👹 [ snovvcrash, sn🥶vvcr💥sh ]

To summarize @NotMedic’s idea of an alternative approach for running NanoDump from memory (as a BOF) I’ve added a note on using RunOF (by @Nettitude_Labs) filelessly 👉🏻 https://t.co/SpuXr1PXQQ

#bof #nanodump #lsass

🔗 https://ppn.snovvcrash.rocks/red-team/maldev/bof-coff#runof

🐥 [ tweet ]

😈 [ HackerRalf @hacker_ralf ]

Everyone takes a lot from the community... it's time to give something back yourself.

Kerbeus - BOF implementation of Rubeus (not all).

🔗 https://github.com/RalfHacker/Kerbeus-BOF

P. S. PM me about all bugs

#redteam #kerberos #havoc #cobaltstrike #bof

🐥 [ tweet ]

🔍 Exploring WinRM plugins for lateral movement

In this blog, the process of leveraging WinRM plugins to perform lateral movement to other systems is explored. Additionally, the use of the CIM_LogicFile WMI class to bypass certain tricky detections by Microsoft Defender is examined. Finally, all the logic is incorporated into a Cobalt Strike BOF.

🔗 Research:
https://falconforce.nl/exploring-winrm-plugins-for-lateral-movement/

🔗 Source:
https://github.com/FalconForceTeam/bof-winrm-plugin-jump

#ad #winrm #cobaltstrike #bof #redteam