I can't believe it. My official Microsoft Store Windows 10 Pro key wouldn't activate. Support couldn't help me yesterday. Today it was elevated. Official Microsoft support (not a scam) logged in with Quick Assist and ran a command to activate windows. BRO IT'S A CRACK NO CAP

Just learned about the Open Source Security Index, tracking the most popular and fastest growing open source security projects on GitHub. opensourcesecurityindex.io ⚛️ Great to see Atomic Red Team hovering near the top, and in some predictably great company (@sigma_hq at #5).

Does it count as #LOLBin ? 🤔

"SID filter as security boundary between domains? (Part 1) - Kerberos authentication explained" #infosec #pentest #redteam improsec.com/tech-blog/o83i7… "SID filter as security boundary between domains? (Part 2) – Known AD attacks - from child to parent" improsec.com/tech-blog/sid-f…

Thanks to those that have reached out to add C2s to #C2Matrix - RedditC2 from @kleiton0x7e @t4tch3r_: github.com/kleiton0x00/Reddi… - RedbloodC2: github.com/kira2040k/Redbloo… Remember anyone can contribute: howto.thec2matrix.com/contri… Golden source is Google Sheet: docs.google.com/spreadsheets…

I created a C2 by abusing the Reddit API to host the C2 traffic. As I'm posting this, the C2 totally undetectable since it's a custom implant. Link to the Github Repository: github.com/kleiton0x00/Reddi… #redteam #cybersecurity #infosec #BugBounty #c2

We have published a paper: "About malware writing and how to start" This paper exists to address the questions we frequently encounter. It is an opinionated piece on malware development, the path to success, and some personal anecdotes Check it out here: papers.vx-underground.org/pa…

Our ninjas @yaumn_ and @mickaelweb recently assessed Microsoft Defender for Identity detection capabilities. In their recent blogpost, they describe the product's architecture, present some bypasses and give general Red Team advices. synacktiv.com/publications/a…

You guys must be waiting for this, So this is the working PoC script of the Exchange 0day exploited ITW github.com/testanull/ProxyNo…

Fetch Defender exclusions from Intune managed devices as non-admin user: Export management log files Extract cab file Review MDMDiagHtmlReport.html Search for "Excluded Processes" and "Excluded Paths" Cherio #pentest #redteam #tipswednesday #thankmelater

Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol github.com/reveng007/SharpGm…

⚙️ Awesome Tunneling - A handy list of ngrok alternatives & tunneling software/services, with a focus on self-hosted ones. github.com/anderspitman/awes… #InfoSec #CyberSecurity #Pentesting #Hacking #Linux

Did you know the file /etc/sudoers.d/README is not just documentation, but a handy place to hide valid sudo user entries?