Pentesting, scripting, pwning!

127.0.0.1
Joined January 2019
Just finished another blog post about Excel-Phish - Phish protected Excel-file passwords: s3cur3th1ssh1t.github.io/Phi… Written by @0x23353435 and me 🍻
0
49
133
S3cur3Th1sSh1t retweeted
New blog-post is out: luemmelsec.github.io/Circumv… Bypassing AV, AMSI, ConstrainedLanguage and AppLocker Thx @ShitSecure and @0x23353435 for QA and all your input. @_RastaMouse @phraaaaaaa @egeblc for sharing knowledge and tools #redteam #pentest #RTO
1
116
250
Show this thread
Just finished my Red Team Ops (RTO) course exam and submitted (4/4) flags. 🥳A really good lab environment and a much more challenging exam environment, I can definitely recommend that course for anyone interested into Red-Teaming! Thanks @_RastaMouse for this excellent course 👌
2
4
74
Got ETW-Block in Nim working without the environment variable but by patching the EtwEventWrite function, basically its the AMSI patch template with modified functions/bytes: gist.github.com/S3cur3Th1sSh… Should be harder to detect than the environment variable.
1
26
64
S3cur3Th1sSh1t retweeted
Just finished a long project I was working on. It's a self developed remote access tool. Shoutout to: @chvancooten, @ShitSecure for helping me with the last piece of the puzzle. And : @byt3bl33d3r with his amazing OffensiveNim repo. github.com/byt3bl33d3r/Offen…
2
29
74
So many companies cannot patch CVE-2019-3980 - Dameware Mini Remote Control in an easy manner because it needs a manual patch for every system. One of the most common vulnerabilities I find at the moment, but the MSF-Exploit sucks because the binary is always detected. (1/2)
1
4
20
This Alternative works perfectly fine and you can use a custom binary that will be executed as dwDrvInst.exe, so an obfuscated C2-Stager-executable for example works: github.com/warferik/CVE-2019… Only little modification for the Response is needed - or you will get a timeout.
0
7
19
Just wrote a quick update for the latest "Playing with OffensiveNim" blog post which contains some words about detection as well as Encoding/Encryption for .NET assemblies: s3cur3th1ssh1t.github.io/Pla…
0
34
85