In case you missed it, Powershell was added to the Kali repo late last week. Special thanks to Raphaël Hertzog for doing the leg work necessary to make this happen.

SIEM stuff leading to Microsoft Bug bounty by Mike Nolan at #bsidesperth

Nice

So, I managed to cram the LSASS and registry hive parsing capabilities of #pypykatz into webassembly via #pyodide Parsing is fully offline and done in your browser. Huge shoutout to ThugCrowd and xEHLE who made the fancy webui for it and hosting it on their servers.

One point about @giulio_comi post on NordVPN & #mimikatz "offline" password acquisition, with a LSASS *memory dump* to get the masterkey🤔 Machine masterkeys are protected by SYSTEM DPAPI SECRETS (in the registry) You can have all your VPN credentials from a computer turned off

linkedin.com/posts/activity…

When I see "deployed a variant of the Mimikatz",but using: -original file names (x64 & mimikatz.exe); -same modules/functions names (sekurlsa::logonpasswords); -not using mimikatz for other things than passwords; -... I can't understand how they can spread securingtomorrow.mcafee.com/other-blogs/mc…

seamlessintelligence.com.au/empire_1.html

kali.org/news/kali-linu… Some big changes, including something I thought I'd never see. - Added PowerShell

Nothing better Hack The Box

I have something fun for you, I pulled the javascript interpreter out of Avast and ported it to Linux 😆 This runs unsandboxed as SYSTEM, any vulns are wormable pre-auth RCE on 400M endpoints  ¯\_(ツ)_/¯ github.com/taviso/avscript 🐧

Excellent write up from DIFR on some pretty basic malware, it's always nice to see alot of what it does batched up and easily accessible for testing. seamlessintelligence.com.au/sql_miner.html

seamlessintelligence.com.au/empire_2.html

Some really nice new features for analysts and admins with version 7.5 of LogRhythm seamlessintelligence.com.au/lr_75.html Testing Purpose

Want to talk at BSides Perth on 18-19 Sept 2021? Here is your chance! Call for presentations open NOW! - forms.gle/6Ha62XrSJHzjWV… #cybersecurity #bsidesperth

seamlessintelligence.com.au/sliver_1.html

Congratulations to Seamless Intelligence for winning AISA's 2022 Cyber Security Small to Medium Business Employer of the Year award! @Seamlessintelligence #seamlessintelligence #smb #cybersecurityawards #Award #infosec #AISAawards #cybersecurityawards #Cyber #Cybersafety #winner

Part 3 of our series using the Sliver adversary emulation framework goes into a few detections using standard windows logs as well as Sysmon logs (Defender device logs can also be used and have a very similar structure to Sysmon.) seamlessintelligence.com.au/sliver_3.html

CVE-2023-23397 displays interesting changes when the invite goes through O365 rather than local injection into Outlook. The "ReminderFileParameter" disappears. #Outlook #0day

We are often engaged with organizations that have lost complete control of their Microsoft Entra ID tenant, I wrote a comprehensive blog post on lessons learned from real world engagements to try to help reduce the risk of the same happening to you microsoft.com/en-us/security…