Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
Blokirali ste korisnika/cu @cryptopeg
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @cryptopeg
-
Ruslan Sayfiev proslijedio/la je Tweet
Custom Signed Kernel Driver's Pretty cool
Without the need to enable TestSigning.
Sample Project:
https://github.com/HyperSine/Windows10-CustomKernelSigners …pic.twitter.com/opyM91m1HI
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
Can your EDR detect symbolic link callback rootkits? Because ours sure as heck can't.
@aionescu and I wrote about these! https://windows-internals.com/dkom-now-with-symbolic-links/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
SettingSyncHost.exe as a LolBin http://www.hexacorn.com/blog/2020/02/02/settingsynchost-exe-as-a-lolbin/ …
#LOLBIN cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foopic.twitter.com/dOM4EHq4ZuHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore, https://github.com/hfiref0x/KDU pic.twitter.com/s154qYlIKR
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
Chapter 6 has been published!https://leanpub.com/windows10systemprogramming …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
#PingCastle 2.8.0.0 released !!! https://pingcastle.com/download/ 4 clicks and 2 <enter>, that what's between you and the hard truth of your AD security. Example of report: https://pingcastle.com/PingCastleFiles/ad_hc_test.mysmartlogon.com.html … github: https://github.com/vletoux/pingcastle … Changelog: https://raw.githubusercontent.com/vletoux/pingcastle/2.8.0.0/changelog.txt …pic.twitter.com/1oQXuIJcdiHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
Myself and
@domchell are off to@BlackHatEvents USA 2020 to deliver our Adversary Simulation and Red Team Tactics course. Stay tuned for some upcoming posts on how the supporting labs were created https://www.blackhat.com/us-20/training/schedule/index.html#adversary-simulation-and-red-team-tactics-18511 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
Pushed a new Rubeus release after getting some additional feedback from our most recent AT:RTO students. The full changes are detailed here https://github.com/GhostPack/Rubeus/blob/master/CHANGELOG.md#150---2020-01-31 … . To highlight a few new features- "/nowrap" globally prevents base64 blobs from line-wrapping, (1/4)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
Wrote a post on how to use GadgetToJScript with Covenant & Donut https://3xpl01tc0d3r.blogspot.com/2020/02/gadgettojscript-covenant-donut.html …
#Covenant#Donut#GadgetToJScript#redteam#processinjection Thanks to@med0x2e for the answering my queries and helping me while exploring#GadgetToJScript tool
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
@domchell and@_xpn_ will be bringing our popular Adversary Simulation and Red Team Tactics training to the US this year at@BlackHatEvents https://www.blackhat.com/us-20/training/schedule/#adversary-simulation-and-red-team-tactics-18511 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
In his post, "Detection Engineering using Apple’s Endpoint Security Framework,"
@rrcyrus illustrates how you can use ESF to detect In-Memory Execution on#macOS endpoints. Check it out:https://posts.specterops.io/detection-engineering-using-apples-endpoint-security-framework-affdbcb18b02 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Ruslan Sayfiev proslijedio/la je Tweet
I added a mimikatz MemSSP style hook to Fermion, you can check out the code here => https://github.com/FuzzySecurity/Fermion/blob/master/Examples/MemSSP.js … This is based on the great write-ups by
@spotheplanet &@_xpn_pic.twitter.com/8Ny4lsc2Bj
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
From the folks that brought you Atomic Red Team, Chain Reactor is a new open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints. https://redcanary.com/blog/chain-reactor-framework-for-linux/ …pic.twitter.com/fkOISDk9YK
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZurehttps://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
ICYMI -
@0xthirteen released MoveKit and StayKit, a collection of aggressor scripts, .NET projects, and templates to enhance lateral movement and persistence on your engagements. Link: https://posts.specterops.io/move-faster-stay-longer-6b4efab9c644 … MoveKit: https://github.com/0xthirteen/MoveKit … StayKit:https://github.com/0xthirteen/StayKit …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
I wrote some automation around gophish, evilginx2, and postfix for faster phishing deployment. Looking for feedback and pull requests :D https://lockboxx.blogspot.com/2020/01/gophish-evilginx2-auto-deployment-w.html …https://github.com/ahhh/phish_composer …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
Post-exploitation
#Friday tip: Do you know how to trivially & remotely hijack an#RDP session without prompt nor warning on user's side using#Microsoft signed binary (no patch/multi-session) ? qwinsta+mstsc shadowing is the answer ;) Details: https://github.com/kmkz/Pentesting/blob/master/Post-Exploitation-Cheat-Sheet …#Pentestingpic.twitter.com/wHVIYQo73A
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
Starting to put together a Linux Privesc Video. Can anyone spot something non-network that I'm missing? - Recon (linPEAS/LinEnum) - Sudo - Permission Overview (file writes - sshKey/cron) - SetUID - Kernel - Cron - Network [mysql, postgres, erlang cookie (couchDb)]
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ruslan Sayfiev proslijedio/la je Tweet
#lsassy v2 is out
Dump credentials on multiple hosts
New dumping method using #dumpert (@OutflankNL) thanks to@Blurbdust
Can be used as a #library in other python projectFully documented wiki !
Needs some testing, open issues if need be 
https://github.com/Hackndo/lsassy Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.