Last month contribution: 2 PR on #MSF project from our team (1 bug on #PowerShell template for win10 chervaliery /1 feature for Golden Tickets duration Hypnoze) blog.rapid7.com/2018/06/29/met… cc Rapid7 Thales Cyber Solutions LU & BE

Just published a new blog. Stealing internal server files from IKEA.com by exploiting a LFI bug in their PDF library. Furthermore an in-depth discussion about Responsible Disclosures. Read more: medium.com/@jonathanbouma… Would love to hear your opinion and feedback!

Just release the first version of my forward shell github.com/Hypnoze57/FShe… Thx to ippsec I wasn't knowing that something like this was possible before watching his videos !

Great job!

Yesterday our teammate Hypnoze released #SharpHound4Cobalt github.com/post-cyberlabs… The goal? SharpHound data sent in-memory nothing dropped on the disk + sent to Cobalt Strike downloads through BOF.NET instead -> more #Opsec during real-life engagements👌

It is not #Crowdstrike related nor that sexy, ok but still : 2 more unfixed CVE (SQLi including a preauth. one) released by our team CVE-2024-28298 CVE-2024-28297 github.com/post-cyberlabs… And github.com/post-cyberlabs… cc kx90 Hypnoze ;)

Inspired by TrustedSec article on remotely starting Windows services, enjoy our python unauthenticated EFS trigger developed with Hypnoze Enjoy! github.com/Hypnoze57/rpc2…