Releasing another side-project: CursedChrome. A Chrome-extension implant that turns victim Chrome browsers into HTTP proxies. Using these proxies you can browse the web authenticated as your victims for all of their websites. Setup takes only 5-10 mins 👍 github.com/mandatoryprogr…

Yes, Most AD forests we see are still running at 2008R2 or 2012/2012R2. Get-ADForest & Get-ADDomain will show the Forest Functional Level & Domain Functional Level. Ensure your AD Forest is at least 2012R2 for a number of security features.

Added some more options and features to make this already awesome tool more versatile. github.com/Flangvik/ADCSP… PR sent and awaiting approval 🔥😍

Exclusive content for my followers only! Top secret algorithm for finding 0-days.

🐞 PoC for a Post-Auth RCE (CVE-2021-38163) in SAP NetWeaver. The vulnerability was found by our researcher Mikhail Klyuchnikov. Reproduction steps: 1. Upload a jsp shell using the /irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.VCParMigrator path 2. Execute OS commands

[BLOG] An investigation on open reverse proxy misconfiguration and automating the misconfiguration using nuclei templates by our own Chris Sullo Part: 1 blog.projectdiscovery.io/abusing-revers… Part: 2 blog.projectdiscovery.io/abusing-revers… #hackwithautomation #infosec #security #bugbounty

Revisiting the ESC7 AD CS attack, which can lead to Active Directory privesc from ManageCA permissions. Our #RedTeam has automated this attack by adding new features to SpecterOps' Certify /cc Kurosh Dabbagh Marcos Díaz blackarrow.net/adcs-weaponizi…

الاحتيال له عدة أشكال وأنواع.. لا تضغط على روابط مجهولة المصدر.. لأن ممكن تكون عملية احتيال والهدف منها سرقة بياناتك. Dirayakw.com #لنكن_على_دراية #dirayakw #بنك_الكويت_المركزي #centralbankofkuwait @centralbank_kw dirayakw @kbaonline

"If you had 24 hours with me, and I couldn't say 'No', what would we do?"

CVE-2022-44268 - a vulnerability in ImageMagick that could lead to an arbitrary file read. PoC metabaseq.com/imagemagick-ze…

I created this quick and dirty Powershell script to check your current system drivers against the awesome loldrivers.io list from The Haag™ Jose Enrique Hernandez Nasreddine Bencherchali Hope you find it useful gist.github.com/api0cradle/d52…

Just copy&paste integrated into WinPwn. 🙂

We took a Cobalt Strike profile, modified it, and bypassed Crowdstrike & Sophos without encrypting the shellcode. Also bypassed all published YARA rules, sleep detections, and string detections around a CS beacon. Blog: whiteknightlabs.com/2023/05/23/unl… #CyberSecurity #redteam #infosec

Reminder that creating a memory dump of Outlook.exe not only produces access tokens but also potentially sensitive email content.

Browser Exploitation Introduction: Part 2 - Use After Free Against IE 11, Bypassing MemGC and Isolated Heaps x.com/i/broadcasts/1…

Ever had trouble signing your drivers with leaked expired EV certificates? I made a fix for that: github.com/namazso/MagicS…

Finding process killer drivers and exploiting them is really really not that hard My next blog post will be on how to find some, reverse them and making a PoC to exploit them In the meantime, the drivers and PoC that will be used as examples! github.com/xalicex/Killers

"PPID Spoofing: It’s Really this Easy to Fake Your" #infosec #pentest #redteam trustedsec.com/blog/ppid-spoo…

🚨 The big reveal of Evilginx Pro is finally OUT! 🚨 📔From this blog post you will learn what makes the Pro version different from the community one. 🎟️I explain how Evilpuppet secret token extraction works and showcase the core features. Enjoy! 🪝🐟 breakdev.org/evilginx-pro-r…

What type of game is this? Watch till the end