Scriptmonkey_
@scriptmonkey_
Tester of Pens, Ex-Teamer of Red things, now with a more purpley shade. Biker and Recovering Eve-Online Addict. o7 [email protected] & http://bsky.social
قد يعجبك
Bang on Iain! As much as the example in the blog post works, getting c2 over any form of filesystem, is the real gem here. Even locally for privesc, get a system shell without worrying about proxies for example. Looking forward to see what folk come up with use case wise.
This is such a cool C2 channel technique. Use network file share, RDP mapped drives and anywhere else more than one host sees the same filesystem as a C2 channel which really doesn't get logged. Simple but effective!
"OpSec is hard" if you think this and you've only worked on an external team. Just wait until you work for an internal one. 😅
Really great training sesh with @SinSinology brill workshop. Definitely recommend it and the 4 day training with @watchtowrcyber
Croeso BSides Aberystwyth, bydded i ni fod y cyntaf i'ch croesawu a phob lwc ym mis Tachwedd! bsidesaberystwyth.org #Security #BSides #Aberystwyth #BSidesAberystwyth
This is my research project in creating read, write and allocate primitives that can be turned into an injection in order to evade certain telemetry which I presented last year in RedTreat. I hope everyone likes it \m/. trickster0.github.io/posts/Primitiv…
When your team is reading TI reports for an upcoming exercise and goes "No way, There is no way a proper APT would ever do something as basic as this..." introducing APT herptyderp
This hack is brilliant, APT28 hopping into a target environment over wifi by compromising neighbouring companies and finding a dual-homed host within range. volexity.com/blog/2024/11/2… And yet... they got caught doing this!
This hack is brilliant, APT28 hopping into a target environment over wifi by compromising neighbouring companies and finding a dual-homed host within range. volexity.com/blog/2024/11/2… And yet... they got caught doing this!
Just made an account over on BSky. Come find me :) bsky.app/profile/script… Gives off real classic twitter vibes.
Great article with lots of details about attacks that happen irl. We should remember that many orgs don't require MFA from on-prem. Also, service accounts (i.e. entra sync account) won't have MFA. Threat Actors can also use PRTs and Access tokens to access M365/Azure.
The financially motivated cybercriminal group that Microsoft tracks as Storm-0501 has been observed exfiltrating data and deploying Embargo ransomware after moving laterally from on-premises to the cloud environment. msft.it/6013m5gnf
Understanding EVERY Token in Entra ID 🔎 Not all tokens are equal. There are many different types with different uses and benefits. In this blog, I break down each token and what they are used for and which tokens are the most "valuable" for an attacker to obtain. Full blog…
The typical right-wing nutter... In response to JSO: "Protesting shouldn't inconvenience the public! This is illegal! People should run them over! They hurt our emergency services!" In response to #UKRiots: "i'm gonna nick some crocs, punch a copper and set fire to a shop"
Teaching the Old .NET Remoting New Exploitation Tricks – read how @mwulftange developed novel techniques to exploit Apache log4net's hardened .NET Remoting service: code-white.com/blog/teaching-…
📢 New blog post out! 💡 I've been working on this blog for quite some time and I am honored and very happy I was given the opportunity from @alexverboon and @castello_johnny to present this in today's @KqlCafe. ➡️ Windows Linux Subsystem (WSL) by itself is a blind spot within…
Another year, another @Steel_Con. Once again proving why its one of my favourite cons to go to. Great time seeing old friends, meeting new ones and catching great talks including one on norse mythology and threat modelling 😁 also my arm now belongs to a sponsor 😅
CTF details. Link below for our awesome Ctf brought to you by our partners @hackrocks_ and @hacktoria. 6 awesome challenges that give you the APIs for our arena, wanna fire our flipper ??? Get registered and crack our awesome challenges @BSidesBSK infosecbattlebots.hackrocks.com
I've made some long awaited updates to SQLRecon! Here's a couple of videos highlighting some of the big additions. Tool: github.com/xforcered/SQLR… Check out this thread ⬇️
Teams needs a "don't notify on @everyone or @<channel name>" like discord. Stat. This is worse than "reply all".
Domain Admin credentials delivered across the network to workstations and servers
Laughs in ham radio.
United States الاتجاهات
- 1. Jayden Daniels 20.8K posts
- 2. Dan Quinn 6,408 posts
- 3. Seahawks 35.8K posts
- 4. Sam Darnold 14.3K posts
- 5. Commanders 48.1K posts
- 6. Jake LaRavia 3,774 posts
- 7. #RaiseHail 8,501 posts
- 8. Bronny 12.5K posts
- 9. jungkook 591K posts
- 10. Joe Whitt 2,181 posts
- 11. Marcus Smart 2,952 posts
- 12. #RHOP 6,473 posts
- 13. Jaxson Hayes 2,784 posts
- 14. Jovic 1,046 posts
- 15. #BaddiesAfricaReunion 5,138 posts
- 16. 60 Minutes 65.5K posts
- 17. Ware 5,010 posts
- 18. Larson 20.1K posts
- 19. Lattimore 2,484 posts
- 20. Denny 19.4K posts
قد يعجبك
-
@[email protected]
@christruncer -
Ben Turner 🇬🇧
@benpturner -
Harley Lebeau
@r3dQu1nn -
Dominic Chell 👻
@domchell -
Dwight Hohnstein
@djhohnstein -
CCob🏴
@_EthicalChaos_ -
obscuresec
@obscuresec -
myexploit2600
@myexploit2600 -
DTM
@dtmsecurity -
Rob Maslen
@rbmaslen -
Dave Cossa
@G0ldenGunSec -
SteelCon
@Steel_Con -
Stu Kennedy
@NoobieDog -
PortcullisLabs
@portcullislabs -
Red Hair Blue Team
@redhairblueteam
Something went wrong.
Something went wrong.