๐ [ NandanLohitaksh, Lohitaksh Nandan ]
Best ever Tools ๐ง for Bug Bounty Hunters...
โAmass
โSublister
โGauplus
โHTTPX
โGf tool
โKxss
โSqlmap
โCommix
โTplmap
โHYDRA
โJohn the ripper
โBurpsuite
โArjun
โParamspider
โNoSQLmap
โNMAP
โNikto
โFFUF
โ403-Bypass
โGobuster
#bugbounty #cybersecurity
๐ฅ [ tweet ]
Best ever Tools ๐ง for Bug Bounty Hunters...
โAmass
โSublister
โGauplus
โHTTPX
โGf tool
โKxss
โSqlmap
โCommix
โTplmap
โHYDRA
โJohn the ripper
โBurpsuite
โArjun
โParamspider
โNoSQLmap
โNMAP
โNikto
โFFUF
โ403-Bypass
โGobuster
#bugbounty #cybersecurity
๐ฅ [ tweet ]
๐2
๐ [ bmcder02, Blake ]
Recently I got asked to do an overview on ETW. I tried to cover everything useful for #DFIR, including multiple ways to capture ETW, useful providers and finding existing trace sessions.
#cybersecurity
https://t.co/3IWn9w6JuQ
๐ https://bmcder.com/blog/a-begginers-all-inclusive-guide-to-etw
๐ฅ [ tweet ]
Recently I got asked to do an overview on ETW. I tried to cover everything useful for #DFIR, including multiple ways to capture ETW, useful providers and finding existing trace sessions.
#cybersecurity
https://t.co/3IWn9w6JuQ
๐ https://bmcder.com/blog/a-begginers-all-inclusive-guide-to-etw
๐ฅ [ tweet ]
๐ [ Tarlogic, Tarlogic ]
#ZeroTrust is one of the trending concepts in the #cybersecurity world. But the hype around it is perhaps a bit excessive. In this article, we explain why... ๐
https://t.co/hUiMeq6bnR
๐ https://www.tarlogic.com/blog/demystifying-zero-trust/
๐ฅ [ tweet ]
#ZeroTrust is one of the trending concepts in the #cybersecurity world. But the hype around it is perhaps a bit excessive. In this article, we explain why... ๐
https://t.co/hUiMeq6bnR
๐ https://www.tarlogic.com/blog/demystifying-zero-trust/
๐ฅ [ tweet ]
๐ [ ReconOne_, ReconOne ]
Shodan Dork in Manual mode - Part 1
Now that you all have Shodan membership it's time to try Shodan Dorks ๐๐
Credits: @securitytrails
#recon #Shodan #attacksurface #bugbountytips #BugBounty #cybersecurity
๐ฅ [ tweet ]
Shodan Dork in Manual mode - Part 1
Now that you all have Shodan membership it's time to try Shodan Dorks ๐๐
Credits: @securitytrails
#recon #Shodan #attacksurface #bugbountytips #BugBounty #cybersecurity
๐ฅ [ tweet ]
๐ [ NationalCyberS1, National Cyber Security Services ]
LinWinPwn:- A bash script that automates a number of Active Directory Enumeration and Vulnerability checks.
Link:https://t.co/pR8suEn8PZ
#hacking #bugbountytips #informationsecurity #cybersecurity #infosec #cybersecuritytips #Ethicalhacking #Pentesting
https://t.co/uJj502OabP
๐ https://github.com/lefayjey/linWinPwn
๐ https://ncybersecurity.com
๐ฅ [ tweet ]
LinWinPwn:- A bash script that automates a number of Active Directory Enumeration and Vulnerability checks.
Link:https://t.co/pR8suEn8PZ
#hacking #bugbountytips #informationsecurity #cybersecurity #infosec #cybersecuritytips #Ethicalhacking #Pentesting
https://t.co/uJj502OabP
๐ https://github.com/lefayjey/linWinPwn
๐ https://ncybersecurity.com
๐ฅ [ tweet ]
๐ [ pdiscoveryio, ProjectDiscovery.io ]
The Ultimate Guide to Finding Bugs With Nuclei by @v3natoris
https://t.co/2GY3QZlTft
#hackwithautomation #cybersecurity #infosec #bugbounty
๐ https://blog.projectdiscovery.io/ultimate-nuclei-guide/
๐ฅ [ tweet ]
The Ultimate Guide to Finding Bugs With Nuclei by @v3natoris
https://t.co/2GY3QZlTft
#hackwithautomation #cybersecurity #infosec #bugbounty
๐ https://blog.projectdiscovery.io/ultimate-nuclei-guide/
๐ฅ [ tweet ]
๐ [ Idov31, Ido Veltzman ]
I'm happy to release Venom - A C++ single header file for evasive network communication which using a stolen browser's socket to perform all of its network activities and by that can make it hard to trace it back to the process.
https://t.co/AVxQbNru3Z
#infosec #CyberSecurity
๐ https://github.com/Idov31/Venom
๐ฅ [ tweet ]
I'm happy to release Venom - A C++ single header file for evasive network communication which using a stolen browser's socket to perform all of its network activities and by that can make it hard to trace it back to the process.
https://t.co/AVxQbNru3Z
#infosec #CyberSecurity
๐ https://github.com/Idov31/Venom
๐ฅ [ tweet ]
๐ [ Octoberfest73, Octoberfest7 ]
Iโm pleased to release Inline-Execute-PE, a CobaltStrike toolkit enabling users to load and repeatedly run unmanaged Windows exeโs in Beacon memory without dropping to disk or creating a new process each time. https://t.co/1byTo7uCV1
#redteam #cybersecurity #malware
๐ https://github.com/Octoberfest7/Inline-Execute-PE
๐ฅ [ tweet ]
Iโm pleased to release Inline-Execute-PE, a CobaltStrike toolkit enabling users to load and repeatedly run unmanaged Windows exeโs in Beacon memory without dropping to disk or creating a new process each time. https://t.co/1byTo7uCV1
#redteam #cybersecurity #malware
๐ https://github.com/Octoberfest7/Inline-Execute-PE
๐ฅ [ tweet ]
๐ [ ZeroMemoryEx, V2 ]
New AMSI lifetime bypass, it works by searching for the first byte of each instruction to prevent updates from affecting it, Check it out.
#amsi #redteam #cybersecurity
https://t.co/J6lBOXWFyx
๐ https://github.com/ZeroMemoryEx/Amsi-Killer
๐ฅ [ tweet ]
New AMSI lifetime bypass, it works by searching for the first byte of each instruction to prevent updates from affecting it, Check it out.
#amsi #redteam #cybersecurity
https://t.co/J6lBOXWFyx
๐ https://github.com/ZeroMemoryEx/Amsi-Killer
๐ฅ [ tweet ]
๐ [ kleiton0x7e, Kleiton Kurti ]
Created a blogpost & a PoC for a custom Sleep Mask Kit that obfuscates data within a beacon's stack, prior to custom sleeping, by leveraging CPU cycles.
A great approach against memory investigation.
๐๏ธBlog: https://t.co/sop7XnF5tc
#cybersecurity #redteam #infosec
๐ https://whiteknightlabs.com/2023/05/02/masking-the-implant-with-stack-encryption/
๐ฅ [ tweet ]
Created a blogpost & a PoC for a custom Sleep Mask Kit that obfuscates data within a beacon's stack, prior to custom sleeping, by leveraging CPU cycles.
A great approach against memory investigation.
๐๏ธBlog: https://t.co/sop7XnF5tc
#cybersecurity #redteam #infosec
๐ https://whiteknightlabs.com/2023/05/02/masking-the-implant-with-stack-encryption/
๐ฅ [ tweet ]
๐คฏ3
๐ [ kleiton0x7e, Kleiton Kurti ]
We took a Cobalt Strike profile, modified it, and bypassed Crowdstrike & Sophos without encrypting the shellcode. Also bypassed all published YARA rules, sleep detections, and string detections around a CS beacon.
Blog: https://t.co/m7FNOwV6Nx
#CyberSecurity #redteam #infosec
๐ https://whiteknightlabs.com/2023/05/23/unleashing-the-unseen-harnessing-the-power-of-cobalt-strike-profiles-for-edr-evasion/
๐ฅ [ tweet ]
We took a Cobalt Strike profile, modified it, and bypassed Crowdstrike & Sophos without encrypting the shellcode. Also bypassed all published YARA rules, sleep detections, and string detections around a CS beacon.
Blog: https://t.co/m7FNOwV6Nx
#CyberSecurity #redteam #infosec
๐ https://whiteknightlabs.com/2023/05/23/unleashing-the-unseen-harnessing-the-power-of-cobalt-strike-profiles-for-edr-evasion/
๐ฅ [ tweet ]
๐1
๐ [ kleiton0x7e, Kleiton Kurti ]
Came up with an improved version of WMIExec. By leveraging the Win32_ScheduledJob class, we can remotely create scheduled jobs. This way it's not required anymore to rely on port 139 and 445.
Github:
#CyberSecurity #redteam #infosec #infosecurity
๐ https://github.com/WKL-Sec/wmiexec/
๐ฅ [ tweet ]
Came up with an improved version of WMIExec. By leveraging the Win32_ScheduledJob class, we can remotely create scheduled jobs. This way it's not required anymore to rely on port 139 and 445.
Github:
#CyberSecurity #redteam #infosec #infosecurity
๐ https://github.com/WKL-Sec/wmiexec/
๐ฅ [ tweet ]
๐ฅ3
๐ [ r1cksec, r1cksec ]
New cheatsheets pushed ๐ต๏ธโโ๏ธ
๐ https://github.com/r1cksec/cheatsheets
Including:
A well written blog post on how to read and parse LSASS memory dumps with PowerShell ๐
#infosec #cybersecurity #pentesting #redteam #lsass #windows
๐ https://powerseb.github.io/posts/LSASS-parsing-without-a-cat
๐ฅ [ tweet ]
New cheatsheets pushed ๐ต๏ธโโ๏ธ
๐ https://github.com/r1cksec/cheatsheets
Including:
A well written blog post on how to read and parse LSASS memory dumps with PowerShell ๐
#infosec #cybersecurity #pentesting #redteam #lsass #windows
๐ https://powerseb.github.io/posts/LSASS-parsing-without-a-cat
๐ฅ [ tweet ]
๐4
๐ [ Idov31, Ido Veltzman ]
Part 5 of Lord Of The Ring0 is out!
On this part, I explained how APC and thread injection made from the kernel to a user mode process, IRP & SSDT hook, why they don't work anymore (and their alternatives)
#infosec #CyberSecurity
๐ https://idov31.github.io/2023/07/19/lord-of-the-ring0-p5.html
๐ฅ [ tweet ]
Part 5 of Lord Of The Ring0 is out!
On this part, I explained how APC and thread injection made from the kernel to a user mode process, IRP & SSDT hook, why they don't work anymore (and their alternatives)
#infosec #CyberSecurity
๐ https://idov31.github.io/2023/07/19/lord-of-the-ring0-p5.html
๐ฅ [ tweet ]
๐ฅ1
๐ [ Kleiton Kurti @kleiton0x7e ]
Spent some time reversing undocumented Syscalls residing in Kernel32/Ntdll and created a PoC for proxying DLL loads. This leads to a clean call stack as the return address pointing to shellcode won't be pushed to stack.
#CyberSecurity #redteam #infosec
๐ https://github.com/kleiton0x00/Proxy-DLL-Loads
๐ฅ [ tweet ]
Spent some time reversing undocumented Syscalls residing in Kernel32/Ntdll and created a PoC for proxying DLL loads. This leads to a clean call stack as the return address pointing to shellcode won't be pushed to stack.
#CyberSecurity #redteam #infosec
๐ https://github.com/kleiton0x00/Proxy-DLL-Loads
๐ฅ [ tweet ]
๐4๐ฅ1
๐ [ Ido Veltzman @Idov31 ]
Weekly Nidhogg update
Driver hiding feature is also finished and live in the dev branch: :)
On the photos you can see the before and after in DriverView (From Nirsoft's tools)
๐ https://github.com/Idov31/Nidhogg/tree/dev
#infosec #CyberSecurity
๐ฅ [ tweet ]
Weekly Nidhogg update
Driver hiding feature is also finished and live in the dev branch: :)
On the photos you can see the before and after in DriverView (From Nirsoft's tools)
๐ https://github.com/Idov31/Nidhogg/tree/dev
#infosec #CyberSecurity
๐ฅ [ tweet ]
๐4
๐ [ WHOAMI @wh0amitz ]
To audit the security of read-only domain controllers, I created the SharpRODC project, a simple .NET tool for RODC-related misconfigurations.
๐ https://github.com/wh0amitz/SharpRODC
#infosec #redteam #cybersecurity #pentesting
๐ฅ [ tweet ]
To audit the security of read-only domain controllers, I created the SharpRODC project, a simple .NET tool for RODC-related misconfigurations.
๐ https://github.com/wh0amitz/SharpRODC
#infosec #redteam #cybersecurity #pentesting
๐ฅ [ tweet ]
๐ฅ3
Offensive Twitter
๐ [ SafeBreach @safebreach ] This is huge. As presented at #BlackHatEurope today, see how SafeBreach Labs researcher Alon Leviev developed a brand new set of highly flexible process injection techniques that are able to completely bypass leading EDR solutions.โฆ
๐ [ Shashwat Shah ๐ฎ๐ณ @0xEr3bus ]
Just crafted a beacon object file for the 8th variant of the powerful process injection technique by @_0xDeku. An exciting journey into the Windows Thread Pool!
#cybersecurity #redteam #infosec #cobaltstrike
๐ https://github.com/0xEr3bus/PoolPartyBof
๐ฅ [ tweet ]
Just crafted a beacon object file for the 8th variant of the powerful process injection technique by @_0xDeku. An exciting journey into the Windows Thread Pool!
#cybersecurity #redteam #infosec #cobaltstrike
๐ https://github.com/0xEr3bus/PoolPartyBof
๐ฅ [ tweet ]
๐2
๐ [ Ido Veltzman @Idov31 ]
There was no update for a while and the reason being a massive bug fixes, feature checking and a new feature (fun fact: it is the 23th feature!).
Now, you can use Nidhogg to dump credentials from LSASS!
Go check it out:
๐ https://github.com/Idov31/Nidhogg/tree/dev
#infosec #CyberSecurity
๐ฅ [ tweet ]
There was no update for a while and the reason being a massive bug fixes, feature checking and a new feature (fun fact: it is the 23th feature!).
Now, you can use Nidhogg to dump credentials from LSASS!
Go check it out:
๐ https://github.com/Idov31/Nidhogg/tree/dev
#infosec #CyberSecurity
๐ฅ [ tweet ]
๐3๐3
๐ [ SchrodingersAV @SchrodingersAV ]
Read about a technique involving tampering with scheduled tasks, and was inspired to build a powershell script to edit scheduled tasks via the registry keys.
Can be used in memory with powershell!
#redteam #cybersecurity #hacking
๐ https://gist.github.com/Workingdaturah/991de2d176b4b8c8bafd29cc957e20c2
๐ฅ [ tweet ]
Read about a technique involving tampering with scheduled tasks, and was inspired to build a powershell script to edit scheduled tasks via the registry keys.
Can be used in memory with powershell!
#redteam #cybersecurity #hacking
๐ https://gist.github.com/Workingdaturah/991de2d176b4b8c8bafd29cc957e20c2
๐ฅ [ tweet ]
๐ฅ3๐1