|
A#root
@
rootfudimo
Australia
|
|
Global Security Team
|
|
|
3.587
Tweetovi
|
705
Pratim
|
198
Osobe koje vas prate
|
| Tweetovi |
| A#root proslijedio/la je tweet | ||
|
Askar
@mohammadaskar2
|
3. velj |
|
Just discovered a new 0-day RCE in a well known network monitoring software, the code is well written which took me sometime to find the vulnerability.
you can exploit it without authentication under some conditions.
stay tuned for the full exploit code and a detailed article! pic.twitter.com/q7gQW1HUIr
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
Marcello
@byt3bl33d3r
|
3. velj |
|
Really glad to finally get a blogpost out about this. Hopefully this is useful and gives Red Teamers ideas on how to use the BYOI concept in their own payloads. If anyone is interested in a few more follow up posts about this will gladly oblige :)
blackhillsinfosec.com/red-teamers-co…
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
Henry Chen
@chybeta
|
3. velj |
|
CVE-2020-7471: SQLI in Django:
django.contrib.postgres.aggregates.StringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter.
djangoproject.com/weblog/2020/fe…
FIX: github.com/django/django/… pic.twitter.com/NljqLmin93
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
netbiosX
@netbiosX
|
3. velj |
|
FakeLogonScreen - A utility to fake the Windows logon screen in order to obtain the user's password. The password entered is validated against the Active Directory or local machine to make sure it is correct and is then saved to disk. github.com/bitsadmin/fake…
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
netbiosX
@netbiosX
|
31. sij |
|
MoveKit - Cobalt Strike lateral movement kit github.com/0xthirteen/Mov…
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
Adam
@Hexacorn
|
2. velj |
|
SettingSyncHost.exe as a LolBin
hexacorn.com/blog/2020/02/0…
#LOLBIN
cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foo pic.twitter.com/dOM4EHq4Zu
|
||
|
|
||
|
A#root
@rootfudimo
|
29. sij |
|
Yes, implanting a malicious payload into a large file can bypass most AVs.
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
mpgn
@mpgn_x64
|
24. sij |
|
Quickly identify users / groups / password policy of the domain with prettyloot after dumping domain info using ntlmrelayx !
github.com/mpgn/prettyloot
The script reads all files from the loot directory and prints information like a classic enum4linux output 😊 twitter.com/ditrizna/statu… pic.twitter.com/H52izvze1Z
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
Vincent Yiu 🃏
@vysecurity
|
23. sij |
|
There was once upon a time when I understood that not every Infosec professional had the opportunity to pop companies full end to end. I started to write vincentyiu.com/red-team-tips to share out some ideas, themes, and messages to help others to think about more areas. 🤷♂️🧧
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
Adam
@Hexacorn
|
24. sij |
|
modexp is one of my fav. researchers; while I often skim on details he is killing it with posts that combine an extensive and comprehensive research on interesting and often nuanced topics and a very well written narrative
top quality right there
modexp.wordpress.com/2019/12/08/she…
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
ollypwn
@ollypwn
|
23. sij |
|
PoC (Denial-of-Service) for CVE-2020-0609 & CVE-2020-0610
Please use for research and educational purpose only.
github.com/ollypwn/BlueGa… pic.twitter.com/R43AHUwGV0
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
Dirk-jan
@_dirkjan
|
22. sij |
|
If you're playing with Kerberos and want to view the encrypted parts in Wireshark you can do so with a keytab file. Since impacket was missing structures for this I added a script to my forest trust tools repo which easily allows adding multiple keys: github.com/dirkjanm/fores…
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
Matt Hand
@matterpreter
|
21. sij |
|
Hey Defender friends. Turns out that removing those services with Unicode/non-printable characters is pretty hard, so I wrote you a tool to help with that. I'll be releasing the offensive PoC later this week or early next week. github.com/matterpreter/O… pic.twitter.com/SCEV9WtpnF
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
Marcello
@byt3bl33d3r
|
21. sij |
|
Added 2 more PoC scripts to the OffensiveDLR repo. One of which embeds the SSharp Compiler within a Posh script (Can be easily embedded from within any .NET language.)
SSharp code compilation does not call csc.exe :)
github.com/byt3bl33d3r/Of…
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
🥝 Benjamin Delpy
@gentilkiwi
|
20. sij |
|
Because I prefer C, #curveball #cve20200601 little POC to create your own EC alternative keys
> github.com/gentilkiwi/cur…
With a lots of keys included in the release. pic.twitter.com/kkboaxUARk
|
||
|
|
||
|
A#root
@rootfudimo
|
20. sij |
|
Switching to an m2 SSD may be more beautiful.
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
rvrsh3ll
@424f424f
|
19. sij |
|
#BlueTeam command-line MSBuild.exe detection's got your #RedTeam down? How about MSBuild without MSBuild.exe?
s5.gifyu.com/images/msbuild…
github.com/rvrsh3ll/MSBui…
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
Cn33liz
@Cneelis
|
18. sij |
|
Okay here it is, Zipper a new @OutflankNL file and folder compression utility for CobaltStrike.
Blue Teams/Hunters/Defenders: Lookout for non file-compression related processes creating (random named) zipfiles within temp folders.
github.com/outflanknl/Zip…
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
Florian Roth
@cyb3rops
|
18. sij |
|
If you are unable to install the patch for RDP vulns CVE-2020-0609 and CVE-2020-0610, @MalwareTechBlog points out a workaround
kryptoslogic.com/blog/2020/01/r… pic.twitter.com/4ythzF9AiN
|
||
|
|
||
| A#root proslijedio/la je tweet | ||
|
🥝 Benjamin Delpy
@gentilkiwi
|
18. sij |
|
Because VBA is not all, #curveball #cve20200601 with Microsoft PowerShell signed script.
Very useful with AllSigned or RemoteSigned execution policy🤪 pic.twitter.com/tUS9vnyx97
|
||
|
|
||