tzar
@tzarsec.bsky.social
We've been putting these to good use lately on some ops.
github.com/kozmer/aad-bofs
Keep an eye on future updates from @kozmer.bsky.social.
github.com/kozmer/aad-bofs
Keep an eye on future updates from @kozmer.bsky.social.
GitHub - kozmer/aad-bofs: AzureAD beacon object files
AzureAD beacon object files. Contribute to kozmer/aad-bofs development by creating an account on GitHub.
github.com
December 23, 2024 at 11:07 AM
We've been putting these to good use lately on some ops.
github.com/kozmer/aad-bofs
Keep an eye on future updates from @kozmer.bsky.social.
github.com/kozmer/aad-bofs
Keep an eye on future updates from @kozmer.bsky.social.
There's so many ways to secure your comms these days without ever exposing anything. Amazes me this is still even a thing, alongside open C2 management ports.... Tailscale anyone? Basic firewalls security?
PSA: I have been spending a lot of time this year hunting open directories with hunt.io
On four separate occasions, I had to contact pentesters/pentesting companies to take down a shared home folder via python HTTP.server that were directly attributable to them.
On four separate occasions, I had to contact pentesters/pentesting companies to take down a shared home folder via python HTTP.server that were directly attributable to them.
Threat Hunting Platform | C2 & Malicious Infrastructure Hunting
Explore the leading Threat Hunting Platform, discover active C2 servers, perform proactive infrastructure hunting and more.
hunt.io
November 30, 2024 at 11:47 AM
There's so many ways to secure your comms these days without ever exposing anything. Amazes me this is still even a thing, alongside open C2 management ports.... Tailscale anyone? Basic firewalls security?
Reposted by tzar
Chris just added
“Saw some other folks realize its actually really easy to use certificates to authenticate as other users on windows if you have access to the API.
We're now releasing our previously internal make_token_cert bof to auth using only a .pfx file :)”
github.com/trustedsec/C...
“Saw some other folks realize its actually really easy to use certificates to authenticate as other users on windows if you have access to the API.
We're now releasing our previously internal make_token_cert bof to auth using only a .pfx file :)”
github.com/trustedsec/C...
github.com
November 18, 2024 at 5:06 PM
Chris just added
“Saw some other folks realize its actually really easy to use certificates to authenticate as other users on windows if you have access to the API.
We're now releasing our previously internal make_token_cert bof to auth using only a .pfx file :)”
github.com/trustedsec/C...
“Saw some other folks realize its actually really easy to use certificates to authenticate as other users on windows if you have access to the API.
We're now releasing our previously internal make_token_cert bof to auth using only a .pfx file :)”
github.com/trustedsec/C...
2 days and 0 only fans bots. Things are looking up here.
November 17, 2024 at 6:29 PM
2 days and 0 only fans bots. Things are looking up here.