Shashwat Shah 🇮🇳

As promised... this is Loki Command & Control! 🧙‍♂️🔮🪄 Thanks to @d_tranman for his work done on the project and everyone else on the team for making this release happen! github.com/boku7/Loki

Had a lot of fun digging into COM stuff with @bohops recently! We ended up finding a way to laterally move without dropping a file. ibm.com/think/news/fil…

Big brother is watching you 👁️ A new #HTB Seasons Machine is coming up! DarkCorp created by 0xEr3bus will go live on 8 February 2025 at 19:00 UTC. MagicGardens will be retired! ✓ Insane ✓ Windows → Join the competition & start #hacking: okt.to/5DzSPb

@kleiton0x7e @hackthebox_eu Congratulations 🎉

Had a good time brushing up on my rusty AD skills with Zephyr. Definitely a lab worth solving from @hackthebox_eu , as always! #CyberSecurity #Infosec #informationsecurity #hackthebox #certificate

Need a sanity check on module stomping. I've always thought that it backs the first return address, but the rest of the call stack isn't guaranteed due to our payload making `calls` from the stomped DLL from points of the code which may or may not have a suitable stack size (1/?)

@C5pider @0x09AL Thank You!

@0xEr3bus @0x09AL great work!!

I have created a project called “RdpStrike.” The goal is to extract clear text creds from mstsc. The aim is to dive into the Positional Independent Code, a blog post by @C5pider and the original implementation by @0x09AL. github.com/0xEr3bus/RdpSt… #cybersecurity #redteam #infosec

I'm happy to announce that I've (finally) started a blog: sashactf.gitbook.io/pwn-notes. Check out the first posts about doing ROP on 2.34+ without "pop rdi", and more will be coming soon™ :)

@xCipher007 @MalDevAcademy Awesome Work! :)

It's my first payload Loader with my learnings from @MalDevAcademy ! Check it out -> github.com/Cipher7/ChaiLdr

@xCipher007 Good Job 👏

I Learnt about API Hashing today!!! It took a while to get it working, but it was a nice learning experience!

@icyguider Awesome work!

I recently implemented 7 public UAC bypasses as BOFs and integrated them into a Havoc module and Sliver extensions. Requests to add more bypass methods are also welcome! github.com/icyguider/UAC-…

@d_tranman Nice work!

tried to port over the rust clr heap encryption thing to c but failed miserably (skill issue). thought i might as well share: github.com/susMdT/clr-thi… tldr: unmanaged clr -> run assembly -> unload domain + force GC. questionable interface implementation but i can SetHostControl

@xct_de @hackthebox_eu @ATeamJKR @snowscan @macz01590714 @k0zmer Congratulations 👏

That's a wrap on Season 3 at @hackthebox_eu - Ranked 1st in both team and individual leaderboards. Big thanks to @ATeamJKR , @snowscan , @macz01590714 , @k0zmer - you guys are the best :)

@Bhaskarpal__ @zeropointsecltd @_RastaMouse Congratulations 🎉

Cleared my #CRTL exam after an entire year of passing my #CRTO exam. Incredible exam and experience provided by @zeropointsecltd and @_RastaMouse. Had a lot of fun developing all the tools to bypass Elastic EDR. #infosec #redteam #EDR #c2 #cobaltstrike api.eu.badgr.io/public/asserti…

@zexion69_ Thank you.

great work!

@_0xDeku Added support for Havoc C2 (CC: @C5pider ). A simple Python script to execute BOFs. Feedback and Issues are welcome.

Just crafted a beacon object file for the 8th variant of the powerful process injection technique by @_0xDeku. An exciting journey into the Windows Thread Pool! github.com/0xEr3bus/PoolP… #cybersecurity #redteam #infosec #cobaltstrike

@Cyb3rC3lt @theluemmel @_0xDeku Great to hear that, I have added 4 more variants. Hope that helps 🙂

@0xEr3bus @theluemmel @_0xDeku This is fantastic, I was just thinking I may need this at my test today in case the PoolParty binary is statically detected. Great job.

@RistBs @_0xDeku Thanks man

@0xEr3bus @_0xDeku nice work 👍

@kleiton0x7e @_0xDeku Thanks man

@0xEr3bus @_0xDeku Nice stuff 🔥

@d_tranman @_0xDeku Thanks, Buddy!

@0xEr3bus @_0xDeku awesome sauce