We can relay back to the same machine using Kerberos relay instead of NTLM relay. I discovered this attack vector more than a year ago. I will describe it in detail in upcoming Black Hat Asia 2024 blackhat.com/asia-24/briefi… and introduce more interesting attacks.

Btw, you don't need a Flipper Zero to "hack" dumb radio protocols. The piece of wire is enough. Check out how to receive and decode 433MHz radio signal just with a PC sound card.

Found the OMG Cable headquarters

A new module is now available in NetExec, made by Swissky. You can now automatically search for Autologon users 🚀

So with all the negative talk about Microsoft security recently it occurred to me it's interesting to remember that MS also achieved one of the most consequential security successes of the last decade. A success that no one--including MS--ever talks about. Hardening Office.

"Hello: I'm your Domain Administrator and I want to authenticate against you". My #SilverPotato is out, check the blog post: decoder.cloud/2024/04/24/hel… 😃

Drumroll, please. 🥁 Nemesis 1.0.0 has dropped! From host modeling to dashboard changes, read Will Schroeder's new blog post detailing the updated features in this release. ghst.ly/44irzdx

Reverse engineering the Windows 10 parallel loader is challenging but interesting work. I recently fully reversed the pivotal LdrpDrainWorkQueue function and I'm just now working on LdrpLoadDllInternal plus others github.com/ElliotKillick/…

Wow #BGGP5 is fast approaching (June 21st 2024)! What should the challenge be this year? We want something fun and interesting, while leaving a lot of room for creativity. Comment with your idea below and we may just run with it! Past challenges here: github.com/binarygolf/bggp

The word of a man means the world, I promised the 2nd part of the free Malware Development workshop, and here it is! 🔥🚀 Enjoy! youtu.be/GkslYVobV3M?si… #maldev #malwareanalysis

CrowdStrike effectively bricked windows, Mac and Linux today. Windows machines won’t boot, and Mac and Linux work is abandoned because all their users are on twitter making memes. Incredible work.

[RELEASE] Following the talk at DEF CON, I'm releasing all the POC projects associated with DriverJack. More info in the repos. For any additional info, hit me up ;) - github.com/klezVirus/Driv… - github.com/klezVirus/RpcP… - github.com/klezVirus/kopp…

You can now use NetExec to enumerate computer accounts created with the pre-Windows 2000 flag, thanks to a module by Brandon Fisher🔥 If possible, a TGT is automatically requested and saved to disk, enabling new lateral movement options.

Matias Toledo en el primer día como alcalde en Puente Alto

Se cayo slack, donde trabajaran los PM? Alguien puede pensar en los PM?

Lo único bueno que tiene el #8M es que pone a caminar a un montón de gordas.

And they shall be named TARS and CASE Each currently hosting twenty 195 MHz MIPS R10000 CPUs Now to call electrician

We at emproof open-sourced a free firmware reverse engineering workshop for self-study. Topics: ELF analysis, cracking, malware triage, embedded-Linux, bare-metal, crypto-key extraction, anti-analysis. Docker setup and solutions included. github.com/emproof-com/wo…