New Qualys blog is, once again, excellent: cdn2.qualys.com/advisory/202…

Does anyone know if the following #Microsoft #mitigation has been released - techcommunity.microsoft.com/…? I see the registry hive, but does not do anything against POCs on my Windows 11.

💥 ANNOUNCEMENT: Opik v1.2 is released! 💥 Opik is an open source LLM evaluation framework for: 🔥 Implementing LLM-based metrics 🪲 Logging/debugging LLM traces 💯 Scoring, annotating, and versioning LLM data And so much more. Check out the repo below.

Today we are releasing our FREE educational course: "Intro to Exploit Dev"! This course is perfect for those trying to start exploit dev and covers: - Tooling - Fuzzing - Exploitation techniques - And more! You can take the course here: bible.malcore.io/readme/the-…

🎯 Introducing AD-ThreatHunting: ⚡ Supercharge Your AD Threat Hunting! 🛡️ Just Released: A comprehensive Active Directory PowerShell threat hunting tool that makes detecting suspicious activities easier than ever! ✨ Key Features: • Real-time attack detection • Advanced timing analysis • Pattern recognition • Multi-format reporting (CSV/JSON/HTML) • Built-in attack simulation 🔍 Detects: • Password spray attacks • Brute force attempts • Account lockouts • Off-hours activity • Geographically impossible logins • Service account misuse • Admin account abuse ⚡ Smart Analysis: • Time-based attack correlation • Activity pattern matching • User behavior analysis • Configurable business hours • Customizable thresholds 🧪 Includes Test Framework: • Simulate various attack scenarios • Validate detection capabilities • Test environment readiness • Verify audit policies 🚀 Get started: github.com/MHaggis/PowerShel… Made with ❤️ by defenders for defenders Hunt smarter, hunt harder #ActiveDirectory #InfoSec #BlueTeam #ThreatHunting #CyberSecurity

Fake exploits for the BeyondTrust Remote Support CVE are surfacing - github.com/cloudefence/CVE-2…

hfiref0x has rewritten the formerly industry-wide and old-school tool Dependency Walker, making it capable of running on Win11 and enhancing it with other useful features. It is designed to build a tree diagram of all an executable's dependent modules. github.com/hfiref0x/WinDepen…

Do you know the Azure IP Ranges site by @derdanu ? It's a great tool to filter IP ranges by service and even download them in different formats. azureipranges.azurewebsites.…

M'm glad to release the tool I have been working hard on the last month: #KrbRelayEx A Kerberos relay & forwarder for MiTM attacks! >Relays Kerberos AP-REQ tickets >Manages multiple SMB consoles >Works on Win& Linux with .NET 8.0 >... GitHub: github.com/decoder-it/KrbRel…

Excited to share a tool I've been working on - ShadowHound. ShadowHound is a PowerShell alternative to SharpHound for Active Directory enumeration, using native PowerShell or ADModule (ADWS). As a bonus I also talk about some MDI detections and how to avoid them

As promised, I just dropped a dozen new sandbox escape vulnerabilities at #POC2024 If you missed the talk, here is the blog post: jhftss.github.io/A-New-Era-o… Slides: github.com/jhftss/jhftss.git… Enjoy and find your own bugs 😎

A Happy Halloween from the MITRE ATT&CK team with a special treat: ATT&CK v16.0, including new spooky behaviors and ghoulish groups, as well as revisions and contributions, to satisfy your every #infosec need! Check out @supremrobertson’s release blog at medium.com/mitre-attack/atta…

Introducing DOMHash. DOMHash is a completely self sustainable fuzzy hashing algorithm to compare DOM content from websites. It provides a similarity score in order to determine how similar two sites are to one another and is completely FREE and opensource. Thread👇

Virtual registration is open for ATT&CKcon 5.0! While we'd love to see you in person in McLean, VA October 22-23 (and still have a few tickets left at na.eventscloud.com/website/7…), you can catch talks online for free by registering at mitre.brandlive.com/ATTACKCo…

🚀 The Fuzzing Educational Course is now publicly available! This comprehensive course covers techniques and tools for fuzzing in various languages such as Python, Go, Rust, Java, and Web. github.com/raminfp/the-art-o… #Fuzzing #SoftwareSecurity #Education

0-Click exploit discovered in MediaTek Wi-Fi chipsets affects routers and smartphones (CVE-2024-20017). Published PoC can be tested even from a smartphone Technical details: blog.coffinsec.com/0day/2024… PoC: github.com/mellow-hype/cve-2… by @hyprdude

#PingCastle 3.3 released !!! pingcastle.com/download/ Active Directory & AzureAD security health check in seconds >200k AD audited, management readable, no install, no admin, no data sent "to a cloud" Example of report: pingcastle.com/PingCastleFil… github: github.com/netwrix/pingcastl…

ChromeKatz: Dump cookies and credentials directly from Chrome/Edge process memory github.com/Meckazin/ChromeKa…

We are doing a giveaway for our Empire Ops: Tactics (Lazarus) course next week on Sep 11! Simply retweet this to enter, and we will announce the winner tomorrow at 1 PM EST. Come learn about ransomware simulation and threat emulation.

Empire v5.11.4 was just released with updates and bug fixes! - Updated Rubeus to v2.3.2 - Added nameserver check for linux hosts - Fixed Rubeus only using first arg - Fixed Rubeus killing agent when using System.Environment.Exit - And more