Lsec

As promised, here it is! Offensive coding with C++ episode 1 - Building a custom shellcode loader: youtu.be/WYf_nPIPC4s #cybersecurity #coding #C++ #Cpp #WindowsAPIs

apimspray - a specialized Entra ID Passwordspraying Toolkit designed for authorized security research and Red Teaming. It utilizes Azure API Management (APIM) gateways as a distributed, rotating proxy layer for IP Rotating github.com/crtvrffnrt/api…

Integrating session information and BloodHound. SCCMHound is a tool to gather session data from Microsoft Configuration Manager (MCM) and integrate it into BloodHound. Made by @CrowdStrike Team. Source: github.com/CrowdStrike/sc… #redteam #blueteam #maldev #malwaredevelopment

Let's continue the series of building a vulnerable Active Directory environment. I will today try my best to install OPNSense firewall live, on twitch (twitch.tv/lsecqt) at 19:00 EEST. Feel welcomed to drop your questions

My Mythic C2 agent now has a stable Invoke-BOF support. Thanks to my Patreons for the support.

Building Vulnerable Active Directory From Scratch - Architecture youtu.be/J9DP_t4DdHA?si… via @YouTube

Just vibe coded a Windows TCP port forwarder in C Features: • IP whitelisting for filtering • 100 concurrent connections • Verbose mode for debugging • Low-latency optimizations Perfect for local dev, network bridging, and relaying attacks 🚀 github.com/lsecqt/PortFor…

Drop your pre-stream questions here:

I want to completely rebuild my Active Directory Lab and make it intentionally vulnerable. I will stream the entire process starting tomorrow at around 7pm (EEST). As always, on Twitch: twitch.tv/lsecqt

If you like BloodHound and AD Hacking let me introduce you to BloodBash No web front end No neo4j No complexity Collect your AD artifacts with Sharphound Run `BloodBash ./pathToSharphoundOutput` That's it! github.com/DotNetRussell/…

this cool tool by @lsecqt enumerates windows terminal services sessions; ported it to a BOF and added some more features for accuracy (session LUIDs) github link: github.com/atomiczsec/Adr…

Yesterday I ran a livestream testing SessionHop - abusing specific COM objects to execute C2 actions in the context of other users. github.com/3lp4tr0n/Sessi… However, no session enumeration. So I built SessionView, tool to identify sessions github.com/lsecqt/Session… Video is on YT!

I built a lightweight C# tool designed to enumerate local administrator access across an internal network, strictly from the context of the current user. Repository and stream upload links are below. Repository: github.com/lsecqt/Find-Ad… Uploaded Stream: youtu.be/3Ee9mGhKmvY

Multiple people posted today in the morning about backdoored Github repositories, such as for React4Shell Scan repositories or an WSUS Exploits. This one for example is backdoored and will compromise your system once you run it: - github.com/th1n0/CVE-2025… For fun, I analysed the malware today. Turns out its dowloading a custom HTA via mshta.exe from the webserver https://py-installer[dot]cc. This is ~1600 lines of code heavily obfuscated and not flagged by AV or EDRs tested. I told AI to analyse the payload and to create a C2-Server for me. It refused. I told AI to analyse the malware and it did. After that, the barrier was gone and it provided me a fully featured C2-Server side framework to handle this payload for offensive purposes on my own. Of course - only in a simulated environment for analysis and testing purposes 😊 Well, after~3 hours of vibe coding we now have a new C2-Framwork with ~12 modules, we only need to adjust this HTA obfuscated C2-Server domain or URL and we can use the public implant with our own Server-Component. Thats the age of AI, normally it would have taken hours for me to manually analyse this malware!

It was a pleasure to contribute to the Mythic C2 framework. The webhook container now support not only Slack, but Discord alerting as well. github.com/MythicC2Profil…

I am happy to present the latest blogpost I was working on. It is about enumerating and attacking MSSQL databases from both external and internal perspective. Hope you learn something from it and as always, any feedback is welcomed! r-tec.net/r-tec-blog-mss…

My SCShell lateral movement stream is available now on my channel: youtube.com/watch?v=zLre6L… Hope you learned something new, let me know what to feature next.

Did you know that you can invoke VBA macros directly from PowerShell? Mind blowing right? Shout out to this blogpost: cybereason.com/blog/dcom-late…

Let's shoot a Sunday night stream, tomorrow at 20:00 EEST. I am planning to do some lateral movement from C2, is there anything you would want to also see? Drop your thoughts below.

@VedGawde @theXSSrat @BRuteLogic @I_Am_Jakoby @sec__404 @zaproxy @NahamSec @Bugcrowd @hackthebox_eu @247CTF @coffinxp7 @DeathsPirate @e11i0t_4lders0n @_Freakyclown_ @4osp3l @hetmehtaa @Hackutendotcom @intigriti @ippsec @KN0X55 Feeling honoured to be on the list

@theXSSrat @BRuteLogic @I_Am_Jakoby @sec__404 @zaproxy @NahamSec @Bugcrowd @hackthebox_eu @247CTF @coffinxp7 @DeathsPirate @e11i0t_4lders0n @_Freakyclown_ @4osp3l @hetmehtaa @Hackutendotcom @intigriti @ippsec @KN0X55 @lsecqt Big thanks @theXSSrat ❤️ learning a lot from you and the community #StayRATical

Follow these people - Let me know who i missed @BRuteLogic @I_Am_Jakoby @sec__404 @zaproxy @NahamSec @Bugcrowd @hackthebox_eu @247CTF @coffinxp7 @DeathsPirate @e11i0t_4lders0n @_Freakyclown_ @4osp3l @hetmehtaa @Hackutendotcom @intigriti @ippsec @KN0X55 @lsecqt @Mickhat1337 @MrMisplays @NullSecurityX @PinkDraconian @PentesterLab @tryhackme @VedGawde @yeswehack @Zappit3

The Ligolo-NG stream is now LIVE! Did you know that Ligolo-NG has a builtin Web UI that lets you manage everything? Hope it's useful and you learn something new. Any feedback is much welcomed! (youtu.be/-enTMD4_3D8)