|
Anis_Boss
@
AnisBoss_
IRC
|
|
Cyber Security Enthusiast |
CTF Player at Sudo_root | (1.01)^365== 37.8
|
|
|
47
Tweetovi
|
156
Pratim
|
69
Osobe koje vas prate
|
| Tweetovi |
|
Anis_Boss
@AnisBoss_
|
4. velj |
|
Any POC released yet ?
|
||
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
Pixis
@HackAndDo
|
16. sij |
|
#lsassy 1.1.6 is out
🔸New -m flag to chose dumping method
🔸Random dump names
🔸CME module supports comsvcs.dll method
🔸Better error handling
🔸Handles user interrupt
🔸Minor fixes and code cleaning
If you find corner cases, please share them ! 🙃
github.com/Hackndo/lsassy
|
||
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
Swissky
@pentest_swissky
|
14. sij |
|
Mysql Client Arbitrary File Reading Attack Chain Extension
medium.com/@knownsec404te…
|
||
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
Pixis
@HackAndDo
|
2. sij |
|
lsassy 1.0.0 is finally out !
🔸 Remotely dump #lsass **with built-in Windows tools only**, procdump is no longer necessary
🔸 Remotely parse lsass dumps to extract credentials
🔸 Link to #Bloodhound to detect compromised users with path to Domain Admin
github.com/Hackndo/lsassy pic.twitter.com/vljW7swZGr
|
||
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
Pixis
@HackAndDo
|
3. pro |
|
I just released "lsassy" ! Tool to remotely parse lsass dumps using #impacket and #pypykatz
Automate the whole process using my CME module
🔹lsassy : github.com/Hackndo/lsassy
🔸CME Module : gist.github.com/Hackndo/4326c7…
French article about this technique : beta.hackndo.com/remote-lsass-d…
🙃
|
||
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
Pixis
@HackAndDo
|
29. stu |
|
Pour le week-end, voici un nouvel article présentant une technique pour lire le contenu d'un dump de lsass **à distance**, évitant ainsi la détection des AV (#mimikatz) et le téléchargement de dumps volumineux (80-150Mo).
Bon week-end ! 🙃
beta.hackndo.com/remote-lass-du…
|
||
|
|
||
|
Anis_Boss
@AnisBoss_
|
18. stu |
|
Because _ always points to last argument of last command.
|
||
|
|
||
|
Anis_Boss
@AnisBoss_
|
10. stu |
|
Gg the team well played <3
|
||
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
MalwareTech
@MalwareTechBlog
|
15. lis |
|
If you can't afford hundreds of dollars for certs, don't let people convince you it's the only way. Certs are a way to prove you know at least something, but there are many ways to do that.
|
||
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
m0chan
@m0chan98
|
2. lis |
|
Just put a whole bunch of new cool stuff on my Windows Cheatsheet :)
m0chan.github.io/2019/07/30/Win…
#OSCP #Windows #HackTheBox
|
||
|
|
||
|
Anis_Boss
@AnisBoss_
|
26. ruj |
|
rlwrap nc -lvp PORT is also useful
|
||
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
Pixis
@HackAndDo
|
31. srp |
|
Si vous ne connaissez pas l'outil #BloodHound, n'hésitez pas à lire mon nouvel article beta.hackndo.com/bloodhound/
En deux mots, BloodHound permet de modéliser un environnement #ActiveDirectory en mode graphe afin de détecter des chemins d'attaque. Bonne lecture ! 🙃
|
||
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
Segf0lt
@ih3bski
|
19. srp |
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
kmkz
@kmkz_security
|
17. srp |
|
Shellcoding for Linux and Windows Tutorial vividmachines.com/shellcode/shel…
|
||
|
|
||
|
Anis_Boss
@AnisBoss_
|
17. srp |
|
includes all ways to privelege escalation using linux commands : gtfobins.github.io
windows version : lolbas-project.github.io
|
||
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
Sudo_root
@Sudo_root_team
|
9. srp |
|
We made it, "Sudo_root" wins Algeria 🇩🇿 National Cyber Security CTF Competition 2019, and qualified to Arab Regional CTF 2019 that will be held in Egypt on 7th September 2019. twitter.com/Cyber_Talents/…
|
||
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
DirectoryRanger
@DirectoryRanger
|
7. srp |
|
Some ways to dump LSASS.exe, by @_markmo_
medium.com/@markmotig/som…
|
||
|
|
||
|
Anis_Boss
@AnisBoss_
|
2. lip |
|
similar in some cases to $_
$_ points to the last argument of last command
!$ points to the last word of the last command
different case example : command with redirection
|
||
|
|
||
|
Anis_Boss
@AnisBoss_
|
31. svi |
|
check with @MAHDI_MMB
|
||
|
|
||
| Anis_Boss proslijedio/la je tweet | ||
|
Benoît Sevens
@benoitsevens
|
30. svi |
|
Playing with the awesome CTF challenge "antipasto" made by @j00ru raised some questions on Linux kernel internals. An interesting problem which learned me stuff on Linux system calls, files, pipes and sockets.
medium.com/@benoit.sevens…
|
||
|
|
||