Twitter | Pretraživanje | |
A#root
Global Security Team
3.587
Tweetovi
705
Pratim
198
Osobe koje vas prate
Tweetovi
A#root proslijedio/la je tweet
Askar 3. velj
Just discovered a new 0-day RCE in a well known network monitoring software, the code is well written which took me sometime to find the vulnerability. you can exploit it without authentication under some conditions. stay tuned for the full exploit code and a detailed article!
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
Marcello 3. velj
Really glad to finally get a blogpost out about this. Hopefully this is useful and gives Red Teamers ideas on how to use the BYOI concept in their own payloads. If anyone is interested in a few more follow up posts about this will gladly oblige :)
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
Henry Chen 3. velj
CVE-2020-7471: SQLI in Django: django.contrib.postgres.aggregates.StringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter. FIX:
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
netbiosX 3. velj
FakeLogonScreen - A utility to fake the Windows logon screen in order to obtain the user's password. The password entered is validated against the Active Directory or local machine to make sure it is correct and is then saved to disk.
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
netbiosX 31. sij
MoveKit - Cobalt Strike lateral movement kit
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
Adam 2. velj
SettingSyncHost.exe as a LolBin cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foo
Reply Retweet Označi sa "sviđa mi se"
A#root 29. sij
Odgovor korisniku/ci @SBousseaden
Yes, implanting a malicious payload into a large file can bypass most AVs.
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
mpgn 24. sij
Quickly identify users / groups / password policy of the domain with prettyloot after dumping domain info using ntlmrelayx ! The script reads all files from the loot directory and prints information like a classic enum4linux output 😊
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
Vincent Yiu 🃏 23. sij
There was once upon a time when I understood that not every Infosec professional had the opportunity to pop companies full end to end. I started to write to share out some ideas, themes, and messages to help others to think about more areas. 🤷‍♂️🧧
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
Adam 24. sij
modexp is one of my fav. researchers; while I often skim on details he is killing it with posts that combine an extensive and comprehensive research on interesting and often nuanced topics and a very well written narrative top quality right there
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
ollypwn 23. sij
PoC (Denial-of-Service) for CVE-2020-0609 & CVE-2020-0610 Please use for research and educational purpose only.
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
Dirk-jan 22. sij
If you're playing with Kerberos and want to view the encrypted parts in Wireshark you can do so with a keytab file. Since impacket was missing structures for this I added a script to my forest trust tools repo which easily allows adding multiple keys:
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
Matt Hand 21. sij
Hey Defender friends. Turns out that removing those services with Unicode/non-printable characters is pretty hard, so I wrote you a tool to help with that. I'll be releasing the offensive PoC later this week or early next week.
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
Marcello 21. sij
Added 2 more PoC scripts to the OffensiveDLR repo. One of which embeds the SSharp Compiler within a Posh script (Can be easily embedded from within any .NET language.) SSharp code compilation does not call csc.exe :)
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
🥝 Benjamin Delpy 20. sij
Because I prefer C, little POC to create your own EC alternative keys > With a lots of keys included in the release.
Reply Retweet Označi sa "sviđa mi se"
A#root 20. sij
Odgovor korisniku/ci @hackerfantastic
Switching to an m2 SSD may be more beautiful.
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
rvrsh3ll 19. sij
command-line MSBuild.exe detection's got your down? How about MSBuild without MSBuild.exe?
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
Cn33liz 18. sij
Okay here it is, Zipper a new file and folder compression utility for CobaltStrike. Blue Teams/Hunters/Defenders: Lookout for non file-compression related processes creating (random named) zipfiles within temp folders.
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
Florian Roth 18. sij
If you are unable to install the patch for RDP vulns CVE-2020-0609 and CVE-2020-0610, points out a workaround
Reply Retweet Označi sa "sviđa mi se"
A#root proslijedio/la je tweet
🥝 Benjamin Delpy 18. sij
Because VBA is not all, with Microsoft PowerShell signed script. Very useful with AllSigned or RemoteSigned execution policy🤪
Reply Retweet Označi sa "sviđa mi se"