Inés

Tangled is a social engineering platform that weaponizes calendar event processing in Outlook and Gmail to deliver spoofed meeting invites that are automatically added to a user's calendar without interaction. github.com/ineesdv/Tangled Technical breakdown: tarlogic.com/blog/abusing-c…

Ghosts in the Cloud: Hijacking Orphaned Azure Blob Storage research.eye.security/ghosts-in-the-…

On our way to Switzerland 🇨🇭, where tomorrow @ineesdv will present our research at @1ns0mn1h4ck on abusing calendar invite processing in modern email clients. ➡️ Read more: insomnihack.ch/talks/meetings…

Phishing now happens in meetings as well? @ineesdv say yes! Understand how attackers exploit collaboration tools with this new #Insomnihack talk. Buy your ticket now: ow.ly/yBis50Ya55M #InsomniHack #Cybersecurity #INSO26

Just over 24 hours until @_kripteria takes the stage at @h_c0n to revisit the design and methodology of attack graphs in Active Directory, showcasing new approaches with Neo4LDAP.

Hi! I just published a technical deep dive into a complex and fun N-day vulnerability that allows to get RCE in a very popular e-commerce platform. Check it out! hiddeninslack.github.io/posts/from-sst…

Last week, new modules were released on @MalDevAcademy ! - Device Code Phishing on Gitlab - Client Analysis via CF - Evilginx Phishlet Development using M365 phishlet with downgrade capabilities :) Additionally, We’ve released the following tool! @mrd0x github.com/Maldev-Academy…

@ipurple Thanks for sharing! 🙂

Tangled: Open-source offensive security platform for conducting phishing campaigns that weaponizes iCalendar automatic event processing github.com/ineesdv/Tangled

@MBeltranPardo Thanks for sharing! 😊

Tangled is a phishing platform designed from an offensive security perspective. It weaponizes iCalendar rendering features in Microsoft Outlook & Gmail to deliver spoofed meeting invites that are automatically added to a user's calendar without interaction github.com/ineesdv/Tangled

@0x90b Thanks! Appreciate it.

@ineesdv Excellent write-up and a strong technical breakdown!

Tangled is a social engineering platform that weaponizes calendar event processing in Outlook and Gmail to deliver spoofed meeting invites that are automatically added to a user's calendar without interaction. github.com/ineesdv/Tangled Technical breakdown: tarlogic.com/blog/abusing-c…

Meetings You Didn’t Plan, But We Did In this post, @ineesdv breaks down how calendar event processing in Outlook and Gmail can be abused to deliver spoofed meeting invites that are automatically added to a user's calendar without interaction ➡️Read more: tarlogic.com/blog/abusing-c…

Kudos to our colleague @_Kudaes_ , who yesterday delighted us at @NavajaNegra_AB with his talk 'Activation Context Hijack,' which can be rewatched here: twitch.tv/videos/2581089…

This Thursday, our colleague @_Kudaes_ will be at @NavajaNegra_AB presenting Activation Context Hijack: a new code execution technique for Windows environments. ➡️ More info: navajanegra.com/2025/speaker/k…

I've just released Eclipse, a PoC of what I call Activation Context Hijack. This technique redirects any application to load an arbitray DLL, allowing to inject code into any trusted process. More info available on Github. github.com/Kudaes/Eclipse

Although it's nothing new, @ineesdv and I are pleased to publish our own ROP-based implementation of the code fluctuation technique. We've tried to keep it simple and functional, avoiding to use common features like Timers, HWBP or APCs. github.com/Kudaes/Shelter

Our colleagues @_Kudaes_ & @ineesdv will be at #HackOn2024 presenting an alternative approach to ROP-based sleep obfuscation technique to evade memory scanners. ➡️ Read more: hackon.es/charlas/In%C3%…

Enhanced version of secretsdump from #Impacket to dump credentials without touching disk. This feature takes advantage of the WriteDACL privileges held by local administrators to provide temporary read permissions on registry hives. github.com/fortra/impacke…

🚨 Confirmamos primera charla 🚨 Ines (@ineesdv) y Kurosh (@_Kudaes_ ), operadores de Red Team en la unidad de seguridad ofensiva de Tarlogic, son la primera charla confirmada de la #HackOn2024. 👨‍💻 Muchas gracias por venir, estamos encantados de recibiros.

Our colleague @IagoAbad has weaponized the leaked token handles technique for MSSQL. Now open token handles in MSSQL's process (sqlservr.exe) can be abused to change security context and escalate privileges both locally and in the domain. github.com/blackarrowsec/…

@cristinaycue @experiencia_T Gracias!! 🤩

@experiencia_T ¡¡enhorabuena @ineesdv !!

Felicidades a nuestra nueva ingeniera de ciberseguridad. Inés, no sólo tienes que celebrar el 10 de hoy, sino toda tu trayectoria en estos cuatro últimos años! Ahora a disfrutar, y a seguir, que viene todo lo bueno