John wood

33 Million Subdomain Wordlist 15 Million Subdomain Wordlist 11 Million Subdomain Wordlist gist.github.com/cihanmehmet/5d…

Actores maliciosos Rusos 🇷🇺 infectan usuarios mediante documentos compartidos en DropBox y Google Drive ❌Mucho cuidado con abrir ficheros ISO de dudosa procedencia unit42.paloaltonetworks.com/cloaked-ursa-o…

@elhackernet @ing_juani7a

- "... and then he said to sign my malware.exe with faked Microsoft cert to evade AVs/EDRs. Would you believe?" (￣y▽￣)╭ Ohohoho..... Sign-Artifact.ps1 - based on @mattifestation research & implementation shamelessly borrowed here: github.com/mgeeky/Penetra…

Case of Attack Exploiting AnyDesk Remote Tool (Cobalt Strike and Meterpreter) asec.ahnlab.com/en/36159/

Reverse Port Forward through a SOCKS Proxy in Cobalt Strike, how cool is that :=) smbmap (by ShawnDEvans) and CrackMapExec (by @byt3bl33d3r) tools used for SMB share enumeration and Lateral Movement 🔥

“How I Found multiple SQL Injection with FFUF and Sqlmap in a few minutes” by Mahmoud Youssef link.medium.com/AkUscaTUYqb

@DailyDarkWeb New raidforum ??

Mexico 🇲🇽 - Database of MAXCOM Mexico is #Leaked (Flō Networks) #Mexico #DarkWeb

Vous souvenez-vous quand vous avez rejoint Twitter ? Moi, oui ! #MonAnniversaireTwitter

Hello ! FuckThatPacker is now integrated to CobaltStrike. You can now generate obufscated powershell payloads directly within CobaltStrike :D github.com/Unknow101/Fuck… retweet appreciated

I published a blog article detailing a phishing technique I called Browser in the Browser (BITB) Attack. It's very simple but can be very effective. I also published templates on my Github feel free to test them out. mrd0x.com/browser-in-the…

If you compromise a member of the Backup Operators group there is a direct path the become Domain Admin without a RDP/WinRM access to the DC ! Dump and export the SAM remotely on a remote share ! 🔥🎉 Thanks to @filip_dragovic for the initial POC ! github.com/mpgn/BackupOpe…

Initial Access - File Smuggling #infosec #redteam #pentest inf0sec.fr/article-21.php

@ffforward @Namecheap C’est sensé ralenti le phishing ??

Hi @Namecheap can you please nuke recently registered #phishing domain /legiosite.com? Thanks! urlscan.io/result/ecf5d79…

Hello all ! Après une longue pause je vous propose un article de #RedTeam traitant de l'Initial Access et plus particulièrement de l'HTML Smuggling. Technique utilisée par des APTs dont j'ai pu constater l'efficacité lors d'un test interne. Bonne lecture. inf0sec.fr/article-21.php

@ecarlesi 100% #phishing

[NEW] - #Emotet se propage sous la forme d'un paquet d'installation Adobe PDF - it-connect.fr/emotet-se-prop… #Malware #Sécurité

Had a play around with getting a POC for SOCKS proxying a browser using Kerberos Relaying today, seems to work well. Next to run it on a pentest to see if it works outside the lab, and then I'll shove the code up. youtu.be/7q8r39gF1rU

Black Week has started @ SEKTOR7 Institute! For the next 7 days you can purchase any course with $30 off the regular price. Cyber Monday is a deadline, so don't wait too long! institute.sektor7.net #RTO #redteam #onlinelearning

GC2 - A Command And Control Application That Allows An Attacker To Execute Commands On The Target Machine Using Google Sheet And Exfiltrate Data Using Google Drive ift.tt/3GxjV2O