Joined June 2016
Vylegzhanin Daniel retweeted
Breaking the Browser: a tale of IPC, credentials and backdoors... new research and tools by @_batsec_ on how to tap chrome mdsec.co.uk/2021/01/breaking…
9
116
208
Vylegzhanin Daniel retweeted
In our final blog post of 2020, @modexpblog catalogues a variety of methods for bypassing user-mode hooks for red teams mdsec.co.uk/2020/12/bypassin… We'll be back in 2021.... #happynewyear
7
103
176
GIF
Vylegzhanin Daniel retweeted
A Fresh Outlook on Mail Based Persistence - a new blog post by @domchell mdsec.co.uk/2020/11/a-fresh-… #redteam
4
86
199
Vylegzhanin Daniel retweeted
💥New article "Path Traversal on Citrix XenMobile Server" with a step-by-step guide to disclosing encryption keys, decrypting passwords, and thoroughly understanding CVE-2020-8209 by our researcher Andrey Medov. Read all about it: swarm.ptsecurity.com/path-tr… The PoC⬇️
2
180
364
Vylegzhanin Daniel retweeted
And finally I got a proper writeup and code published. Check it here! offnotes.notso.pro/abusing-c… Thanks to @_xpn_ @spotheplanet @FuzzySec @Her0_IT @dottor_morte for the tutorials/guides/insights/support :P
It took a couple of days but I managed to write a DLL which abuses this behaviour :D I'm integrating it in a tool I'm developing. Source code and writeup in a few days.
6
111
213
Vylegzhanin Daniel retweeted
Segmentation Vault: Cloning Thick Client Access... a new blog post by @dtmsecurity dives in to cloning OneDrive access mdsec.co.uk/2020/10/segmenta…
9
73
111
GIF
Vylegzhanin Daniel retweeted
Have you been seeing a lot of stuff about "Mythic" lately and not sure what it is? Here's a series of short videos showing some of the most common features: invidious.snopyta.org/playlist?list=PL… I'll keep updating this with new features and updates.
4
32
68
Show this thread
Vylegzhanin Daniel retweeted
I found an interesting #LOLBIN using Windows Update Client (wuauclt.exe) as a loader - blog, pull request to LOLBAS and in the wild sample here dtm.uk/wuauclt/ - I am hoping to finalise some of my work on the methodology I used soon @MDSecLabs so keep your eyes posted.
18
345
594