RT @ShitSecure: Tired of using ts::multirdp, because Mimikatz is a nogo nowadays and get's flagged anyway most of the time? 🧐 Well, here i…

Current mood: patch out the Costura.Fody temp directory name IoC via dnSpy just to avoid recompiling the whole Costura project - it’s impossible lol 😂

RT @hacker_ralf: This is C2 I decided to write publicly. If you are interested, I hope for feedback) I am fixing version 0.1 ... https://…

RT @ptswarm: 🎮 Xbox 360 security in details: the long way to RGH3. Read the exclusive story about the chipless and reliable Xbox 360 moddin…

That was not a straight forward one to port to cross-compilation & PIC format as well as deal with some module stomping injection pitfalls, but this @passthehashbrwn’s trick is cool as hell 🔥 Definitely NOT yet another byte patch 😅

RT @passthehashbrwn: New blog from me on using CLR customizations to improve the OPSEC of your .NET execution harness. This includes a nove…

@aniqfakhrul Man, I was thinking of it since I first saw your LDAP browser. Great job!

RT @orange_8361: The detailed version of our #WorstFit attack is available now! 🔥 Check it out! 👉 cc: @_splitline_

@k3nundrum Cool! Or just do `bhcli queries` 😉

@Dinosn Okay, I won’t read further 🤣

RT @ptswarm: 🇻🇳 The Positive Hack Talks in Vietnam has finished! Slides from our researcher @_mohemiv: Wordlist: h…

RT @eliran_nissan: I am excited to share with you my latest research - "DCOM Upload & Execute" An advanced lateral movement technique to up…

@unsigned_sh0rt @synzack21 I’ve also thought about it, but I don’t think we can build such a generic wordlist that will be applicable in different networks. But if we talk about a particular network then yes, sometimes it’s enough to get a single hostname and then iterate over the predictable part of it 👍🏻

@al3x_n3ff @stratosberry @Disgame_ Fun fact, by the way, that we don’t actually need to implement any new modules - md5($pass, $salt) is already there 😅

@techspence Even when it’s not DNS, it’s DNS that cannot be resolved through proxychains 😔

@stratosberry @al3x_n3ff @Disgame_ Not possible, unfortunately. Cannot be pre-computed because of the salt :(

RT @ptswarm: 🎤✨ Our security researcher, Konstantin Polishin, presented “Red Team Social Engineering 2024: Initial Access TTP and Project E…

RT @_JohnHammond: Supply chain malware from an infected game mod 🤯😱 Long-form reverse engineering and a WILD ride: Binary Ninja, x64dbg, 01…