In Germany, everyone uses `ßh` instead of `ssh`.

Getting a lot of responses on my Tor/VPN/Anonymity comments. I'll just explain my reasoning and background in a quick vid vs. responding to all the doubters and haters. Believe what you want, but being anonymous on the Internet is very hard.

Anyone who tests AI on their area of expertise rapidly realizes that AI is an idiot. Unfortunately, it is becoming clear to me that many humans do not have an area of expertise.

Vids from @radareorg con are up Chameleon, polymorphic shell engine | gum3t youtu.be/qQpk0XpQkGw via @YouTube github.com/gum3t/chameleon

A couple viable alternatives to AWS API Gateway detailed here github.com/ZephrFish/OmniPro… and github.com/synacktiv/IPSpinn…

dear diary, it’s been 12 hours since aws-us-east-1 vanished into the void half the internet apparently shares one data center lease and none of their computers are answering calls iʼm starting to think the that cloud was just someone else’s basement all along

Service triggers can be a pentester’s secret weapon, letting low-priv users quietly fire up powerful services. In our new blog, @freefirex2 breaks down the types of service triggers that exist and how they can be activated with little to no code required. trustedsec.com/blog/theres-m…

Are you in charge of writing Cybersecurity incident reports and need to spice up the language so the report isn’t so boring?? Try this, instead of saying we suffered a breach due to the compromise of a 3rd party: > we got fucked in the aaS Follow me for more pro writing tips

They took this from us, now things are dumber and harder to use? Why? We need to go back to Windows 2000.

Pretty solid offensive #Linux combo: ptrace-inject for proc injection Sneaky_remap for hiding from /proc/pid/maps TLS callback shared object for encrypted reverse shell with silly process masquerading as "ps aux". I am just connecting the dots, huge thanks to Artemis21 and @magisterquis github.com/magisterquis/snea… / gist.github.com/cr0nx/d444e9… / github.com/Artemis21/ptrace-… It would be awesome to have similar injector capability available as BOF in bof-launcher or any other C2 framework supported on Linux github.com/The-Z-Labs/bof-la… LET'S GO!

I've made a few intentionally ambiguous posts about Terraria because I was trying to get nerds who do stuff with it to give a fuck. Turns out they don't give a fuck in any capacity whatsoever so I'll just go full disclosure. When someone brought it to tModloaders attention they said it isn't a big deal. Okie dokie In Terraria there is a mod called tModloader. It is available for download on Steam. If someone hosts a game and has tModloader installed, and the person joining (the client) has tModloader installed, the client will arbitrarily download the mods used by the game host. Very cool However, if the game host has malicious mods installed then the client who joins the host will arbitrarily execute the malicious mod with no prompting. The malware payload will run in the context of tModloader. This has been used on and off since roughly 2016. There are dozens of posts about it on places like Reddit, Discord, and Steam. Some nerds have considered making a "tModloader sandbox" to prevent mods from being able to access components outside scope of Terraria. Unfortunately, nothing has been done to prevent this and/or encapsulate mods. Obviously there is no "signing" mechanism for mods. The host being able to execute mods on the client. Hence, it is not a vulnerability. It is a feature which is being abused. This technique has been used most recently for cryptodraining malware campaigns (akin to spear phishing). It has been used historically to deploy RATs and information stealing malware. The technique requires some social engineering to convince someone to join the host, however that is not particularly difficult. I have a working proof-of-concept. It isn't hard at all. It's shockingly easy. Thanks for coming to my TED Talk. Thank you Telegram nerds for giving me code, proof-of-concepts, and explanation on how it works. I initially discussed it on Telegram and dozens of nerds came forward to share their insights, opinions, and code.

Happy radare2 6.0.4 release day infosec.exchange/@radareorg/…

You got access to vsphere and want to compromise the Windows hosts running on that ESX? 💡 1) Create a clone into a new template of the target VM 2) Download the VMDK file of the template from the storage 3) Parse it with Volumiser, extract SAM/SYSTEM/SECURITY (1/3)

The new Proxmark3 release "Phrack" (v4.20728) is out, a nod to the legendary security journal that has published so much foundational RFID research over the decades. A fitting name for this tool. tinyurl.com/4249mszy #Proxmark3 #RFID #Phrack #InfoSec

At long last - Phrack 72 has been released online for your reading pleasure! Check it out: phrack.org/

Cool trick I learned from @0gtweet today: you can look up windows error codes, even in the -DEC form instead of hex, via certutil 🤯 Dont know if this was common knowledge but I used to convert it to hex and google it everytime

Issue #4 is out – enjoy! pagedout.institute/?page=iss… Please RT and tell your friends :)

I have been telling people and companies for years that APTs have been targeting employee's home networks and routers - I have seen attacks on various home devices multiple times. I am glad that we have officially documented this behavior for APT31 therecord.media/chinese-hack…

The Hitag2 research and findings has existed since 2011. The GPU versions came out 2018-ish, the improved one 2021. Proxmark3 has been able to perform it since 2011. It’s nothing new. It is me who finally got around to perform all different steps , fixing and finding out , in the process. From modifying an antenna, getting the GPU to work in WSL , to collect the samples and adapt why they didn’t work, and finally getting the key to be able to read my car keyfob. And getting to look at the memory stored. The fun message seems by a fluke. Now I can look at the prng values and different keys from different systems. And see how they differ. I can finally replicate the old research papers. Maybe with this I can reuse old keys to become EM4100 to use for opening doors :) There is no new sause or findings. Iceman out.

A list of some great sites lolbas-project.github.io loldrivers.io gtfobins.github.io lots-project.com filesec.io malapi.io hijacklibs.net wadcoms.github.io persistence-info.github.io unprotect.it