Nothing special, just a 30 Mb .NET assembly to run secretsdump[.]py from memory with pythonnet and Diego Capriotti’s so hot Pyramid 🔥🐍

Here's a new project and some Pyramid features: Embedder lets you create small (go | nim | C# | C++) executables that load Python interpreter to execute Python code using the embedding functionality. github.com/naksyn/Embedder Embedder can be easily paired with Pyramid that now has

Do you use a virtual machine to browse dangerous links safely? If you use the Chrome browser inside that virtual machine, is it secure enough? As you might have guessed, the answer is not so much. We chained six unique CVEs from 2023 listed below. • Chrome Renderer RCE :

I'm so excited today to announce that I'm launching my own online training platform Calypso Heavy Industries (CHI) 🎊 The first course to appear on Labs is "Windows Instrumentation with Frida", check it out: labs.calypso.pub/windows-instru… Labs is partnering with Vector 35, when you sign up you get a

🚨 Evilginx 3.3 update is coming out NEXT WEEK! 🥳 Among the improvements, it will include one significant and long-awaited feature, requested by so many of you. I've made a puzzle to give you a small hint. 🪝 Can you guess what it is?

The setup behind the CVE-2024-3094 supply-chain attack is fascinating. I originally wanted to finish and share a tool to audit other OSS projects for anomalous contributor behavior, but I feel what I found trying to MVP it is way more interesting. 🧵 1/25 gist.github.com/rubyroobs/77cc…

JiaT75 on GitHub pretending to be an OSS enthusiast and 100% NOT a state-sponsored Threat Actor

One thing I always look for when starting in a network without AD creds is user enumeration with RPC null sessions. impacket SAMR (samrdump) and LSARPC (lookupsid) tools will give you only a small part of the story. Here's my minimal RID cycling script gist.github.com/naksyn/8204c76…

sharing exploits is caring (Exploit for 6.4 - 6.5 kernels) Write up is in Russian (who can do a EN write up?) github.com/YuriiCrimson/E…

I am a pro hacker, not a cybersecurity consultant. So I asked AI to summarize top 5 pain points of cybersecurity people. Thread with my own solutions

Gold Pickaxe iOS Technical Analysis: IPA Overview and C2 Communication Start up syrion.me/goldpickaxe-te… #iossecurity #mobilesecurity #applesecurity #malware #malwareanalysis #reverseengineering

[RELEASE] Following the talk at DEF CON, I'm releasing all the POC projects associated with DriverJack. More info in the repos. For any additional info, hit me up ;) - github.com/klezVirus/Driv… - github.com/klezVirus/RpcP… - github.com/klezVirus/kopp…

always remember that you are just some nerd at a computer

A year ago I spoke at DEF CON 31 about massive user enumeration in Azure. At the time, I had enumerated 24 million users via OneDrive. Fast forward, and I've now enumerated over 44 million users. The issues I spoke to in that talk haven't gone away. I know there have been

A year ago I published a blog post on bypassing EDR using CS profiles. I’ve updated it to include an additional way of preventing msvcrt.dll from being flagged by Defender: by making the payload CRT library-independent. kleiton0x00.github.io/posts/Harnessi… #redteam #malware #CyberSecurity

New tool published which is proving to be useful. Cred1py allows execution of the CRED-1 SCCM attack published by Christopher Panayi over SOCKS5 UDP by wrapping the awesome PxeThiefy.py from Carsten. Enjoy :) github.com/SpecterOps/cre…

More details about CVE-2024-44068 - it’s part of an EoP chain in the wild: googleprojectzero.github.io/0days-in-the-w…

Oh, you didn't know? Cool kids are now relaying Kerberos over SMB 😏 Check out our latest blogpost by Hugow to discover how to perform this attack: synacktiv.com/publications/r…

2024 is 99% complete.