Andre Marques

@_zc00l

Developer of Insecurity. Former Law student went to hacking. Working in Red Team for Morphus.

Sao Paulo, Brazil
github.com/0x00-0x00
Vrijeme pridruživanja: travanj 2018.
4 fotografije ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @_zc00l

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @_zc00l

  1. 13. ruj 2019.

    New post. Coding a powershell bind shell that bypass that troublesome Windows Firewall pop-up when binding tcp sockets! No need for Local admin either.

    78 proslijeđenih tweetova 153 korisnika označavaju da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    5. ruj 2019.

    You can now find in the repository: - JSParser by - Shellpop by - arsenic by Thanks those devs for their amazing tools! Happy hacking!

    10 proslijeđenih tweetova 28 korisnika označava da im se sviđa
    Poništi
  3. 11. lip 2019.

    Now that it's no longer a 0day, check my post about "Coding a reliable CVE-2019-0841 bypass" to craft a LPE exploit that works for all versions of Microsoft Edge in Windows 10.

    106 proslijeđenih tweetova 207 korisnika označava da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    13. svi 2019.

    AD Security Event IDs: Lockouts: 4740 User Logon: 4624 Group Changes: 4728, 4729, 4732, 4733, 4756, 4757, 4761, 4762 Group Creation/Del: 4727, 4730, 4731, 4734, 4759, 4760, 4754, 4758 GP Change: 5136, 5137, 5141 Log Clear: 1102, 104

    8 replies 235 proslijeđenih tweetova 702 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  5. 8. velj 2019.

    Amazing talk. Must watch!

    Shout out to for consistently dropping the highest quality research year after year. Side note, even if you read the blogs, take 45 minutes and watch this talk. So many knowledge bombs are sprinkled throughout
    1 reply 6 proslijeđenih tweetova 10 korisnika označava da im se sviđa
    Poništi
  6. 12. sij 2019.

    Awesome work, as usual!

    Our members @greensoncio and have released another module😃 ( -> JuicyPotato by & )
    5 korisnika označava da im se sviđa
    Poništi
  7. 11. pro 2018.

    Pwning computers with Telegram Bot API. This is a post where I describe my experience developing a fun weekend-project that I named "Telepreter".

    1 reply 23 proslijeđena tweeta 53 korisnika označavaju da im se sviđa
    Poništi
  8. 4. pro 2018.

    Finally! Time to change strategy. C++ is going to be "the way"?

    Malware using .NET to run fileless and load assemblies from byte arrays? Thanks to AMSI support, not for long :)
    6 korisnika označava da im se sviđa
    Poništi
  9. 8. stu 2018.

    New blog post: "Oh no! AMSI blocked the AMSI Bypass! What Now?" It teaches how to circumvent this and posterior AMSI blocks to our AMSI bypass script.

    32 proslijeđena tweeta 59 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    6. stu 2018.

    New Release: Magic Unicorn 3.5.1 - adds AMSI_BYPASS mode which uses the technique described here: to disable AMSI as part of the payload in Unicorn. Also added new features (print_decoded and more).

    1 reply 96 proslijeđenih tweetova 175 korisnika označava da im se sviđa
    Poništi
  11. 6. stu 2018.

    Check my latest blog post about recovering domain credentials from WPA2 Enterprise on a compromised workstation!

    90 proslijeđenih tweetova 168 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    2. stu 2018.

    Explicando y bypasseando protecciones de PowerShell con técnicas de y

    1 reply 2 proslijeđena tweeta 12 korisnika označava da im se sviđa
    Poništi
  13. 1. stu 2018.

    You've been playing with it a lot these days, huh? Great work, , as always.

    AmsiScanBuffer Bypass - Part 3 Shout out to on this one.
    1 reply 8 korisnika označava da im se sviđa
    Poništi
  14. 31. lis 2018.

    Don't forget to check my lastest blog post: How to bypass UAC in newer Windows versions! A research based on the work of

    1 reply 107 proslijeđenih tweetova 161 korisnik označava da mu se sviđa
    Poništi
  15. proslijedio/la je Tweet
    31. lis 2018.
    Odgovor korisnicima

    I just posted a Part 2 (and also had to update the slug for the original post, so that link won't work now). Use the tag:

    9 proslijeđenih tweetova 16 korisnika označava da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    31. lis 2018.

    Playin' with the latest bypass by in-memory published by few days ago. Result: works like a charm for payload delivery stuff! Article link:

    1 reply 68 proslijeđenih tweetova 108 korisnika označava da im se sviđa
    Poništi
  17. 28. lis 2018.

    Hi guys. New post in my Blog. This time is for bypassing AMSI and executing any malicious powershell script from an attacker perspective.

    160 proslijeđenih tweetova 268 korisnika označava da im se sviđa
    Poništi
  18. 27. lis 2018.

    Hey! I have concluded my series of Windows Impersonation posts, check the last one.

    1 proslijeđeni tweet 8 korisnika označava da im se sviđa
    Poništi
  19. 17. lis 2018.

    Do you like Windows? Check my latest blog post:

    3 proslijeđena tweeta 7 korisnika označava da im se sviđa
    Poništi

@_zc00l još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·