rene

SARA - Simple Android Ransomware Attack github.com/termuxhackers-…

@S4vitar @DragonJARCon

Recordad que mañana tendréis mi charla en la @DragonJARCon!!, estaros preparados porque se va a tensar bien fuerte, nos vamos a meter bien de lleno en la capa uan jándred an eigri naaaain. Tenéis en la imagen los horarios disponibles, podréis verlo en: youtube.com/c/DragonJARbiz

PowerShell for Pentesters is a basic introduction to using PowerShell on internal penetration tests. github.com/dievus/PowerSh…

Si usas #Windows, quieres personalizarlo de verdad y no te mola usar el #Regedit, prueba esto...👇 Nota: CUIDADO al cambiar ciertas opciones! 😉

32-bit Stack-based Buffer Overflow : ired.team/offensive-secu… credits @spotheplanet

Pegasus Spyware Uses iPhone Zero-Click iMessage Zero-Day threatpost.com/pegasus-spywar…

Showcasing a thorough and targeted spear phishing attack, sent in by a community member. Fakes a Microsoft Outlook login page, sending entered credentials to a rogue domain. In the video we explore the code and report the domain. Premieres 9:00 AM ET. youtube.com/watch?v=YWarpd…

Here is a pastebin source for testing purposes: pastebin.com/RMYrXZPr

#Chimera: un script de ofuscación de #PowerShell diseñado para eludir #AMSI y las soluciones antivirus comerciales github.com/tokyoneon/Chim…

Starting a new blog post series on various Defense Evasion techniques. Part 1 AMSI Bypass. dazzyddos.github.io/posts/AMSI-Byp…

PSAmsi: PSAmsi is a tool for auditing and defeating AMSI signatures. #infosec #pentest #redteam github.com/cobbr/PSAmsi

There you go! #ProxyShell PoC exploit github.com/ktecv2000/Prox…

PoC footage for #PrintNightmare with @cube0x0 's #Python/Impacket rendition. Targeting a Windows Server 2016, so nothing hot sweet and flashy/fully-patched 2019 -- but just for showcasing the PoC. Windows #Defender disabled for a cheeky #msfvenom generated DLL.

Gracias @zerialkiller por la mención en tu video de #PrintNightmare Muy recomendando y bien explicado para todos, su explotación y funcionamiento sobre #metasploit. youtube.com/watch?v=_ToE95… Mientras, parchea *Y* deshabilita #spooler de Windows. blog.segu-info.com.ar/2021/06/poc-y-…

Great #patchtuesday Microsoft, but did you not forgot something for #printnightmare? 🤔 Still SYSTEM from standard user... (I may have missed something, but #mimikatz🥝mimispool library still loads... 🤷‍♂️)

Wonder what would happen if you went on a @GitHub repo and changed the URL from "github.com" to "github.dev"? 🙊

@creadpag A eso se le llama mercadotecnia 🤭

¿Que pedo?

WinPwn/WinPwn.ps1 at master #infosec #pentest #redteam github.com/S3cur3Th1sSh1t…

Effective patch *hust*, the other API functions @tifkin_ already mentioned indeed still work even after patching. 🤪 twitter.com/tifkin_/status…

icmpdoor: ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell) #infosec #pentest #redteam github.com/krabelize/icmp…