Olivia
Online
0x12 Dark Development
@Salsa12__
Offensive Security
Joined February 2022
219 Following
2.1K Followers
1.1K Posts
Pinned Tweet
Today I'm launching 0x12DarkSandbox, my biggest project to date🥂🥂
Built for offensive security professionals who want to understand not just whether a payload is detected, but exactly how and why it gets caught
https://t.co/sTlq2l3bTr
More info here:
https://t.co/EUsnZm1u7B
@mihomoparty Is similar to vuln drivers, the Microsoft ones usually don't have many vulnerabilities, but the third party ones yes, it's exactly what we are searching here, DLLs from third party apps or projects with RWX (in the example of the post we use a simple DLL from the Git application)
Bring Your Own RWX Region DLL (BYORWXDLL)
New Medium post, today we are exploring a technique I call Bring Your Own RWX Region DLL, inspired by the well-known BYOVD (Bring Your Own Vulnerable Driver)
https://t.co/slNKv9qF4W
Honestly, what is this ? I got a response from @github support team. So here after legal Security Research and PoC's is not allowed on GitHub ?
I'm Completely got disappointment by @github and @Microsoft @MsftSecIntel .
In what ways i distribute and share malware. Can anyone tell me if there is a mistake from my side, did i share 0 days, vulnerabilities, direct binaries or full exploit chain that harm users ? NONE ?
is posting Legal source codes and tools that are made of public PoCs are wrong ? there are thousand of full chain real expoits that bypasses EDRs, C2s that evades security solutions, phishing kits that bypasses MFA of Microsoft out there in @github , if that is legal then why cant this simple publically made poc can't be in the github ?
I have replied regarding my statements, please don't disappoint younger legal windows security researchers like this. I have some little hope on @github @Microsoft @MsftSecIntel .
I have a little hope. So Please don't make me loose on @github & @Microsoft & @MsftSecIntel .
Ticket ID: #4440743
Will be waiting for your kind response. Thank you.
https://t.co/FTpHwmDK8D
#github #microsoft #security #research
Remembering the Early Cascade Injection
Instead of loading a vulnerable driver to gain kernel read/write primitives, this technique abuses legitimate, signed DLLs that already contain pre-defined RWX (Read+Write+Execute) memory regions when loaded into a process.
Hey @martinwoodward
My GitHub account was flagged without any prior notice. I'm a college student and have been an active open-source contributor for over 4 years. I've released multiple security research projects and even contributed to Microsoft's open source editor.
My repositories help security researchers test and strengthen defensive systems through authorized work. Today I was releasing updates to a new tool when the flag occurred. I've already submitted a reinstatement request (Ticket #4440743).
So I kindly request you to help and resolve this issue.
Thank you
@babykuteok15 Some of these ones don't work in some build versions, my recommendation, test all the ones of this repo:
https://t.co/oHwiwyl7HB
Sysprep.exe UAC Bypass via AppID Hijack
New Medium post, today we will see another UAC bypass technique through Sysprep.exe approaching the AppID Hijack technique!
https://t.co/OAM4FKxIUp
Bring Your Own DLL with RWX spaces
Remembering about set anti-malware level PPL with an unsigned driver
Eventvwr.exe UAC Bypass via mscfile
New Medium post. Today, we’ll take a look at one of the most popular UAC bypass techniques in Windows and explore how it abuses Event Viewer to execute code with elevated privileges
https://t.co/ChFWSSNsJo
Another classic UAC bypass, in this case is approaching sysprep.exe
Tomorrow in Medium
UAC Bypass via ComputerDefaults.exe
New Medium post, this week we will look at a series of three basic but always useful well documented UAC Bypasses in Windows. Today ComputerDefaults.exe as the first one
https://t.co/iPgLfu2zkR
Classic Windows UAC bypass via computers.exe
@Pepperstone_1 You can find it on the internet, anyway tomorrow in medium
Remote PEB Walking: Enumerating Loaded Modules
New Medium post, today we are enumerating remote modules walking the PEB, a stealthy way to do it instead of relaying on the classical ways!
https://t.co/JDBdsE9y4R
Shitty custom driver to play with Windows registries, just for fun
Last Seen Users on Sotwe
istri orang
Seen from Indonesia
NazliBerkcan
Seen from Germany
Öznur
Seen from Turkey
BAY GÖLGE evli çift
Seen from Turkey
Olgun Sırdaş
Seen from Turkey
EllinikesKavles (15k)
Seen from Sweden
rivalhdyt
Seen from Indonesia
Suka Kontol Bapak Wito
Seen from Indonesia
😈مہضہيہع شہرفہك😈
Seen from Egypt
🍃ʝɛØʀʝɛ🍃
Seen from Turkey
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers