New blog post is up. @Amarjit_Labu goes through the Tactics, Techniques & Procedures (TTPs) that the Ataware ransomware used in malicious documents to infect targets circa 2019. Check out the post here:
https://t.co/MG0YzRw7AK
#cybersecurity#windows10#maldocs#phishing
you can also use #Pyramid to move laterally without spawning a visible cmd by using pythonw.exe. See the image for an example usage with this socks5 base:
#redteaming#ost#evasion
Hey fellow #Redteamers!
Fancy #EDR got you down? Don't want to risk detection executing beacon/sliver/shellcode just to proxy traffic?
#Pyramid got your back!
No more risky overhead for a proxy!
New base script to use socks5 via SSH tun.:
https://t.co/LA2bOjCgl0
mini-thread👇
New blog post is up. @Amarjit_Labu walks through abusing CVE-2022-26923 via a remote command and control server to get domain administrator privileges on a simulated corporate network.
https://t.co/ntGEFZCc5Q
New blog post alert! Ever wanted to deploy an Active Directory test environment using automation? Check out this post by @Amarjit_Labu on how to do just that using Packer and Vagrant from @HashiCorp
https://t.co/RrRuahHL1f
Today for the #100DaysOfHacking, we are very excited to have an amazing Cyber security Engineer and coordinator @Amarjit_Labu of @MacroSecLtd lead the session on practical Keberos Authentication and attacks around it.
Time 6 - 8PM EAT
Link: https://t.co/xbtjVN3X71
Today we will share an article written by one of our members, @Amarjit_Labu on "BUILDING A BASIC ACTIVE DIRECTORY LAB"
Check it out: 👇
https://t.co/Yzwv0sg2LS
Congratulations to all the participants of the @AfricaHackon CTF. @CyberSpaceKenya doing a fantastic job curating and hosting these challenges. May the infosec space in Kenya and Africa in general keep growing 💪🏽
Here's the final leaderboard. Congratulations to all teams for putting up a brave fight. It was a fun-filled night for us & hope it was too for you.
Preps are underway for next week's @AfricaHackon preconference workshop. Will be looking at malware in particular bypassing AV to get command and control channels running on a Windows target. Register here: https://t.co/HdJNPusRO0
Join @kcsfa mini conference tomorrow from 14:00 EAT and learn from industry professionals. @tyrus_, @evelynmkasina and @Amarjit_Labu will be sharing with the community. Register here: https://t.co/bVuD30qtg9
I will be speaking on the state of malware development in the current times this coming Thursday courtesy of @kcsfa. Gonna be a little of an "exotic" affair 🤣😂🤣. Looking forward to sharing the stage with @tyrus_ & Evelyn Kasina
ANNOUNCEMENT:
We now have our discord server but before we can roll it out to everyone, we need CTF/Vault/Challenge developers first. If you would like to volunteer your experience & develop challenges for our community, please join here https://t.co/pmebSCe3kR.
Join us tomorrow 7-8PM for our community session on Kerberos Attacks with @Amarjit_Labu, lead penetration tester @MacroSecLtd. Kerberos attacks target domain administrator privileges, which provide unrestricted access and control, join in to learn more.
https://t.co/9D0KWRYMSf
MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations of cyber security threats. They’re displayed in matrices that are arranged by attack stages, from initial system access to data theft or machine control.
We are greatly honoured to host both @InfoSecSherpa and @Amarjit_Labu from @MacroSecLtd as key speakers at our cybersecurity mentorship program onboarding session this coming Tuesday.
#printnightmare 4.x - lots of❤️to the printnightmare[.]gentilkiwi[.]com Internet server, but some wanted to have a Lan server.
Legit: many companies don't allow outbound SMB traffic (as some ISP)
> Some PowerShell commands to help: https://t.co/4QmQOGXoOw (& new mimispool.dll)
Good luck to all the participants taking part in #HTBBusinessCTF21. Thank you to @hackthebox_eu for organizing the CTF. May our boys do some pwnage while at it!