Infosec, Pentesting and Red Teaming enthusiast OSCP|OSWP|OSCE|CRTO|CRTP

Joined December 2018
0x23353435 retweeted
New pypykatz version 0.4.0 is out. Not on pip yet, as despite weeks of testing I still treat it as beta. What's new: 1. new ASCII logo thanks to @thugcrowd 2. kerberos live functions thanks to @harmj0y (rubeus) 3. new DPAPI with Chrome and WIFI secrets 1/N github.com/skelsec/pypykatz
2
36
95
Show this thread
0x23353435 retweeted
New blog-post is out: luemmelsec.github.io/Circumv… Bypassing AV, AMSI, ConstrainedLanguage and AppLocker Thx @ShitSecure and @0x23353435 for QA and all your input. @_RastaMouse @phraaaaaaa @egeblc for sharing knowledge and tools #redteam #pentest #RTO
1
116
250
Show this thread
0x23353435 retweeted
You can now use creds script to turn the #DefaultCreds-cheat-sheet into a cli command to easily perform search queries for a specific product.(gaining time during an assessment) 🤘 github.com/ihebski/DefaultCr…
1
29
81
0x23353435 retweeted
Operating from a restricted environment without outbound connectivity? Venom allows for port reuse and even works on Windows (to my surprise). Now you can set up a SOCKS proxy without disturbing the original service! Check it out 👉github.com/Dliv3/Venom
1
107
344
0x23353435 retweeted
Nice. Super simple to combine Nim DLLs with sRDI for shellcode injection🐚
2
23
99
0x23353435 retweeted
Got ETW-Block in Nim working without the environment variable but by patching the EtwEventWrite function, basically its the AMSI patch template with modified functions/bytes: gist.github.com/S3cur3Th1sSh… Should be harder to detect than the environment variable.
1
26
64
0x23353435 retweeted
This Alternative works perfectly fine and you can use a custom binary that will be executed as dwDrvInst.exe, so an obfuscated C2-Stager-executable for example works: github.com/warferik/CVE-2019… Only little modification for the Response is needed - or you will get a timeout.
0
7
19
Show this thread
Bypassing Windows protection mechanisms & Playing with OffensiveNim s3cur3th1ssh1t.github.io/Pla… #Pentesting #Windows #Bypassing #CyberSecurity #Infosec
0
40
67