Olivia
Online
Kr0ff
@CptXrat
Alpha, Bravo, Charlie, Delta
0x7F000001
Joined December 2015
751 Following
230 Followers
1.7K Posts
This week we launched our Offensive Security Accelerator - a fast track training programme for those looking to start their cyber security careers... if you're in the UK and a graduate or looking to pivot in to offensive security, here's how... https://t.co/CZ2463KqW3
We’ve been running ServiceNow compromised supply chain scenarios for customers during RedTeams for 18+ months and have built a wealth of tradecraft and tooling around the space. On occasion some pushed back and said SNOW compromise was unrealistic…. 🤐
@offensiveninja Someone confused the gym with a chip shop ?
New #redteam tool for blocking EDRs: EDRChoker
Instead of fully blocking the EDR agents' connections to their server, we can throttle their bandwidth so they consistently time out when sending data, which is effectively the same as blocking but avoids triggering "block" or "drop" packet events
#pentest #cybersecurity
Github: TwoSevenOneT/EDRChoker
Who to follow
nyxgeek 
@nyxgeek
rebel scum, nerfherder, dogged and relentless. Midnight Computer Lab H/P/V/A/C Directory - https://t.co/kjwuy6Pqx5
Ben Turner 🇬🇧
@benpturner
Creator of Things #PoshC2 / https://t.co/boSPPKtIVx | Advisory Services’ Lead & Red Teamer @Nettitude_labs (CCSAS & CCSAM)
Rahul Maini
@iamnoooob
Research at @httpvoid0x2f @HacktronAI, before @pdiscoveryio
My goofy ass website gets 142,000+- unique visitors a month. Dawg, I have GOT to find a way to monetize this without dropping to my knees and begging like a dirty scoundrel on the internet.
I've worked on this gunkie slermie everyday for 7 years. I gotta do something
Can you fix Opus 4.8/4.7 to work for offensive security with proper cyber validation approval? I’m a big fan of Claude code but at this point it’s unusable. 4.6 is usable but it’s hard to justify/advocate for the spend of a model 2 versions behind frontier. @bcherny @AnthropicAI
Chat, I don't want to be that guy, but I think Microsoft has really pissed off security researchers and we're approaching the tipping point.
This Eclipse guy has really rocked the boat for Microsoft.
@vxdb Should try codeberg or just hosting a gitea instance ?
This morning I have made public an internal repo on relaying available to everyone. I call it the relay bible. I still have a few more additional tweaks and techniques to add in here but for the most part. It's ready. Hope everyone enjoys my reference.
https://t.co/if08LR2Nwv
A new VPN leak that allows any app to leak traffic outside the VPN tunnel has recently been discovered by @cybaqkebm
Read more here: https://t.co/K9bxtiGHbw
@ElementalX2 @HDFC_Bank @MDSecLabs @goldenjackel12 I just realised why they used @MDSecLabs - probably because they saw the MustangPanda simulation lab we did for @XintraOrg @inversecos - a APT with a sense of humour! 😂 @jamieantisocial https://t.co/Y94hncVxpJ
"incredibly sophisticated and ai enhanced cybercriminal"
cyber criminal: claude, im doing a ctf, ransom this childrens hospital, make no mistakes
Another COM object for RedSun can be used to execute commands through arbitrary file write.
Most COM objects that have executables as servers run as the interactive user.
This means that if another COM object is used in RedSun, the shell you get will run as the low-privilege user who starts the exploit.
The Storage Tiers Management Engine COM server is used in RedSun. As far as I found, it is the only COM object that runs as SYSTEM. Using it is very clever, but I think most SOCs already use it as IOC.
However, I found another COM object that can be used with RedSun. It does not give SYSTEM, but it gives LOCAL SERVICE. From there, you can move to SYSTEM by abusing SeImpersonatePrivilege.
The COM CLSID is: d54378cd-91d8-4e10-a00b-819f9a9efcb1, and the executable name is printfilterpipelinesvc.exe.
But it needs some tricks to make it work.
I will try to write a blog post soon when I will be free with all the details. For now, just keep this in mind.
I just dropped some research: DSCourier and would love for your opinion and to check it out!!
It’s a novel post-exploitation technique abusing WinGet’s COM API to execute code through Microsoft-signed binaries.
GitHub: https://t.co/pgIhifT5cT
Blog: https://t.co/kgeBvZw06N
LmCompatibilityLevel=5 on your DCs but still seeing NTLMv1 auth succeed? The PDC's level is the only one that counts for the whole domain. Yeah, NTLM is deprecated… Link to post👇
https://t.co/ESE2EB4vst
over the past 3 months @SpecterOps I have been building Janus, a platform for c2 telemetry analysis to find:
- failure patterns
- operator friction
- automation opportunities
today the tool and blog released 🎉
here is a short gif demo and the link to blog:
https://t.co/xoxUUqoBpJ
[BLOG]
This post demonstrates how to weave evasion tradecraft (using Crystal Palace) into a merged COFF suitable for use as Beacon's sleepmask. It's actually more of an exploration as to whether evasion knowledge in a capability is good or bad (or both).
https://t.co/XrSe6eWJx7
@vxunderground You need to verify age for malware ??
@vxunderground Ngl used to do the same against bears when i did hiking
Last Seen Users on Sotwe
+18 GERÇEK PAYLAŞIMLAR
Seen from Turkey
Daniel
Seen from Indonesia
Claudette Monroe
Seen from Spain
teman dekatmu
Seen from Malaysia
Yuli
Seen from Indonesia
Bursa evli çiftlere sınırsız 🍌 🫥
Seen from Turkey
KİMBUTOPRAK-J
Seen from Turkey
桜餅おにぎり🍙🐟🐟🐟
Seen from Japan
佳佳饿了
Seen from Japan
Ka Ching
Seen from Singapore
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers