Could not attend the #BHASIA 2023 presentation by @infosecRavi ? Worry not! You can go through the presentation slides here at your own leisure.
Slides: https://t.co/7BUl0JFhpb
website: https://t.co/u7RxJewaJV
Questions/comments are welcome.
#autohackos
Could not attend the #BHASIA 2023 presentation by @infosecRavi ? Worry not! You can go through the presentation slides here at your own leisure.
Slides: https://t.co/7BUl0JFhpb
website: https://t.co/u7RxJewaJV
Questions/comments are welcome.
#autohackos
New conference, new project led by Ravi Rajput (Frustrated Researcher)
We will also come up with custom tooling, documentation, and forum. Stay tuned!
#car_hacking#bhasia
New conference, new project led by Ravi Rajput (Frustrated Researcher)
We will also come up with custom tooling, documentation, and forum. Stay tuned!
#car_hacking#bhasia
APT29/Nobelium🇷🇺 Initial Access Attack Analysis
HTML (EnvyScout) dropper used by Russian APT29/Nobelium in recent campaigns ⚡️
https://t.co/2FMgYhalfh
EnvyScout uses a technique known as HTML smuggling to deliver an IMG/ISO file to the targeted systems (data block that can be decoded by subtracting 4 in the recent campaign).
After decoding you will find an ISO file inside that contains SnowyAmber that executes via rundll32.exe and communicate to Notion as a C2 ⚡️
🚨 We are now accepting registrations for our upcoming training program. Don't miss out on the chance to enhance your skills and knowledge. Simply follow this link: https://t.co/tFH2WBDeZn and fill out our registration/feedback form. Don't hesitate, sign up now!
#arishtilive
Join renowned instructor @adhokshajmishra for an intensive hands-on training course that will teach you the skills you need to master the dark arts of cyber defense. From developing and testing malware to identifying and mitigating the effects of an attack.
Thanks to @___wr___ & @taviso, just played with CVE-2022-0778 against vulnerable (web) servers
Just few tweaks, and ready to scan servers accepting certificates... 🫤
If it is not done yet: patch...
I mentioned a few days ago that there's two LOLBIN binaries that do DLL injection.
After re-checking the digital signature I don't believe they're considered LOLBINs (correct me if I'm wrong) but since they're interesting I'll share them anyway. (1/2)
write an EXE into any file's NTFS stream, and run it as a process. We can delete the file, even the process is still running :)
it's cool how Windows manage file locks
results are in, already sent voucher codes to the winners.
here is me trying my best to do the thing live: https://t.co/yEK3y480Y6
stay tuned, may be next month I'll do it again!!!
meanwhile you can read my write-ups here:
https://t.co/i77DGYjv8F
thanks guys!!
“अखण्ड-मंडलाकारं व्याप्तं येन चराचरं।
तत्पदं दर्शितं येन तस्मै श्री गुरुवे नम:।।”
अज्ञानता के अंधकार में ज्ञान-ज्योति प्रज्ज्वलित कर आत्मबोध कराने वाले देवतुल्य गुरुजनों के श्री चरणों में कृतज्ञता अर्पण।
सद्गुरु की कृपा से हम सभी अभिसिंचित रहें। यही कामना-यही प्रार्थना।
CVE-2021-36934 | #mimikatz🥝was ready to open files via shadows path, change wasn't required
VSS API needs admin right but, please, stop bruteforce to open first shadowcopy you find
You can list them with NtOpenDirectoryObject & NtQueryDirectoryObject
> https://t.co/Wzb5GAfWfd