michel
@madkasper.bsky.social
Reposted by michel
I'm not sure if Ben Reardon is on bsky (or else I'd tag), but I highly recommend defenders check out this @corelight-inc.bsky.social blog post on Ben's quick network detection work on a newly-released SSH scanner:
corelight.com/blog/black-h...
CC: @philhagen.com for some awesome insight
corelight.com/blog/black-h...
CC: @philhagen.com for some awesome insight
Black Hat USA 2024: Tales from the NOC | Corelight
Recapping our learnings from the Network Operations Center (NOC) at Black Hat USA 2024. Using historical network logs to detect threats during the Network Operations Center (NOC) at Black Hat USA 2024...
corelight.com
December 15, 2024 at 2:25 PM
I'm not sure if Ben Reardon is on bsky (or else I'd tag), but I highly recommend defenders check out this @corelight-inc.bsky.social blog post on Ben's quick network detection work on a newly-released SSH scanner:
corelight.com/blog/black-h...
CC: @philhagen.com for some awesome insight
corelight.com/blog/black-h...
CC: @philhagen.com for some awesome insight
Reposted by michel
I'm glad to release the tool I have been working hard on the last month: #KrbRelayEx
A Kerberos relay & forwarder for MiTM attacks!
>Relays Kerberos AP-REQ tickets
>Manages multiple SMB consoles
>Works on Win& Linux with .NET 8.0
>...
GitHub: github.com/decoder-it/K...
A Kerberos relay & forwarder for MiTM attacks!
>Relays Kerberos AP-REQ tickets
>Manages multiple SMB consoles
>Works on Win& Linux with .NET 8.0
>...
GitHub: github.com/decoder-it/K...
November 25, 2024 at 5:31 PM
I'm glad to release the tool I have been working hard on the last month: #KrbRelayEx
A Kerberos relay & forwarder for MiTM attacks!
>Relays Kerberos AP-REQ tickets
>Manages multiple SMB consoles
>Works on Win& Linux with .NET 8.0
>...
GitHub: github.com/decoder-it/K...
A Kerberos relay & forwarder for MiTM attacks!
>Relays Kerberos AP-REQ tickets
>Manages multiple SMB consoles
>Works on Win& Linux with .NET 8.0
>...
GitHub: github.com/decoder-it/K...
Reposted by michel
It's that time of year again everybody! I want to know YOUR thoughts on Mythic! What did you like? What could be improved? What would you like to see next? Why do you or don't you use it? If you could change something, what would it be? www.surveymonkey.com/r/MythicPlan... I'm all ears :)
a woman wearing glasses says please with her hand up
ALT: a woman wearing glasses says please with her hand up
media.tenor.com
November 25, 2024 at 5:35 PM
It's that time of year again everybody! I want to know YOUR thoughts on Mythic! What did you like? What could be improved? What would you like to see next? Why do you or don't you use it? If you could change something, what would it be? www.surveymonkey.com/r/MythicPlan... I'm all ears :)
Reposted by michel
KrbRelayEx - a tool designed for performing Man-in-the-Middle (MitM) attacks by relaying Kerberos AP-REQ tickets. It listens for incoming SMB connections and forwards the AP-REQ to the target host, enabling access to SMB shares or HTTP ADCS endpoints on behalf of the targeted identity.
GitHub - decoder-it/KrbRelayEx
Contribute to decoder-it/KrbRelayEx development by creating an account on GitHub.
github.com
November 25, 2024 at 5:31 PM
KrbRelayEx - a tool designed for performing Man-in-the-Middle (MitM) attacks by relaying Kerberos AP-REQ tickets. It listens for incoming SMB connections and forwards the AP-REQ to the target host, enabling access to SMB shares or HTTP ADCS endpoints on behalf of the targeted identity.
Reposted by michel
Good morning, or evening.
After a months, we're finally releasing the Dispossessor ransomware leaks. They're now available to download.
Please exercise extreme caution. This archive contains ransomware payloads.
vx-underground.org/Archive/Disp...
After a months, we're finally releasing the Dispossessor ransomware leaks. They're now available to download.
Please exercise extreme caution. This archive contains ransomware payloads.
vx-underground.org/Archive/Disp...
Vx Underground
The largest collection of malware source code, samples, and papers on the internet.
vx-underground.org
November 25, 2024 at 3:34 AM
Good morning, or evening.
After a months, we're finally releasing the Dispossessor ransomware leaks. They're now available to download.
Please exercise extreme caution. This archive contains ransomware payloads.
vx-underground.org/Archive/Disp...
After a months, we're finally releasing the Dispossessor ransomware leaks. They're now available to download.
Please exercise extreme caution. This archive contains ransomware payloads.
vx-underground.org/Archive/Disp...
Reposted by michel
If you write Python scripts, make yourself a favor and use the Rich library to beautify their output 🐍 🧑💻
GitHub - Textualize/rich: Rich is a Python library for rich text and beautiful formatting in the terminal.
Rich is a Python library for rich text and beautiful formatting in the terminal. - Textualize/rich
github.com
November 21, 2024 at 12:20 PM
If you write Python scripts, make yourself a favor and use the Rich library to beautify their output 🐍 🧑💻
Reposted by michel
In case you missed it...the DEF CON video of my talk 'Splitting the Email Atom' is finally here! 🚀 Watch me demonstrate how to turn an email address into RCE on Joomla, bypass Zero Trust defences, and exploit parser discrepancies for misrouted emails. Don’t miss it:
youtu.be/JERBqoTllaE?...
youtu.be/JERBqoTllaE?...
DEF CON 32 - Splitting the email atom exploiting parsers to bypass access controls - Gareth Heyes
YouTube video by DEFCONConference
youtu.be
November 22, 2024 at 7:27 AM
In case you missed it...the DEF CON video of my talk 'Splitting the Email Atom' is finally here! 🚀 Watch me demonstrate how to turn an email address into RCE on Joomla, bypass Zero Trust defences, and exploit parser discrepancies for misrouted emails. Don’t miss it:
youtu.be/JERBqoTllaE?...
youtu.be/JERBqoTllaE?...
Reposted by michel
Earlier this year, Assetnote's Security Research team discovered a vulnerability in Sitecore XP (CVE-2024-46938) that can lead to pre-authentication RCE.
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
November 22, 2024 at 5:50 AM
Earlier this year, Assetnote's Security Research team discovered a vulnerability in Sitecore XP (CVE-2024-46938) that can lead to pre-authentication RCE.
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...