davidlebr1

A fun little Friday night project porting @AndrewOliveau C# SessionHop code to a BOF. Built off of @tiraniddo session moniker research & @CICADA8Research original IHxHelpPaneServer blog. Enjoy! github.com/jhalon/cSessio…

I haven't done malware research (the kind I like) in a long time because I have a newborn. Now that my son is a little older and I have more opportunities I've returned with more focus and silliness. When reviewing random .DLL's in Windows, I found more silly things. Nerds abuse cmlua.dll as a UAC bypass. It exposes a COM object called ICMLuaUtil. People then abuse the exposed method ShellExec However, for reasons I do not understand (maybe you know?) ICMLuaUtil bypasses UAC, hence any method invoked bypasses UAC. Things you can: - ICMLuaUtil CallCustomActionDll Will arbitrarily execute anything from a DLL and bypass UAC. People have defined this, but have no used it because ??? - ICMLuaUtil CreateFileAndClose Will create a file and then close the handle. This is very silly because it accepts dwFlagsAndAttributes FILE_FLAG_DELETE_ON_CLOSE. You can arbitrarily begin deleting files on any directory without a UAC prompt - ICMLuaUtil AllowAccessToTheWorld Changes security descriptors supplied file to give access to all users on machine .. There is a bunch of stuff that I don't see nerds abusing this stuff because ???

@mrd0x 🫠

A Chromium patch nuked the blog post that was prepared🙃

@Lamp_Sec Thats sucks man hopefully you will find something else quickly

Welp, my company just laid off the entire US pentesting team. If anyone has any leads on good remote web app pentesting roles, do let me know.

@rayanlecat @phreaks2600 @NorthSec_io Good job to your team. It was great to see you performing. Hopefully we will see you next year 🤟

@olivier_boschko @x64Marsh @NorthSec_io 🤟👋

Hey folks! @x64Marsh and I are heading to Montreal for @NorthSec_io from the 15-19! If you're around we'd love to meet up 😁 whether it's chatting about red teaming, project, interests, or simply saying hi over some cold ones 🍻 give us a ping! See you there!

🧵 (6/) Of course, this is not a truly bypass, ‘cause defenders can also look for other IOCs like the absence of DRSReplicaSync call before DRSGetNCChanges or when the source IP of replication mismatches DC IP, etc., but imho it’s a fun case to share 🤪 gist.github.com/snovvcrash/f7d…

@Fox0x01 @BlackHatEvents Great talk !! I was there 👌

My @BlackHatEvents keynote is finally up on YouTube! Enjoy the AI-generated subtitles creatively interpreting my speech about the flaws of AI. 😂 I was really nervous at first, but it all went away once I realized how lovely the crowd was. youtu.be/TOpa8gqe4BU

@AndrewOliveau 🎉🤟

First 0day of the year

Thank you for your research ! This is very nice. Reminds me some old memory of this game.

🚀🎮 Introducing Spawn2Pwn - a new feature on RingZer0 CTF! 🌟🔧 Now, members can spawn their own infrastructure for select challenges, creating a private playground for exploration and safe destruction. No worries about affecting others. More info at ringzer0ctf.com/spawn2pwn

Outlook for Windows can be tricked into displaying a fake domain, but open another one. Add a <base> tag with a fake domain + left-to-right mark (U+200E) Links in <a> tags will show the fake domain, but open the real domain. No need to buy .zip! :) Convincing #phishing #redteam

Achieved first blood jackpotting the ATM at @NorthSec_io #nsec2023 CTF this weekend! The most insane and thrilling hack I've pulled off at a CTF so far, it certainly caught the eyes of everyone in the room and the event organizers, describing it "straight out of a movie"!

Already sold out ! If you have your ticket come say hi 👋 to some of our RingZer0 admins. Our admins developped some great challenges. Hyped 🔥

🔥 WARMUP 2023 💪 All challenges are now released! You have until May 7th to complete them! Tous les challenges sont maintenant disponibles! Vous avez jusqu'au 7 mai pour les compléter! 👉 nsec.io/discord

@NorthSec_io 👌

NorthSec, cette année, ça va être chill

Dans les méandres de Montréal, les plus grands experts en cybersécurité se réuniront pour NorthSec, où des secrets insondables seront dévoilés, sous la bienveillance de l'ancien dieu Cthulhu. Profitez de chance unique de plonger dans les ténèbres abyssales de l'esprit.

💡When selecting a Red Team vendor to work with, there are several key attributes to consider. Here are some of the most important factors to keep in mind: 1⃣ Expertise and Experience: Look for a vendor that has a team of highly skilled and experienced Red Team professionals. They should have a strong background in security testing, including penetration testing, vulnerability assessments, and threat modeling. Ideally, they should have experience working in your industry or with similar types of systems. 2⃣ Approach and Methodology: Look for a vendor that has a clearly defined approach and methodology for conducting Red Teaming engagements. They should be able to explain their testing methodology and provide a detailed description of the testing process. They should also be able to customize their approach to meet your specific needs and goals. 3⃣ Tools and Techniques: Look for a vendor that has a broad range of testing tools and techniques at their disposal. They should be able to use both automated and manual testing methods to identify vulnerabilities. They should also have experience with a variety of testing tools, including open source and commercial tools. 4⃣ Reputation and References: Look for a vendor that has a strong reputation in the industry and has positive references from past clients. Ask for references and check them carefully to ensure that the vendor has a track record of delivering high-quality Red Teaming services. 5⃣ Communication and Collaboration: Look for a vendor that is easy to work with and has good communication skills. They should be able to explain their findings and recommendations clearly and be willing to work closely with your team to address any vulnerabilities that are identified. ☑️ By taking these factors into account, you can choose a Red Team vendor that has the expertise, experience, and tools needed to help you identify vulnerabilities and improve your overall security posture.

Last week for our reduced pricing options! #CTF early bird tickets are almost sold out! Grab them fast! Ticket includes: 📣: amazing content (talks, soldering, villages) 🏁: flags 🔋: hardware badge, t-shirt 🍻: free drinks incl. coffee and non-alcoholic eventbrite.ca/e/northsec-202…

@gf_256 I second @NorthSec_io !!

Do any CTFs need sponsors? We want to give back to the CTF community. No exclusivity requirement.