Husband, Father, IT-Guy, Security-Noob, OSCP, CRTO Likes sports, cars and his downhill bike HTB: bit.ly/3lNUqQj GitHub: bit.ly/2QNz5rV

Joined June 2019
New blog-post is out: luemmelsec.github.io/Circumv… Bypassing AV, AMSI, ConstrainedLanguage and AppLocker Thx @ShitSecure and @0x23353435 for QA and all your input. @_RastaMouse @phraaaaaaa @egeblc for sharing knowledge and tools #redteam #pentest #RTO
1
116
250
LuemmelSec retweeted
New pypykatz version 0.4.0 is out. Not on pip yet, as despite weeks of testing I still treat it as beta. What's new: 1. new ASCII logo thanks to @thugcrowd 2. kerberos live functions thanks to @harmj0y (rubeus) 3. new DPAPI with Chrome and WIFI secrets 1/N github.com/skelsec/pypykatz
2
36
95
Show this thread
LuemmelSec retweeted
Nice repository of Custom Covenant C2 Tasks for Red Team. github.com/py7hagoras/Covena… #redteam
2
62
146
Since last few assessments, "PowerShDLL" has been super helpful :) Now, AVs has started flagging it Recompiled the code to reduce the AV detection (string based). Special thanks to @xP3nt4 (proj owner) @ShitSecure @bohops for their inspiring work Link: github.com/incredibleindishe…
2
12
38
LuemmelSec retweeted
Got ETW-Block in Nim working without the environment variable but by patching the EtwEventWrite function, basically its the AMSI patch template with modified functions/bytes: gist.github.com/S3cur3Th1sSh… Should be harder to detect than the environment variable.
1
26
64