we heard Citrix marked this as a CVSS 5.1 - ok then github.com/watchtowrlabs/…

Stories from the Fish Pond, Part 1: Evading detection with ZIP concatenation... or, you know, maybe not. perception-point.io/blog/evasive-c…

Microsoft Dev Tunnels: Tunnelling C2 and More newtonpaul.com/tunneling-c2-t… #threathunting

Stories from the Fish Pond, Part 2: Bring your own stealthy +285MB Linux environment with automatic C2 connection straight into the pond... hmm, maybe a bit too big🐳. securonix.com/blog/crontrap-…

Hello everyone! Our team loves everything related to LPE exploits. However, there is no publicly available list on the web with fresh LPE exploits (2023-2024) for Windows. However, we do have such a list. And we are sharing it with you! github.com/MzHmO/Exploit-…

Stories from the Fish Pond, Part 3: Having trouble getting your phishing email into the inbox with the Red Team? Maybe check if your customer is a sitting duck! *Quack🦆* krebsonsecurity.com/2024/07/dont-l…

New AMSI Bypss Technique Modifying CLR.DLL in Memory : practicalsecurityanalytics.com/new-amsi-bypss…

I have put together a list of publicly known IOC for impacket. Thanks to Octoberfest7 and others on the awesome research. n7wera.notion.site/Modifing-Impac…

ShadowHound: A SharpHound Alternative using native PowerShell blog.fndsec.net/2024/11/25/sha… #redteam

Tunneling your C2 with Microsoft Dev Tunnel (>o.o)>~~~~~newtonpaul.com/tunneling-c2-t…

NetExec has a new Module: Timeroast🔥 In AD environments, the DC hashes NTP responses with the computer account NT hash. That means that you can request and brute force all computer accounts in a domain from an UNAUTHENTICATED perspective! Implemented by Disgame 1/3🧵

I recently learned about Cloudflare R2 buckets [1]: Threat actors can abuse Cloudflare R2 buckets for phishing by hosting malicious content or phishing landing pages in these buckets, leveraging the trusted reputation of Cloudflare to bypass security filters. R2 is not (yet)

Neat trick for initial access - corrupted files: thehackernews.com/2024/12/hacker…

[BLOG 📝] The brand new NetExec #Timeroast module made me finally study the attack itself, so here are some thoughts of mine on it with a couple of use cases and a real life example. snovvcrash.rocks/2024/12/08/app…

#TokenTactics V2 now has support for auth code flow, if you know what I mean. Other features in v0.2.5 are Invoke-RefreshToDeviceRegistrationToken and backwards compatibility for the v1 endpoint for those special cases. #Entra github.com/f-bader/TokenT…

For years, people thought AI and automation would take our jobs. But they should have been more worried about kitty cats