你可能會喜歡
The slides of our joint research talk “10 Years of Windows Privilege Escalation with Potatoes” at #POC2023 are out! 👉 github.com/antonioCoco/in… cc @decoder_it
Just published a summary of "modern" Windows authentication reflection attacks. Turns out reflection never really died. 😅decoder.cloud/2025/11/24/ref…
Blog post about my recent CVE-2025-58726, aka “The Ghost Reflection” is out, read it here: semperis.com/blog/exploitin… 🙃
Remember the CredMarshalInfo trick? If you hadn’t applied the June 2025 patch, CVE-2025-33073 would have been critical. We know that in NTLM local auth, msg 3 is empty:You can drop sign/seal -> from Domain User to DomainAdmin escalation. 😅
Coercing machine authentication on Windows 11 /2025 using the MS-PRN/PrinterBug DCERPC edition, since named pipes are no longer used. Kerberos fails in this case due to a bad SPN from the spooler, forcing NTLM fallback.
Better socket handle visibility coming soon to @SystemInformer 🔥 When viewing a process handle table, SI will recognize files under \Device\Afd and retrieve information about their state, protocol, addresses, and more. Also works on Bluetooth and Hyper-V sockets 🤩
In my long history of submissions, I think this is the first time one has been marked as critical😅
Another Monday. Another week of… endless emails, annoying meetings, and oh look, a three-headed monkey behind you! Now that we have your attention, we can unveil the agenda for #RomHack2025 romhack.io/romhack-confer… #infosec #securityconference
I just published a blog post where I try to explain and demystify Kerberos relay attacks. I hope it’s a good and comprehensive starting point for anyone looking to learn more about this topic. ➡️decoder.cloud/2025/04/24/fro…
Microsoft has discovered post-compromise exploitation of CVE 2025-29824, a zero-day elevation of privilege vulnerability in Windows Common Log File System (CLFS), against a small number of targets. msft.it/6019qIVV9
NTLM relay is still a major threat and is now even easier to abuse. We just added new NTLM relay edges to BloodHound to help defenders fix and attackers think in graphs. Read my detailed post - the most comprehensive guide on NTLM relay & the new edges: ghst.ly/4lv3E31
We (me + @2igosha) have discovered a new Google Chrome 0-day that is being used in targeted attacks to deliver sophisticated spyware 🔥🔥🔥. It was just fixed as CVE-2025-2783 and we are revealing the first details about it and “Operation ForumTroll” securelist.com/operation-foru…
Check out our new blog post!
🍎🚨🕵️♂️ The notoriously elusive macOS malware, ReaderUpdate, is back — stealthier than ever. @philofishal and @syrion89 uncover how ReaderUpdate Reforged blends Go, Crystal, Nim, and Rust into a potent mix. 📄 This new research from SentinelOne exposes how these new variants are…
new #elastic defend rules out : - PPL bypass via ComDotNetExploit - Execution via Windows-Run (trending delivery method ITW) github.com/elastic/protec…
Hey, we should really switch from NTLM to something like Kerberos, yet another good reason, right? cc @ShitSecure @splinter_code 😂🤣
KrbRelayEx-RPC tool is out! 🎉 Intercepts ISystemActivator requests, extracts Kerberos AP-REQ & dynamic port bindings and relays the AP-REQ to access SMB shares or HTTP ADCS, all fully transparent to the victim ;) github.com/decoder-it/Krb…
United States 趨勢
- 1. Cowboys 70.4K posts
- 2. LeBron 93.7K posts
- 3. Gibbs 18.8K posts
- 4. Lions 86.6K posts
- 5. Pickens 13K posts
- 6. #OnePride 9,936 posts
- 7. Brandon Aubrey 6,975 posts
- 8. Ferguson 10.4K posts
- 9. #DALvsDET 6,090 posts
- 10. Eberflus 2,393 posts
- 11. CeeDee 10.1K posts
- 12. Goff 8,367 posts
- 13. Bland 8,406 posts
- 14. Shang Tsung 20.1K posts
- 15. DJ Reed N/A
- 16. Al Michaels N/A
- 17. Schotty 1,793 posts
- 18. scott hunter 2,615 posts
- 19. Austin Reaves 14.7K posts
- 20. fnaf 2 23.7K posts
你可能會喜歡
-
x86matthew
@x86matthew -
S3cur3Th1sSh1t
@ShitSecure -
Andrea P
@decoder_it -
mpgn
@mpgn_x64 -
Chetan Nayak (Brute Ratel C4 Author)
@NinjaParanoid -
MDSec
@MDSecLabs -
Matt Hand
@matterpreter -
an0n
@an0n_r0 -
Lee Chagolla-Christensen
@tifkin_ -
klez
@KlezVirus -
Melvin langvik
@Flangvik -
Swissky
@pentest_swissky -
Grzegorz Tworek
@0gtweet -
mgeeky | Mariusz Banach
@mariuszbit -
Adam Chester 🏴☠️
@_xpn_
Something went wrong.
Something went wrong.