You might like
Congratulations to @passthehashed for clearing our Certified Red Teaming Expert exam! #RedTeamLab #CRTE #PentesterAcademy cc @nikhil_mitt bit.ly/2XPFfw4
Congratulations to @passthehashed for clearing our Certified Red Team Professional exam! #ADLab #CRTP #PentesterAcademy cc @nikhil_mitt bit.ly/2AXXbM2
Part 2 of my schannel research is out: b.poc.fun/decrypting-sch…. It is much shorter and focuses mainly on session resumption. As always, feedback is very welcome, especially RE TLS1.3 resumption in schannel.
Hi Guys, maybe you know a way to get users AuthenticationId without touching lsass memory and their access tokens? @tiraniddo @gentilkiwi @decoder_it
Some time ago I had a task where I needed to extract TLS session keys from win apps that use schannel (i.e. mstsc). Did some reversing and ended up creating a frida script that hooks key creation in lsass. Feedback welcome! b.poc.fun/sslkeylog-for-…
Cobalt Strike Extension kit The purpose of this was to aggregate Cobalt Strike supplements used during engagements. github.com/josephkingston… #exploitation #cobalt #redteaming #pentesting
mssqlproxy mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse github.com/blackarrowsec/… #pentest #redteaming #windows #mssql
CVE-2020-0683 Original Poc sent to MSRC. Assigned to CVE-2020-0683 - Windows Installer Elevation of Privilege github.com/padovah4ck/CVE… #windows #lpe #eop #exploit #pentest
Zipper This CobaltStrike tool allows Red teams to compress files and folders from local and UNC paths. brought you by @Cneelis github.com/outflanknl/Zip… #infosec #redteam #pentest
NSA: we are open sourcing a multi million line of code SRE tool to democratize the malware analysis space. Microsoft: Hold my beer blogs.windows.com/buildingapps/2…
InfoSec is such a fast paced profession that can be a time eater if you let it. Don’t feel bad for sacrificing some knowledge for personal physical and mental health. Spend time with friends. Play video games. Go to the gym. Learn a new hobby. The world will keep spinning :-)
Sometimes, hacking is just someone spending more time on something than anyone else might reasonably expect.
Malware Analysis 101 - Basic Static Analysis medium.com/bugbountywrite… #malware #forensics #ir #infosec
Shhmon — Silencing Sysmon via Driver Unload Today I am releasing Shhmon, a C# tool to challenge the assumption that our defensive tools are functioning as intended. posts.specterops.io/shhmon-silenci… #blueteam #sysmon #forensics #redteaming
XXE that can Bypass WAF Protection lab.wallarm.com/xxe-that-can-b… #bounty #xxe #owasp #web #bugbounty #infosec
Command and Control via TCP Handshake thesw4rm.gitlab.io/nfqueue_c2/201… #infosec #c2 #redteaming #rat #linux
𝗕𝗟𝗨𝗘𝗦𝗣𝗔𝗪𝗡 is an active defense and endpoint detection and response tool which means it can be used by defenders to quickly detect, identify, and eliminate malicious activity and malware across a network. github.com/ION28/BLUESPAWN #blueteam #redteam #edr #infosec
Docker for Pentesters My hope in this post is to demonstrate some of my usecases and workflows, and illustrate how I think pentesters and security professionals in general can greatly benefit from Docker. blog.ropnop.com/docker-for-pen… #docker #pentest #infosec #linux
Create a backdoor to take-over an object in AD medium.com/@huykha/create… #ad #wiows #redteaming
United States Trends
- 1. Elander 2,889 posts
- 2. Tosin 7,983 posts
- 3. Tony Vitello 11.4K posts
- 4. Danny White 2,423 posts
- 5. Ajax 65.7K posts
- 6. Caicedo 16.9K posts
- 7. $TSLA 41.4K posts
- 8. Ekitike 21.4K posts
- 9. East Wing 136K posts
- 10. Estevao 20.2K posts
- 11. Enzo 27K posts
- 12. #YesOnProp50 4,809 posts
- 13. Frank Anderson N/A
- 14. SNAP 648K posts
- 15. Frankfurt 41.3K posts
- 16. Hamburger Helper N/A
- 17. Vini 17.1K posts
- 18. Isak 20.2K posts
- 19. Brahim 7,594 posts
- 20. Donte N/A
Something went wrong.
Something went wrong.