Completed APTLabs on Hack The Box created by Cube0x0. Thanks a lot for the perfect red team lab. The lab contains extremely brutal attacks yet is highly enjoyable and exciting to learn. #hackthebox #HTB #redteam #Windows #Pentesting #infosec

BokuLoader Cobalt Strike UDRL now supports sleepmask, cleanup, and obfuscate evasion features! In the next months I'll be releasing a blog series diving into UDRL development, current evasions, and advanced evasion features i've yet to release! github.com/xforcered/Boku…

We've just released the first post in the Cobalt Strike reflective loader blog series! 🥷This one took allot of effort and I am excited to share it with you! The better it does, the better i'll make the next ones 😉 securityintelligence.com/posts/defining…

I'm pleased to publish a blog post about the "Introduction to Beacon Object Files" in detail, targeting CobaltStrike. 👉Blog: blog.shashwatshah.me/2023/03/26/Bof… #cybersecurity #redteam #infosec #cobaltstrike

Done with the new lab at Hack The Box created by dmw0ng and TheCyberGeek . The excellent beginner-friendly lab teaches various stuff, would recommend completing it. #hackthebox #HTB #redteam #Windows #Pentesting #infosec

It turns out that gdi32full.dll is vulnerable to "delayed" dll sideloading, which means that virtually any software that uses Windows dialog boxes (of any kind) is vulnerable to this attack. And they are not few. 🧵

🔥 Big update! Nanodump now supports the PPLMedic exploit! meaning you can dump LSASS on an up-to-date system with PPL enabled 😃 github.com/fortra/nanodump

Excited to share that I've officially passed my Certified Red Team Expert exam by Altered Security! Huge thanks to AlteredSecurity for the challenging yet rewarding certification program! credential.net/60af75dc-9557-… #crte #CyberSecurity #AlteredSecurity #redteam #infosec

My very first project created a new C2 (ab)using Zoom API to host the C2 traffic. With a c++ written Implant.🚀 Link to the Github repository: github.com/0xEr3bus/Shado… #redteam #infosec #BugBounty #C2 #cybersecurity

I'm excited to announce that I've earned my Red Team Lead (CRTL) certificate! Thanks to Rasta Mouse and zero For creating a fantastic course and exam. eu.badgr.com/public/asserti… #RedTeamOps #Cybersecurity #redteam #windows

Introducing Shambles🎉The ultimate tool for reverse engineering embedded systems. Unpack, decompile, disassemble, emulate, fuzz, pseudo-code, debug, and more! I've personally discovered 100+ 0-days, weaponizing ~45% in <200h 🔥 Get access today! boschko.ca/shambles/

A new Red Team Lab, Shiva, is coming to Vulnlab next week! This time you get to test a hardened Hybrid-AD environment that involves: - Hybrid-AD with 10+ machines & active users - Cloud exploitation - SIEM, EDR on Clients & Servers - Common enterprise software - No CVEs

I'm happy to announce that I've (finally) started a blog: sashactf.gitbook.io/pwn-notes. Check out the first posts about doing ROP on 2.34+ without "pop rdi", and more will be coming soon™ :)

I have created a project called “RdpStrike.” The goal is to extract clear text creds from mstsc. The aim is to dive into the Positional Independent Code, a blog post by 5pider and the original implementation by Rio. github.com/0xEr3bus/RdpSt… #cybersecurity #redteam #infosec

Need a sanity check on module stomping. I've always thought that it backs the first return address, but the rest of the call stack isn't guaranteed due to our payload making `calls` from the stomped DLL from points of the code which may or may not have a suitable stack size (1/?)

Big brother is watching you 👁️ A new #HTB Seasons Machine is coming up! DarkCorp created by 0xEr3bus will go live on 8 February 2025 at 19:00 UTC. MagicGardens will be retired! ✓ Insane ✓ Windows → Join the competition & start #hacking: okt.to/5DzSPb

Had a lot of fun digging into COM stuff with bohops recently! We ended up finding a way to laterally move without dropping a file. ibm.com/think/news/fil…

As promised... this is Loki Command & Control! 🧙‍♂️🔮🪄 Thanks to Dylan Tran for his work done on the project and everyone else on the team for making this release happen! github.com/boku7/Loki