Gr1nch

Já adquiriu seu exemplar do Livro OPSEC Inteligência Cibernética na Prática? clubedeautores.com.br/livro/opsec

Nuclei Templates Brazuca ( DISPONÍVEIS ) Conjunto de templates focados em OSINT contexto Brasil. > github.com/osintbrazuca/n… #osint #hacking

CVE:2021-3560 [Privilege Escalation] Polkit-Privilege-Esclation PoC - By secnigma. github.com/secnigma/CVE-2… Original Post: github.blog/2021-06-10-pri…

E aí, já conferiu o meu livro #OPSEC Inteligência Cibernética na Prática? Não?! O livro está disponível na Amazon pra Kindle, aqui: lnkd.in/d_fSFZDq E quem quiser a versão física, está disponível no site da editora aqui: lnkd.in/dngPb3zn Corre lá e aproveita!

Nuclei Template Generator Burp Plugin "A BurpSuite plugin intended to help with nuclei template generation." github.com/projectdiscove…

"Decrypting your own HTTPS traffic with Wireshark" trickster.dev/post/decryptin…

Active Directory Fundamentals (Part 1)- Basic Concepts rootdse.org/posts/active-d…

Unsafe .Net Deserialization in Windows Event Viewer! This is a by-product of my research. Has confirmed with MSRC that this didn't cross any security boundary, but I guess it could still be another fun #LOLbas or Defender Bypass.😆

Making a DNS bruteforcer that @sml555_ @hakluke and I worked on privately approx 3 years ago public... Code here, if you want to poke early: github.com/codingo/fastsub .. Still needs some work - will update further before I cover in a video

Boa tarde pessoal! Pra quem ainda não conferiu, segue a palestra do Rodrigo Dumaresq no canal da BHack Conference no YouTube. lnkd.in/dF-ZSPiu #letshack lnkd.in/dXZqBujM

I wrote down some thoughts on bypassing #EDR with syscalls, and shared my super small patch for #SysWhispers2 to evade Defender detection: cloaked.pl/2022/04/on-how…

ADReaper - A Fast Enumeration Tool For Windows Active Directory Pentesting Written In Go bit.ly/3EBk6cX #ADReaper #golang #LDAP

ProntonMail has had a .onion site since 2017, but today they are rolling out new experiences for Tor users... including the ability to sign up for your Proton account directly on their .onion site! Read about all the improvements for Tor users here ⤵️ protonmail.com/blog/updated-t…

I don't know what is a CVE number for my spooler EoP 0-day that i discovered last year. Anyway It was patched by microsoft tuesday patch, So I'm sharing this PoC one of the bug that listed on the screenshot for spooler EoP here: github.com/grigoritchy/po…

Check out my new post about coercing NTLM authentication from the local admin accounts used by SCCM servers, how to prevent it, and the release of SharpSCCM, a C# tool that can be used to demonstrate the impact of these techniques: posts.specterops.io/coercing-ntlm-…

[REDTEAM] "ScheduleRunner - A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation" by @netero_1010 - github.com/netero1010/Sch…

Kernel RCE in #FreeBSD via WiFi frames: freebsd.org/security/advis… Also affects #pfSense / #OPNsense / etc

Caption this 👇

[ For Students ] "vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises." Download: github.com/roottusk/vapi Writeup: cyc0rpion.medium.com/exploiting-owa…

@Bhaskarpal__ You're welcome.... Amazing job man congratz! Love these articles. Keep it up!

@Gr1nchDC Thank you for tweeting about my articles 🙏

Article 5 - "Active Directory - Domain Persistence" by @Bhaskarpal__ "This guide explains Active-Directory Domain Persistence mainly by creating Golden tickets, Silver tickets, Skeleton Keys, DSRM and multiple ACL attacks in detail." 0xstarlight.github.io/posts/Active-D…