Una decisione che lascia senza parole. Ascoltate bene cosa è successo

Ancora truffe sul Superbonus, ancora soldi sottratti agli italiani. È l’eredità delle trovate elettorali di Conte che la Nazione continua a pagare a caro prezzo.

GIUDA betrayed again, how to get a new and fresh TGT (or a TGS - if you settle for little) on behalf of another logged user on a Windows machine. How it works: lnkd.in/dYDxq5nx #redteam #giuda #kerberos thx to MzHmO@github

🔴 condividete, per favore

Have you tried compiling C sources with Embarcadero C compiler instead of using common compilers? OpenProcessToken DuplicateTokenEx CreateProcessWithTokenW virustotal analysis: the first compiled with Visualstudio and the second with Borland C #redteam

The best C2? Microsoft Azure ARC Automation Account Hybrid Runbook Worker. Undetectable and signed #redteam #c2

AD: Local Admin to Domain Admin It doesn't matter if you don't see active sessions, always look in the Kerberos cache. query session VS klist sessions Don't attempt an LSASS DUMP, move on! GIUDA 2023090500 Now FUD again github.com/foxlox/GIUDA #redteam #adprivesc #kerberos #lsass

Good job! #redteam #hacker

Are you tired of failing to create DNS Entry for DavRelay? LPE with: ssh -R addcomputer.py Proxychains Proxylite PetitPotam rbcd_relay no AV/EDR detection, only SIEM (if) checks on LDAP changes #redteam #LPE #DAVRelay #FUD

As mentioned yesterday, the Task Manager Secret can be transformed into an automated UAC bypass through some UI hacks. Source code at --> gist.github.com/antonioCoco/… DISCLAIMER : - This is not a new UAC bypass and the UIAccess token stealing has been known since 2019. Discovered by James Forshaw and implemented also in UACMe method 55 - The code has been tested only on Win10, it might not work with the Win11 task manager - UAC bypasses relying on UI automation like this are unreliable, there are many known UAC bypasses better and more stable than this. Little demo below 👇

I just got fired from my job today without warning. 😬 Really crazy. Anyway... If anyone is looking for a pentester, red teamer, or likes my public work, please don't hesitate to reach out. Thanks in advance everyone. 😔

An upgraded C port, neat 👀 github.com/MzHmO/TGSThief

#amazing #LSASS dump fully undetected #redteam

AD Privesc Kerberos TGS and SeTcbPrivilege If you have SeTcbPrivilege, you can ask TGS on behalf of ALL logged users on your machine WITHOUT Password ...and if there is a Domain Admin logged? Zero detection by EDR/AV github.com/foxlox/GIUDA.git #redteam #SeTcbPrivilege

From Local Admin to Domain Admin If you're a local admin and want to duplicate someone's Token and run a command for them, write everything in Delphi. I've tested the code with most of the AV/EDRs. Please give me feedback. github.com/foxlox/hypobrychi… #redteam #DuplicateTokenEx

URGENTE - Si chiede la condivisione. Grazie

URGENTE [11.06-02:40] in corso ricerche di MINORE #SCOMPARSA (5 anni) Via Claudio Monteverdi #Novoli #Cascine #Firenze Intorno alle 13:00 del 10.06.22 Chi avesse informazioni informi le Forze dell’Ordine Informazioni e aggiornamenti: goo.gl/tKHsXK

Working on autoupdate an app written in .net running under low privilege model (applicationpool). Problem: -not allowed to overwrite running files -not allowed to stop IIS (net stop) or other cmd (appcmd) Solution: -rename existing files -force a reload by !!editing web.config!!