weiss
@w-e-i-s-s.bsky.social
Red Teamer || Pentester || CTF Player
Reposted by weiss
Kids these days don't even know how much opportunity they have to learn hacking from actual pros.
I know there is a lot of content out there, so it can be hard to find the good stuff. But 10 years ago you had to be lucky to find at least something.
Anyway, watch this 👇
I know there is a lot of content out there, so it can be hard to find the good stuff. But 10 years ago you had to be lucky to find at least something.
Anyway, watch this 👇
My videos for Flare-On 2024 are live! Watch me reverse engineer all the challenges from start to end. 🎉🥳
+ Commentary video featuring SuperFashi, where we review the chals together.
* 45 hours of content
* 400+ GB of raw footage
Merry Christmas! Link: www.youtube.com/watch?v=vwW9...
+ Commentary video featuring SuperFashi, where we review the chals together.
* 45 hours of content
* 400+ GB of raw footage
Merry Christmas! Link: www.youtube.com/watch?v=vwW9...
Flare-On 2024 Solutions and Commentary
YouTube video by BasteG0d69
www.youtube.com
December 31, 2024 at 10:10 AM
Kids these days don't even know how much opportunity they have to learn hacking from actual pros.
I know there is a lot of content out there, so it can be hard to find the good stuff. But 10 years ago you had to be lucky to find at least something.
Anyway, watch this 👇
I know there is a lot of content out there, so it can be hard to find the good stuff. But 10 years ago you had to be lucky to find at least something.
Anyway, watch this 👇
Reposted by weiss
Two new modules for MSSQL on NXC, thanks to the contributions of @lodos2005.bsky.social and @adamkadaban.bsky.social 🔥
- rid-brute from mssql
- mssql_coerce from mssql
github.com/Pennyw0rth/N...
- rid-brute from mssql
- mssql_coerce from mssql
github.com/Pennyw0rth/N...
December 17, 2024 at 8:32 AM
Two new modules for MSSQL on NXC, thanks to the contributions of @lodos2005.bsky.social and @adamkadaban.bsky.social 🔥
- rid-brute from mssql
- mssql_coerce from mssql
github.com/Pennyw0rth/N...
- rid-brute from mssql
- mssql_coerce from mssql
github.com/Pennyw0rth/N...
Reposted by weiss
The @trustedsec.com BoF dev class is up learn.trustedsec.com/catalog
December 4, 2024 at 10:47 PM
The @trustedsec.com BoF dev class is up learn.trustedsec.com/catalog
Reposted by weiss
KrbRelayEx - a tool designed for performing Man-in-the-Middle (MitM) attacks by relaying Kerberos AP-REQ tickets. It listens for incoming SMB connections and forwards the AP-REQ to the target host, enabling access to SMB shares or HTTP ADCS endpoints on behalf of the targeted identity.
GitHub - decoder-it/KrbRelayEx
Contribute to decoder-it/KrbRelayEx development by creating an account on GitHub.
github.com
November 25, 2024 at 5:31 PM
KrbRelayEx - a tool designed for performing Man-in-the-Middle (MitM) attacks by relaying Kerberos AP-REQ tickets. It listens for incoming SMB connections and forwards the AP-REQ to the target host, enabling access to SMB shares or HTTP ADCS endpoints on behalf of the targeted identity.
Reposted by weiss
Chris just published a small collection of utility scripts that he uses when developing some of our code into the shelf repo.
github.com/trustedsec/T...
github.com/trustedsec/T...
The_Shelf/POC/utility_scripts at main · trustedsec/The_Shelf
Retired TrustedSec Capabilities. Contribute to trustedsec/The_Shelf development by creating an account on GitHub.
github.com
November 25, 2024 at 7:37 PM
Chris just published a small collection of utility scripts that he uses when developing some of our code into the shelf repo.
github.com/trustedsec/T...
github.com/trustedsec/T...
Reposted by weiss
[BLOG]
This post summarises how to tie Cobalt Strike's UDRL, SleepMask, and BeaconGate together for your syscall and call stack spoofing needs.
rastamouse.me/udrl-sleepma...
This post summarises how to tie Cobalt Strike's UDRL, SleepMask, and BeaconGate together for your syscall and call stack spoofing needs.
rastamouse.me/udrl-sleepma...
UDRL, SleepMask, and BeaconGate
I've been looking into Cobalt Strike's UDRL, SleepMask, and BeaconGate features over the last couple of days. It took me some time to understand the relationship between these capabilities, so the aim...
rastamouse.me
November 30, 2024 at 2:05 AM
[BLOG]
This post summarises how to tie Cobalt Strike's UDRL, SleepMask, and BeaconGate together for your syscall and call stack spoofing needs.
rastamouse.me/udrl-sleepma...
This post summarises how to tie Cobalt Strike's UDRL, SleepMask, and BeaconGate together for your syscall and call stack spoofing needs.
rastamouse.me/udrl-sleepma...
Reposted by weiss
Good lineup of books! www.humblebundle.com/books/hackin...
Humble Tech Book Bundle: Hacking 2024 by No Starch
Level up your hacking and skills with this tech bundle from No Starch. Learn to protect yourself and others! Pay what you want & support charity!
www.humblebundle.com
December 2, 2024 at 8:58 PM
Good lineup of books! www.humblebundle.com/books/hackin...
Reposted by weiss
Awesome new addition to krbrelayx by Hugow from Synacktiv: www.synacktiv.com/publications...
Relaying Kerberos over SMB using krbrelayx
www.synacktiv.com
November 20, 2024 at 4:02 PM
Awesome new addition to krbrelayx by Hugow from Synacktiv: www.synacktiv.com/publications...
Reposted by weiss
TrustedSec Tech Brief
00:30 - NTLM Hash Disclosure Zero-Day
01:45 - Task Scheduler Vulnerability
02:30 - Exchange Server Issues
03:15 - AD Certificate Services Flaw
04:00 - Vulnerability Breakdown
04:45 - Palo Alto Zero-Day
05:30 - FortiGate VPN Update
www.youtube.com/watch?v=3mSD...
00:30 - NTLM Hash Disclosure Zero-Day
01:45 - Task Scheduler Vulnerability
02:30 - Exchange Server Issues
03:15 - AD Certificate Services Flaw
04:00 - Vulnerability Breakdown
04:45 - Palo Alto Zero-Day
05:30 - FortiGate VPN Update
www.youtube.com/watch?v=3mSD...
TrustedSec Tech Brief - November 2024
YouTube video by TrustedSec
www.youtube.com
November 19, 2024 at 4:32 PM
TrustedSec Tech Brief
00:30 - NTLM Hash Disclosure Zero-Day
01:45 - Task Scheduler Vulnerability
02:30 - Exchange Server Issues
03:15 - AD Certificate Services Flaw
04:00 - Vulnerability Breakdown
04:45 - Palo Alto Zero-Day
05:30 - FortiGate VPN Update
www.youtube.com/watch?v=3mSD...
00:30 - NTLM Hash Disclosure Zero-Day
01:45 - Task Scheduler Vulnerability
02:30 - Exchange Server Issues
03:15 - AD Certificate Services Flaw
04:00 - Vulnerability Breakdown
04:45 - Palo Alto Zero-Day
05:30 - FortiGate VPN Update
www.youtube.com/watch?v=3mSD...
Reposted by weiss
If you want to learn more, I highly recommend the white paper from @SecuraBV: www.secura.com/uploads/whit...
And the original implementation they did at: github.com/SecuraBV/Tim...
3/3🧵
And the original implementation they did at: github.com/SecuraBV/Tim...
3/3🧵
www.secura.com
December 1, 2024 at 4:16 PM
If you want to learn more, I highly recommend the white paper from @SecuraBV: www.secura.com/uploads/whit...
And the original implementation they did at: github.com/SecuraBV/Tim...
3/3🧵
And the original implementation they did at: github.com/SecuraBV/Tim...
3/3🧵
Reposted by weiss
NetExec has a new Module: Timeroast🔥
In AD environments, the DC hashes NTP responses with the computer account NT hash. That means that you can request and brute force all computer accounts in a domain from an UNAUTHENTICATED perspective!
Implemented by Disgame
1/3🧵
In AD environments, the DC hashes NTP responses with the computer account NT hash. That means that you can request and brute force all computer accounts in a domain from an UNAUTHENTICATED perspective!
Implemented by Disgame
1/3🧵
December 1, 2024 at 4:16 PM
NetExec has a new Module: Timeroast🔥
In AD environments, the DC hashes NTP responses with the computer account NT hash. That means that you can request and brute force all computer accounts in a domain from an UNAUTHENTICATED perspective!
Implemented by Disgame
1/3🧵
In AD environments, the DC hashes NTP responses with the computer account NT hash. That means that you can request and brute force all computer accounts in a domain from an UNAUTHENTICATED perspective!
Implemented by Disgame
1/3🧵
Reposted by weiss
Reversing C++ structures can be tricky. Binary Ninja makes it easier. I wrote up a walkthrough to clean up those pesky vtables. @binary.ninja
www.seandeaton.com/gotta-re-em-...
#binaryninja #reverseengineering #ghidra #ida
www.seandeaton.com/gotta-re-em-...
#binaryninja #reverseengineering #ghidra #ida
Gotta RE 'em All: Reversing C++ Virtual Function Tables with Binary Ninja
C++ can be frustrating to reverse engineer. Explore how to reverse engineer those with Binary Ninja.
www.seandeaton.com
November 27, 2024 at 1:48 PM
Reversing C++ structures can be tricky. Binary Ninja makes it easier. I wrote up a walkthrough to clean up those pesky vtables. @binary.ninja
www.seandeaton.com/gotta-re-em-...
#binaryninja #reverseengineering #ghidra #ida
www.seandeaton.com/gotta-re-em-...
#binaryninja #reverseengineering #ghidra #ida
Reposted by weiss
Reposted by weiss
Reposted by weiss
Great training materials available here:
github.com/mthcht/aweso...
github.com/mthcht/aweso...
November 18, 2024 at 9:45 PM
Great training materials available here:
github.com/mthcht/aweso...
github.com/mthcht/aweso...
Reposted by weiss
@dfirdiva.bsky.social's tools for finding these amazing resources and more: training.dfirdiva.com/listing-cate...
Can only rec books I've read
1. Blue Team Handbook (IR edition & the v.1.02) - Both are no b.s., great to keep in reach
2. Practical Packet Analysis
Stand up SecurityOnion VM in a lab!
Can only rec books I've read
1. Blue Team Handbook (IR edition & the v.1.02) - Both are no b.s., great to keep in reach
2. Practical Packet Analysis
Stand up SecurityOnion VM in a lab!
DFIR, OSINT, & Blue Team CTFs, Labs, and Challenges
Digital Forensics, Log Analysis, PCAP Analysis, OSINT, Malware Analysis, SIEM, Splunk, Wireshark and more
training.dfirdiva.com
November 19, 2024 at 7:38 PM
@dfirdiva.bsky.social's tools for finding these amazing resources and more: training.dfirdiva.com/listing-cate...
Can only rec books I've read
1. Blue Team Handbook (IR edition & the v.1.02) - Both are no b.s., great to keep in reach
2. Practical Packet Analysis
Stand up SecurityOnion VM in a lab!
Can only rec books I've read
1. Blue Team Handbook (IR edition & the v.1.02) - Both are no b.s., great to keep in reach
2. Practical Packet Analysis
Stand up SecurityOnion VM in a lab!
Reposted by weiss
I wrote some notes about public IOCs in Impacket from awesome research that other people did
November 24, 2024 at 1:07 PM
I wrote some notes about public IOCs in Impacket from awesome research that other people did