Sometimes pentester, sometimes sysadmin. Developer of bad things. eCPPT eCPTX

Italia
Joined November 2011
b4rtik retweeted
Just released a new @OutflankNL Cobalt Strike BOF project which uses direct system calls to enumerate processes for specific loaded modules or process handles. E.g. to find open handles to LSASS or processes with CLR loaded for execute-assembly spawnto. github.com/outflanknl/FindOb…
2
111
229
Replying to @Jean_Maes_1994
I can't explain how much I hate the "optimize code" flag
1
0
0
b4rtik retweeted
Beta release of SharpHandler is now on github! github.com/jfmaes/SharpHandl… inspiration by @SkelSec uses Sharpkatz by @b4rtik and SharpDump by @harmj0y under the hood. only supports x64 for now, D/invoke version to come later please submit PR's if you can improve this project :)
3
101
206
Awesome work mate 😁
0
0
1
b4rtik retweeted
now with extra sharpkatz ;) @b4rtik
0
3
10
Show this thread
b4rtik retweeted
Just pushed some code to the OffensiveNim repository which enumerates all Minifilters on a system. Basically a port of the fltMC.exe utility to Nim. Big thanks to @matterpreter and @gentilkiwi for the code references :) github.com/byt3bl33d3r/Offen…
3
35
117
I've never done this exact thing. But now I'm curious, I'll do some tests.
1
0
1
New blog post is up looking at how .NET DLL exports work behind the scenes, and how we can use the portal created to invoke managed code. blog.xpnsec.com/the-net-expo…
8
148
349