Loki C2 by @0xBoku and @d_tranman script-jacks vulnerable Electron apps to backdoor and hollow them without invalidating their code signing signature. VS Code. Cursor. Discord. GitHub Desktop. Docker Desktop. The list keeps growing. MITRE ATT&CK T1218.015 | Azure Blob C2 | BOF/shellcode/assembly exec github.com/boku7/Loki #RedTeam #RedTeamTips #OffSec #OffensiveSecurity #Evasion #WDAC #AppControl #PenTest #PenTesting #Malware #ThreatIntel #MITREATTACK #CyberSecurity #InfoSec #Hacking

Just ran net.exe on a DC as system to add a user to Domain Admins #Redteam #redteamtips #hackerman

Every PC in AD has its own login — yep, machine accounts are a thing. They end with a $ 👀 Like: DC01$ #RedTeamTips #WindowsDomain #TryHackMe

Responder not working? LLMNR/NBNS enabled in the environment? Check for ADIDNS wildcard records preventing the fallback to older protocols. #redteam #redteamtips

If DNS records still point to expired domains, attackers can hijack them for phishing or malware. Pen tests help spot these gaps before someone else does. Clean up your DNS regularly. clone-systems.com/automated-… #CyberSecurity #RedTeamTips #ThreatPrevention #InfoSec #clonesystems

Unlock forbidden Windows knowledge! 🤫💻 Find the PEB through truly undetected means and pop calculator 💥 The non-golf form will be available below 👇 #redteamtips #windowsinternals #rust

Where's the #redteamtips

Haha came here to say the same thing #redteamtips 😅😂

#RedTeamTips Only €750 if you want a list of company names that run Crowdstrike

#redteamtips Know if your target is using Crowdstrike by simply buying a 'Crowdstrike Users Lead list' from one of those direct marketing companies

Thanks for the #redteamtips

🚨💻 Tired of C being "old-fashioned"? Spice it up with anonymous functions using this λ-macro hack! Say hello to cleaner, smarter code in pure C! 🎯 #redteamtips #security #redteam 👀👇

🚨 Trying to find the NTDLL base? 🔥 EDRs ♿ hate this ONE WEIRD TRICK! LEARN HOW YOU 🫵 CAN TOO! #shocking #redteamtips #security #redteam

Since this is #redteamtips, you'll have issues on certain EDRs like S1 that insert a fake ntdll entry in that slot.

#RedTeamTips do your intel and check which orgs are running Crowdstrike

🚨 Loading into a WOW64 process ⁉️ 💥 Try this nice trick to reliably get 👏 ntdll.dll 👏 #redteamtips #security #redteam

#redteam #redteamtips #security

phah, just pick the second entry in the InLoadOrderModuleList #redteam #security #redteamtips #yolo

great tip! HeapGate write-up coming soon? 🚨 #redteamtips #unethicalhacking #jamesbond