NULLKrypt3rs (@nullkrypt3rs) 's Twitter Profile
NULLKrypt3rs

@nullkrypt3rs

CTF Team || IIIT-Allahabad

ID: 1061904393841213442

linkhttps://ctftime.org/team/45761 calendar_today12-11-2018 08:51:51

34 Tweet

94 Followers

137 Following

Hack In The North (@hintiiita) 's Twitter Profile Photo

Hola folks, With Hacka-demic in close sight, we are glad to announce the prizes and goodies awaiting the winners. Hoping the poll has added flavors to your curiosity on the possible themes, we are more than excited to witness your take on our themes. (1/2)

Hola folks,
With Hacka-demic in close sight, we are glad to announce the prizes and goodies awaiting the winners.
Hoping the poll has added flavors to your curiosity on the possible themes, we are more than excited to witness your take on our themes.
(1/2)
NULLKrypt3rs (@nullkrypt3rs) 's Twitter Profile Photo

15+ hrs into the CTF and we are seeing some intense competition here :P If you havent registered yet shoot here: boot2root2020.tech #boot2r00tctf2020

15+ hrs into the CTF and we are seeing some intense competition here :P
If you havent registered yet shoot here: boot2root2020.tech
#boot2r00tctf2020
NULLKrypt3rs (@nullkrypt3rs) 's Twitter Profile Photo

b00t2root CTF ended! Hearty congratulations to team @ByteForc3, @Zh3r00 and 0x90 r00t for bagging the top three positions! We would also like to thank our esteemed sponsors OffSec Vector 35 for sponsoring the prizes. Adieu guys! See you all next year :)

b00t2root CTF ended! Hearty congratulations to team @ByteForc3, @Zh3r00 and <a href="/0x90r00t/">0x90 r00t</a> for bagging the top three positions! We would also like to thank our esteemed sponsors <a href="/offsectraining/">OffSec</a> <a href="/vector35/">Vector 35</a> for sponsoring the prizes. Adieu guys! See you all next year :)
Bad Sector Labs (@badsectorlabs) 's Twitter Profile Photo

Containerd breakout PoC (jtd), the "glue" principle (LuemmelSec), lockscreen bypass (Jonas L), VBox escape 0day (Sauercloud), beacon shellcode generator (Ryan Stephenson), browser backdoor (dylan), nim obfuscation (Moloch), + more! blog.badsectorlabs.com/last-week-in-s…

InfoSec Community (@infoseccomm) 's Twitter Profile Photo

New Write-up on InfoSec Write-ups publication : "Finding My First Bug: HTTP Request Smuggling" #bugbounty #bugbountywriteup #bugbountytips ift.tt/3jM5DAu

Nikhith (@nikhith_) 's Twitter Profile Photo

Revisiting an old bug which paid off really well during a previous Red Team op. The good old Microsoft Exchange unauthenticated email relay. This was particularly impactful. Here's why: 🌶️Unauthenticated 🌶️No phishing infra needed 🌶️Emails land directly in user's inbox (1/4)

Rémi GASCOU (Podalirius) (@podalirius_) 's Twitter Profile Photo

I'm proud to present a new tool, #LDAPmonitor! With this you can monitor creation, deletion and changes to LDAP objects live during your pentest or system administration! Lots of authentication types are supported, and output can be saved to a file. github.com/p0dalirius/LDA…

Synacktiv (@synacktiv) 's Twitter Profile Photo

Takeover an entire domain by resetting passwords! We detailed how to exploit CVE-2021-40539 on ManageEngine ADSelfService Plus in this blogpost synacktiv.com/publications/h… Antoine Cervoise - @tiyeuse

Rémi GASCOU (Podalirius) (@podalirius_) 's Twitter Profile Photo

[#thread 🧵] Last week in #Microsoft #PatchTuesday, a critical vulnerability was patched that theoretically allows attackers to achieve Remote Code Execution on a target #IIS server (CVE-2022-21907). I'll explain how it works in this thread ⬇️

[#thread 🧵] Last week in #Microsoft #PatchTuesday, a critical vulnerability was patched that theoretically allows attackers to achieve Remote Code Execution on a target #IIS server (CVE-2022-21907). I'll explain how it works in this thread ⬇️
FrenchYeti (@frenchyeti) 's Twitter Profile Photo

New Interruptor 0.1 release 🔥 add Follow Thread 🥳, Kernel API constants usable by their names into hooks🥰, configurable output, smart modules/interrupts filtering github.com/FrenchYeti/int…

New Interruptor 0.1 release 🔥 add Follow Thread 🥳,  Kernel API constants usable by their names into hooks🥰, configurable output, smart modules/interrupts filtering
github.com/FrenchYeti/int…
Yarden Shafir (@yarden_shafir) 's Twitter Profile Photo

Trying to learn security research and getting overwhelmed by all the details? I just published a guide showing my process for step-by-step analysis of a security feature: windows-internals.com/an-exercise-in…

Trying to learn security research and getting overwhelmed by all the details?
I just published a guide showing my process for step-by-step analysis of a security feature: windows-internals.com/an-exercise-in…
Charlie Bromberg « Shutdown » (@_nwodtuhs) 's Twitter Profile Photo

Here are the slides for my talk « Delegating Kerberos to bypass Kerberos delegation limitation » 😈 at Insomni'hack #INS22 thehacker.recipes/ad/movement/ke…

Here are the slides for my talk « Delegating Kerberos to bypass Kerberos delegation limitation » 😈 at <a href="/1ns0mn1h4ck/">Insomni'hack</a> #INS22 thehacker.recipes/ad/movement/ke…
Almond OffSec (@almondoffsec) 's Twitter Profile Photo

No PKINIT? No problem! Thanks to team members Yannick and drm, you now have a way to (ab)use your ill-earned ADCS certificates even when domain controllers do not support PKINIT offsec.almond.consulting/authenticating…

No PKINIT? No problem! Thanks to team members Yannick and <a href="/lowercase_drm/">drm</a>, you now have a way to (ab)use your ill-earned ADCS certificates even when domain controllers do not support PKINIT
offsec.almond.consulting/authenticating…
bohops (@bohops) 's Twitter Profile Photo

This PowerShell one-liner will open a visible IE browser in Windows 11: $(new-object -com internetexplorer.application).Visible=$true

This PowerShell one-liner will open a visible IE browser in Windows 11:

$(new-object -com internetexplorer.application).Visible=$true
Imran Huda(Ahhad) (@imranhudaa) 's Twitter Profile Photo

Interesting account takeover of the day. The site was hosting their pentest.test.com on amazonaws While resetting my password I have noticed that the host was getting passed in json body

Interesting account takeover of the day.

The site was hosting their pentest.test.com on amazonaws

While resetting my password I have noticed that the host was getting passed in json body
HTTPVoid (@httpvoid0x2f) 's Twitter Profile Photo

Thread - Confluence Blind OGNL Injection analysis from our limited java knowledge. From vulnerable sink to becoming admin of the confluence instance. #CVE-2022-26134. Tested on latest vulnerable version 7.18.0.

Joe Desimone (@dez_) 's Twitter Profile Photo

Added a new technique in Patriot to identify suspicious CONTEXT structures used in the rop/callback chains of foliage, #nighthawk, #brc4, gargoyle, etc. github.com/joe-desimone/p…

Added a new technique in Patriot to identify suspicious CONTEXT structures used in the rop/callback chains of foliage, #nighthawk, #brc4, gargoyle, etc. github.com/joe-desimone/p…