Marcello

@byt3bl33d3r

I penetrate things (phrasing). When I'm tired of penetrating (phrasing), I code. It's a vicious cycle. Python Fanatic & Red Teamer

Error: Unable to resolve
Vrijeme pridruživanja: prosinac 2012.

Tweetovi

Blokirali ste korisnika/cu @byt3bl33d3r

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @byt3bl33d3r

  1. Prikvačeni tweet
    8. ruj 2019.

    Thank you everyone for coming to my talk! Just released v0.4.0 of SILENTTRINITY! Biggest update yet, ton of new modules thanks to , upload/download functionality and the new and improved minidump module which integrates pypykatz!

    Poništi
  2. prije 20 sati

    Really glad to finally get a blogpost out about this. Hopefully this is useful and gives Red Teamers ideas on how to use the BYOI concept in their own payloads. If anyone is interested in a few more follow up posts about this will gladly oblige :)

    Poništi
  3. proslijedio/la je Tweet
    prije 20 sati
    Poništi
  4. proslijedio/la je Tweet
    prije 24 sata

    A new search engine from NSA, apparently.

    Prikaži ovu nit
    Poništi
  5. prije 22 sata

    Yearly reminder to remove PowerShell V2 EVERYWHERE. Doesn’t matter what EDR , logging, witchcraft you have in place. If an attacker has access to the Posh V2 runtime, they can automatically bypass it all.

    Poništi
  6. proslijedio/la je Tweet
    3. velj
    Poništi
  7. proslijedio/la je Tweet
    1. velj

    Alright folks! We have our first meetup of the year... 28 Feb from 6-8pm in Denver. Take a look at the poster for more info. And special thanks to for the amazing design!

    Poništi
  8. 1. velj
    Prikaži ovu nit
    Poništi
  9. 1. velj

    For anyone wondering, yes it’s written in C# and yes I will be totally adding it as a SILENTTRINITY module if I can get the source code (a few changes need to be made in order for it to run in memory).

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    27. sij

    Move Faster, Stay Longer blog about extending CS and tools to go with it.

    Poništi
  11. proslijedio/la je Tweet
    31. sij

    Pushed a new Rubeus release after getting some additional feedback from our most recent AT:RTO students. The full changes are detailed here . To highlight a few new features- "/nowrap" globally prevents base64 blobs from line-wrapping, (1/4)

    Prikaži ovu nit
    Poništi
  12. 1. velj

    This book should come with a warning: “Side affects of reading this might include waking up at 4am every goddamn day”

    Poništi
  13. proslijedio/la je Tweet
    31. sij
    Poništi
  14. proslijedio/la je Tweet
    28. sij

    SpecterOps is bringing its Adversary Tactics: Red Team Operations course to Denver, CO. on April 14th - 17th, 2020. Sign-up here:

    Poništi
  15. proslijedio/la je Tweet
    27. sij

    Using SharpRDP for lateral movement but blocked with a medium integrity process (UAC) 🛂 ? Well ... not a problem anymore ! 😁 Just updated SharpRDP with the option 'privileged' allowing you to run a process with High integrity (if your user is local admin) ! 🔥 1/3 ⬇️⬇️⬇️

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    28. sij

    New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZure

    Prikaži ovu nit
    Poništi
  17. 27. sij

    Just pushed a somewhat big update to SILENTTRINITY with a lot of forward compatibility fixes for Python 3.8 and made the PowerShell "stageless" stager public. Plus more modules and bug fixes

    Poništi
  18. proslijedio/la je Tweet
    27. sij

    If 's DotnetToJScript is blocked on newer versions of Windows or if it gets flagged by AMSI, you can use Excel automation via a COM object as an alternative to execute shellcode from JScript or VBScript w/o touching disk. PoC for x86 & x64 here:

    Poništi
  19. proslijedio/la je Tweet
    27. sij

    pwndrop - The new fast & fun way to set up an HTTP/WebDAV server for your payloads is coming! python -m SimpleHTTPServer may soon be retiring. Stay tuned! Here is a quick sneak peek:

    Poništi
  20. proslijedio/la je Tweet
    26. sij

    Ladies and gentlemen, I present you a working Remote Code Execution (RCE) exploit for the Remote Desktop Gateway (CVE-2020-0609 & CVE-2020-0610). Accidentally followed a few rabbit holes but got it to work! Time to write a blog post ;) Don't forget to patch!

    Prikaži ovu nit
    Poništi
  21. proslijedio/la je Tweet
    22. sij

    Revisiting RDP lateral movement and releasing a project that will be part of a bigger tool coming next week

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·