Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @Haus3c
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @Haus3c
-
Prikvačeni tweet
New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZurehttps://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I made a PowerShell script when researching COM objects that has like 30 foreach and if loops and will search every COM object method for a keyword, e.g. finding COM objects with a method containing 'ExecuteShell'. Maybe someone else will find it useful.https://github.com/hausec/COMMethodSearcher …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ryan Hausknecht proslijedio/la je Tweet
Join me and
@CptJesus on Tuesday, February 11th as we unveil#BloodHound 3.0! We will demo new attack primitives, performance improvements, and changes in the GUI. Register for the webinar here (recording available afterwards): https://specterops.zoom.us/webinar/register/WN_Ak7pi_zxSM28HBIl5RIVWw …pic.twitter.com/pP4BxRE0tN
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ryan Hausknecht proslijedio/la je Tweet
For the past few months, I've been diving into Apple's Endpoint Security Framework. This post shares how I use the framework for detection engineering purposes. https://posts.specterops.io/detection-engineering-using-apples-endpoint-security-framework-affdbcb18b02 …pic.twitter.com/PEpNy4v7jV
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Finally, I know this lacks the defensive recommendations. There's a lot, so it has it's own article. It is written and being peer-reviewed. It'll be out early next week.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
There's no reason to ever run this on a compromised system. This would just be ran from an assessment VM, hence why it's installing packages.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
https://github.com/hausec/PowerZure … I initially wanted to write this in C# and had it about half way done then realized KeyVaults use a different API and the documentation for Graph was so poor, I didn't want to jump into another poorly documented API when C# has no real advantage for it.2/3
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ryan Hausknecht proslijedio/la je Tweet
Move Faster, Stay Longer https://posts.specterops.io/move-faster-stay-longer-6b4efab9c644 … blog about extending CS and tools to go with it.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ryan Hausknecht proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Ryan Hausknecht proslijedio/la je Tweet
Revisiting RDP lateral movement https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3 … and releasing a project that will be part of a bigger tool coming next week
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ryan Hausknecht proslijedio/la je Tweet
Just released Satellite, a payload hosting and proxy software for red team operations. In the blog post, I discuss the feature set of Satellite as well as why an operator would choose it over Apache or Nginx.https://posts.specterops.io/satellite-a-payload-and-proxy-service-for-red-team-operations-aa4500d3d970 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ryan Hausknecht proslijedio/la je Tweet
I've been poking around the Windows kernel a lot lately and one of my favorite samples I've referenced is Mimikatz's driver, Mimidrv. I took some time and documented all of its functions and included some write-ups on important kernel structures. Post: https://posts.specterops.io/mimidrv-in-depth-4d273d19e148 … 1/3
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ryan Hausknecht proslijedio/la je Tweet
(12/?) Some of the great content creators for AD pentesting include:
@PyroTek3 - https://adsecurity.org/@harmj0y - https://blog.harmj0y.net/@_dirkjan - https://dirkjanm.io/@Haus3c - https://hausec.com/ Do your research and you'll find plenty more.Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Today's win: Found Citrix webapp>One of the Apps was Notepad>Open notepad, click "save as" to browse filesystem>browse to cmd.exe and opened it up>execute an msbuild payload.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Love this query, it just saved our butts in a recent engagement. It can also be modified slightly for specific domains, in case of results overload or specific hunting https://twitter.com/_wald0/status/1205953728173338624 …pic.twitter.com/O2LkelnDW4
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I've taken most queries from my
#Bloodhound cheatsheet and put them into the customqueries.json, so instead of copy+paste you can just click and shoot. Just replace your .json with this one (or the contents)https://github.com/hausec/Bloodhound-Custom-Queries …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ryan Hausknecht proslijedio/la je Tweet
Today I was able to release the first post of a series of blog posts about attacking FreeIPA, an open source alternative to Windows Active Directory inside of unix environments. This post covers authentication, and situational awareness.https://posts.specterops.io/attacking-freeipa-part-i-authentication-77e73d837d6a …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Thank you to those who came out to my talk at Triangle InfoSec Con in Raleigh yesterday. Here are the slides in case you missed it or couldn't get in! Video is coming soon. https://bit.ly/2WfUWKF
#RaleighISSAHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ryan Hausknecht proslijedio/la je Tweet
I'm happy to announce the official
#BloodHound swag store is now open for business! Red and blue shirts will ALWAYS be available at the following URL: https://www.customink.com/fundraising/bloodhound-swag …pic.twitter.com/eQ1Clknv8A
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Such a great article by my teammate
@slyd0g. Great job breaking down how access token manipulation is done, the rights needed, and detections around it.https://twitter.com/slyd0g/status/1179068134268866560 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.