SharpADWS is an Active Directory Recon and Exploit tool for Red Teams via the ADWS protocol, Inspired by @FalconForceTeam Without the LDAP protocol, it can easily bypass most traffic monitoring for LDAP #BloodHound #redteam #Pentesting #CyberSecurity

RT @decoder_it: M'm glad to release the tool I have been working hard on the last month: #KrbRelayEx A Kerberos relay & forwarder for MiTM…

RT @decoder_it: Relaying DCOM has always intrigued me, so I decided to dive in. Started with a MiTM attack using a fake DNS entry, targetin…

Sleepy🥱

RT @tiraniddo: It seems amazing to me that MS have spent years talking about this feature and have not fixed well known public bypasses. My…

RT @CyberWarship: ''New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication'' #infosec #pentest #redteam #blueteam https://…

RT @MalDevAcademy: New Module 46: Exploiting EDRs For Evasion - Preventing EDR From Taking Action This module demonstrates a logic vulne…

RT @h4wkst3r: NEW release (v1.3) of ADOKit is out NOW which includes 7 new modules from @NicolasHeiniger and myself, among other fixes/impr…

RT @zyn3rgy: [Tool & Blog release] - smbtakeover, a technique to unbind/rebind port 445 without loading a driver, loading a module into LSA…

RT @snovvcrash: Implementing a session manager is a tons of fun… and pain 😅 Have learned so much about CreateProcess and Logon APIs studyin…

RT @EricaZelic: Oldy but goody from one of my favorite researchers, itm4n, about DLL proxying and privilege escalation from implmentations…

RT @CyberWarship: ''CcmPwn: leverages the CcmExec service to remotely hijack user sessions'' #infosec #pentest #redteam #blueteam https://…

RT @stephenfewer: We have a (draft) @metasploit exploit module in the queue for CVE-2024-4577, the new PHP CGI argument injection vuln disc…

An interesting SSRF fix bypass (CVE-2024-4084) in AnythingLLM that I found a few months ago has been made public. #llm #Pentesting #CyberSecurity #BugBounty

RT @decoder_it: As expected, NTLM is now "deprecated." @splinter_code Was wondering what would have happened if we…

RT @decoder_it: Just published a short blog post on abusing the SeRelabelPrivilege ;)

RT @Flangvik: SharpCollection and IronSharpPack

RT @naksyn: One thing I always look for when starting in a network without AD creds is user enumeration with RPC null sessions. impacket S…

RT @tifkin_: ADCS strikes again (sounds a lot like ESC1). Just as a reminder, despite our recommendation of alerting IT administrators of t…

RT @filip_dragovic: So MSRC first say that they cannot reproduce ,now say that no security boundary is crossed. Tested this on few differen…

RT @decoder_it: I created another variant of our so-loved *potato family, the #FakePotato. But have to wait MSRC response before disclosing…