completion π
Made by @Adamkadaban
Merry Christmas!π
π₯ [ tweet ]
π₯10π₯±1
π [ Ido Veltzman @Idov31 ]
There was no update for a while and the reason being a massive bug fixes, feature checking and a new feature (fun fact: it is the 23th feature!).
Now, you can use Nidhogg to dump credentials from LSASS!
Go check it out:
π https://github.com/Idov31/Nidhogg/tree/dev
#infosec #CyberSecurity
π₯ [ tweet ]
There was no update for a while and the reason being a massive bug fixes, feature checking and a new feature (fun fact: it is the 23th feature!).
Now, you can use Nidhogg to dump credentials from LSASS!
Go check it out:
π https://github.com/Idov31/Nidhogg/tree/dev
#infosec #CyberSecurity
π₯ [ tweet ]
π3π3
π [ Josh @passthehashbrwn ]
THIS is an APT. No "cmd /c net user", just technical capability that's almost indistinguishable from magic
π https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
π https://koeln.ftp.media.ccc.de/congress/2023/h264-hd/37c3-11859-eng-Operation_Triangulation_What_You_Get_When_Attack_iPhones_of_Researchers.mp4
TL;DR
π https://xakep.ru/2023/12/27/operation-triangulation-hardware-mystery/
π₯ [ tweet ]
THIS is an APT. No "cmd /c net user", just technical capability that's almost indistinguishable from magic
π https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
π https://koeln.ftp.media.ccc.de/congress/2023/h264-hd/37c3-11859-eng-Operation_Triangulation_What_You_Get_When_Attack_iPhones_of_Researchers.mp4
TL;DR
π https://xakep.ru/2023/12/27/operation-triangulation-hardware-mystery/
π₯ [ tweet ]
π€―14π₯1
π [ an0n @an0n_r0 ]
OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it is by @netero_1010:
π https://github.com/netero1010/EDRSilencer
π₯ [ tweet ]
OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here it is by @netero_1010:
π https://github.com/netero1010/EDRSilencer
π₯ [ tweet ]
π₯2
Offensive Xwitter
π [ an0n @an0n_r0 ] OST cannot be stopped. Here is a technique we tested internally 9 months ago: blocking EDR telemetry by leveraging the Windows Filtering Platform. Considered it so evil that we didn't publish it that time. It was pointless, now here itβ¦
π [ Diego Capriotti @naksyn ]
The shutter project has been hiding in plain sight for quite some time. I've been happily using this for nearly 2 years:
π https://github.com/dsnezhkov/shutter
π₯ [ tweet ]
The shutter project has been hiding in plain sight for quite some time. I've been happily using this for nearly 2 years:
π https://github.com/dsnezhkov/shutter
π₯ [ tweet ]
π3
π [ hackerfantastic.x @hackerfantastic ]
4 new releases from @myhackerhouse for your malware development and analysis purposes with 3 re-created from the CIA's Vault7 leak:
π https://github.com/hackerhouse-opensource/marble
π https://github.com/hackerhouse-opensource/WMIProcessWatcher
π https://github.com/hackerhouse-opensource/Artillery
π https://github.com/hackerhouse-opensource/SignToolEx
Happy New Year & Enjoy 2024!π
π₯ [ tweet ]
4 new releases from @myhackerhouse for your malware development and analysis purposes with 3 re-created from the CIA's Vault7 leak:
π https://github.com/hackerhouse-opensource/marble
π https://github.com/hackerhouse-opensource/WMIProcessWatcher
π https://github.com/hackerhouse-opensource/Artillery
π https://github.com/hackerhouse-opensource/SignToolEx
Happy New Year & Enjoy 2024!π
π₯ [ tweet ]
π4
ΠΡ Ρ Π²Π΄ΠΎΠ²ΠΎΠΉ ΠΠ»ΠΈΠΊΠΎ ΠΏΠΎΠ·Π΄ΡΠ°Π²Π»ΡΠ΅ΠΌ Π²ΡΠ΅Ρ
Ρ ΠΠ°ΡΡΡΠΏΠ°ΡΡΠΈΠΌ! Π£ ΠΌΠ΅Π½Ρ Π½Π΅Ρ ΠΌΠΎΠ΄Π½ΠΎΠΉ ΡΡΠ°ΡΡ Ρ TGStat, Π½ΠΎ ΠΈ ΡΠ°ΠΊ Π²ΠΈΠ΄Π½ΠΎ, ΡΡΠΎ ΠΊΠ°Π½Π°Π» ΡΠ°Π·Π²ΠΈΠ²Π°Π»ΡΡ ΠΏΡΠΎΠ΄ΡΠΊΡΠΈΠ²Π½ΠΎ (Π²ΡΠ΅Ρ
ΠΎΠ±Π½ΡΠ»). ΠΠ°Π»ΡΡΠ΅ β Π±ΠΎΠ»ΡΡΠ΅, stay tuned π πΎ
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯33π5π2π€1
π [ NULL @NUL0x4C ]
Publishing a PoC for an interesting code injection technique
π https://github.com/Maldev-Academy/Christmas
π₯ [ tweet ]
Publishing a PoC for an interesting code injection technique
π https://github.com/Maldev-Academy/Christmas
π₯ [ tweet ]
π5
π [ modexp @modexpblog ]
Compression using undocumented RDP API. Code is a bit rough. Might interest you @0gtweet as there are potentially other ways to do it. e.g. COM
π https://gist.github.com/odzhan/56eb105a611dcdebd1d3a084c7312190
π₯ [ tweet ]
Compression using undocumented RDP API. Code is a bit rough. Might interest you @0gtweet as there are potentially other ways to do it. e.g. COM
π https://gist.github.com/odzhan/56eb105a611dcdebd1d3a084c7312190
π₯ [ tweet ]
π₯4π₯±1
π [ Matt Hand @matterpreter ]
Windows is a meme. I've spent the better part of the afternoon wondering why my code isn't working. Turns out this has been known since at least 2021...
π https://dennisbabkin.com/blog/?t=when-developers-give-up-deletesecuritypackage-function
π₯ [ tweet ]
Windows is a meme. I've spent the better part of the afternoon wondering why my code isn't working. Turns out this has been known since at least 2021...
π https://dennisbabkin.com/blog/?t=when-developers-give-up-deletesecuritypackage-function
π₯ [ tweet ]
Directed by Robert B. Weideπ14π₯±1
π [ p4p1 @p4p1_wt7 ]
Happy New Year all, New module on the #havocframework store to work with Bloodhound CE. Automatically call your SharpHound.exe and upload your .json files directly from the havoc interface!
π https://github.com/p4p1/havoc-bloodhound
π https://p4p1.github.io/havoc-store/
π₯ [ tweet ]
Happy New Year all, New module on the #havocframework store to work with Bloodhound CE. Automatically call your SharpHound.exe and upload your .json files directly from the havoc interface!
π https://github.com/p4p1/havoc-bloodhound
π https://p4p1.github.io/havoc-store/
π₯ [ tweet ]
π5
π [ Cas van Cooten @chvancooten ]
GPT-4-Vision was trained not to solve Captcha prompts... But this is easy to circumvent with the ol' Grandma exploit π
π₯ [ tweet ]
GPT-4-Vision was trained not to solve Captcha prompts... But this is easy to circumvent with the ol' Grandma exploit π
π₯ [ tweet ]
π14π1π€1
π [ SchrodingersAV @SchrodingersAV ]
Read about a technique involving tampering with scheduled tasks, and was inspired to build a powershell script to edit scheduled tasks via the registry keys.
Can be used in memory with powershell!
#redteam #cybersecurity #hacking
π https://gist.github.com/Workingdaturah/991de2d176b4b8c8bafd29cc957e20c2
π₯ [ tweet ]
Read about a technique involving tampering with scheduled tasks, and was inspired to build a powershell script to edit scheduled tasks via the registry keys.
Can be used in memory with powershell!
#redteam #cybersecurity #hacking
π https://gist.github.com/Workingdaturah/991de2d176b4b8c8bafd29cc957e20c2
π₯ [ tweet ]
π₯3π1
Offensive Xwitter
π [ SchrodingersAV @SchrodingersAV ] Read about a technique involving tampering with scheduled tasks, and was inspired to build a powershell script to edit scheduled tasks via the registry keys. Can be used in memory with powershell! #redteam #cybersecurityβ¦
π [ David @dmcxblue ]
Managed to port to C# the Invoke-GhostTask from @SchrodingersAV, added a little bit more details on what is going on.
#redteam
π https://github.com/dmcxblue/SharpGhostTask
π₯ [ tweet ]
Managed to port to C# the Invoke-GhostTask from @SchrodingersAV, added a little bit more details on what is going on.
#redteam
π https://github.com/dmcxblue/SharpGhostTask
π₯ [ tweet ]
π₯4π2
π [ Joshua Rogers @MegaManSec ]
Today I am proud to be officially releasing a tool I've been working on recently: SSH-Snake.
A self-replicating and self-propagating -- completely fileless -- ssh-based worm that discovers ssh private keys and destinations. Make cool graphs, too!
π https://github.com/MegaManSec/SSH-Snake
π₯ [ tweet ]
Today I am proud to be officially releasing a tool I've been working on recently: SSH-Snake.
A self-replicating and self-propagating -- completely fileless -- ssh-based worm that discovers ssh private keys and destinations. Make cool graphs, too!
π https://github.com/MegaManSec/SSH-Snake
π₯ [ tweet ]
π13