Bang on Iain! As much as the example in the blog post works, getting c2 over any form of filesystem, is the real gem here. Even locally for privesc, get a system shell without worrying about proxies for example. Looking forward to see what folk come up with use case wise.

Was recently tinkering with DPAPI and CREDHIST and managed to find a way to extract hashes for old passwords and recover them in a new module written for hashcat. Blog -> lrqa.com/en/cyber-labs/crack…

This is bad. Putty level bad. notepad-plus-plus.org/news/h…

"OpSec is hard" if you think this and you've only worked on an external team. Just wait until you work for an internal one. 😅

Just released a blog exploring python package management: dtm.uk/badpie/

Really great training sesh with @SinSinology brill workshop. Definitely recommend it and the 4 day training with @watchtowrcyber

Croeso BSides Aberystwyth, bydded i ni fod y cyntaf i'ch croesawu a phob lwc ym mis Tachwedd! bsidesaberystwyth.org/ #Security #BSides #Aberystwyth #BSidesAberystwyth

FileFix - A ClickFix Alternative mrd0x.com/filefix-clickfix-a…

This is my research project in creating read, write and allocate primitives that can be turned into an injection in order to evade certain telemetry which I presented last year in RedTreat. I hope everyone likes it \m/. trickster0.github.io/posts/P…

When your team is reading TI reports for an upcoming exercise and goes "No way, There is no way a proper APT would ever do something as basic as this..." introducing APT herptyderp

This hack is brilliant, APT28 hopping into a target environment over wifi by compromising neighbouring companies and finding a dual-homed host within range. volexity.com/blog/2024/11/22… And yet... they got caught doing this!

Just made an account over on BSky. Come find me :) bsky.app/profile/scriptmonke… Gives off real classic twitter vibes.

Great article with lots of details about attacks that happen irl. We should remember that many orgs don't require MFA from on-prem. Also, service accounts (i.e. entra sync account) won't have MFA. Threat Actors can also use PRTs and Access tokens to access M365/Azure.

Understanding EVERY Token in Entra ID 🔎 Not all tokens are equal. There are many different types with different uses and benefits. In this blog, I break down each token and what they are used for and which tokens are the most "valuable" for an attacker to obtain. Full blog here👇👇 @XintraOrg xintra.org/blog/tokens-in-en…

The typical right-wing nutter... In response to JSO: "Protesting shouldn't inconvenience the public! This is illegal! People should run them over! They hurt our emergency services!" In response to #UKRiots: "i'm gonna nick some crocs, punch a copper and set fire to a shop"

Teaching the Old .NET Remoting New Exploitation Tricks – read how @mwulftange developed novel techniques to exploit Apache log4net's hardened .NET Remoting service: code-white.com/blog/teaching…

📢 New blog post out! 💡 I've been working on this blog for quite some time and I am honored and very happy I was given the opportunity from @alexverboon and @castello_johnny to present this in today's @KqlCafe. ➡️ Windows Linux Subsystem (WSL) by itself is a blind spot within endpoints and can be used to elevate access, build persistence even -as seen in the wild- be used straight from CnC mechanisms and threat actors. The WSL plug-in for Defender for Endpoint sheds light on this blind spot and allows building a monitoring capacity which combined with the rest of Defender XDR and Sentinel ecosystem can further fortify this attack path. 🔗 michalos.net/2024/06/25/keep… 🔗 Accompanied KQL Queries can be found here: github.com/cyb3rmik3/KQL-thr… 🔗 Keep an eye at KQL Cafe and register for future sessions: kqlcafe.github.io/website/ #Microsoft #MicrosoftSecurity #MicrosoftDefender #DefenderXDR #MicrosoftSentinel #KQL #KustoQuery #KustoQueryLanguage #ThreatHunting #DetectionEngineering #KQLCafe

Another year, another @Steel_Con. Once again proving why its one of my favourite cons to go to. Great time seeing old friends, meeting new ones and catching great talks including one on norse mythology and threat modelling 😁 also my arm now belongs to a sponsor 😅

CTF details. Link below for our awesome Ctf brought to you by our partners @hackrocks_ and @hacktoria. 6 awesome challenges that give you the APIs for our arena, wanna fire our flipper ??? Get registered and crack our awesome challenges @BSidesBSK infosecbattlebots.hackrocks.…

I've made some long awaited updates to SQLRecon! Here's a couple of videos highlighting some of the big additions. Tool: github.com/xforcered/SQLReco… Check out this thread ⬇️

Teams needs a "don't notify on @everyone or @<channel name>" like discord. Stat. This is worse than "reply all".