🔥Telegram İfşa

Eliminate huge part of lateral movement scenarios with one command: "reg.exe add HKLM\SYSTEM\CurrentControlSet\Control /v DisableRemoteScmEndpoints /t REG_DWORD /d 1" It will make Service Control Manager deaf to remote management. Everything else works properly.

We are thrilled to announce that Forestall has proudly participated as an industry partner in the #LockedShields2023 exercise, organized by the NATO Cooperative Cyber Defence Centre of Excellence NATO CCDCOE #LockedShields2023 #CCDCOE #Forestall #CyberSecurity

I developed a Fileless Lateral Movement tool called NimExec. It changes service configuration to execute the payload via manually crafted RPC packets. It's the improved version of Julio Ureña 's SharpNoPSExec with Pass the Hash support. Enjoy! #infosec github.com/frkngksl/NimEx…

My latest research has been published on Picus Security blog. Securing macOS: A Closer Look At Built-In macOS Application Security picussecurity.com/resource/blog/…

mailsecuritycheck.com You can check your business email secure or not? Its totally free email security check tool. Developed by RSU #antispam #phishing #BEC #BusinessEmailCompromise #emailsecurity #CyberAttack #CyberSecurity #secureemailgateway #emailgateway

What happened to startup culture?

Use silent #SMS messages to track LTE users’ locations An attacker sends silent SMS messages with a defined pattern and analyze LTE traffic to verify the victim location. All you need is just: SDR + SIM cards + LTESniffer software mandomat.github.io/2023-09-21-loc…

⚡ The NTLM Protocol Animated! 🔴 Quick & Simple Explanation: 🔻 NTLM_NEGOTIATE You type your credentials on your machine (called Client💻), it sends a request containing your username to the Server🏛 you want to authenticate to. 🔻 NTLM_CHALLENGE The Server🏛 generates a

If your target uses Knowbe4, ever thought of adding X-PHISHTEST to your emails so it goes through filters if the header is whitelisted? 🤔🤔🤔

I discovered a high-severity vulnerability in OpenVPN Connect macOS application, one of the popular VPN apps. This vulnerability is addressed as CVE-2023-7224 and is rated high-severity by NIST. It has been fixed and credited by OpenVPN. nvd.nist.gov/vuln/detail/CV…

🗣️"Active Directory Red Teaming" Eğitimi ile "Furkan ÖZER" 18-19 Mayıs'ta #hacktrickconf da! #hacktrick24

Forestall'u Silver Sponsorumuz olarak duyurmanın heyecanını yaşıyoruz! 🤝 Siz de yerinizi şimdiden ayırtın ve Hacktrick’te bize katılın! 🎟️ eu1.hubs.ly/H092-rg0 🗓️ 17 Mayıs 2024 📍BTK, Ankara Forestall #hacktrick24 🚀

virustotal.com/gui/file/9f180… "Desktop Window Manager local privilege escalation.docx"

This year Thinkst Canary cleared $19m in ARR. - We still have less than 40 people... - We still do "no" outbound sales... We believe more security-product companies can do this too, by focusing a little more on customer-love. We spoke about it at the Decibel event at RSAC.

Şimdi gençler bakınız, sanayi devrimi nerede ortaya çıktı? Avrupa di mi? Avrupa. Şirket kavramı, anonim şirket, borsa, patent falan hep Avrupa'nın işleri. Şimdi aranızda bunlar eski şeyler diyenler olacak. Peki, internet de Avrupa'da bulunmadı mı kardeşim? Peki nedir

OMFG! Kerberos Request/Response ticket hashes are being included in EIDs 4768/4769 🤩 Thank you x1000000 Paul Michaud (burning_pm) for the screenshots 💜

🚨 New ADCS Vulnerability: EKUwu 🚨 A newly discovered EKUwu vulnerability in Active Directory Certificate Services (AD CS) allows attackers to bypass Extended Key Usage (EKU) policies for potential privilege escalation. (1/3)

78% of orgs are vulnerable to a 9.8 CVSS attack—not due to advanced hacks, but basic mDNS spoofing. 👀 Vonahi Security ran 10,000+ internal pentests in 2024. The top risks weren’t zero-days—they were simple, fixable flaws: • 78% – mDNS spoofing • 73% – NBNS spoofing • 66% –

Gümüş Sponsorumuz olan Forestall şirketine, Furkan Özer ve Atanur Serkan Elmasoğlu’na katkılarından dolayı teşekkür ederiz. Detaylı bilgi ve kayıt için: raconf.com #sibergüvenlik #cyber #security