Olivia
Online
NOODLE
@bragames2
I like to learn about Windows/Active Directory pentesting, Red Team stuff & Maldev enjoyer
$env:LOCALAPPDATA
Joined May 2018
855 Following
436 Followers
2.7K Posts
Create a folder called (calc). Shift+Right click « Open PowerShell Window here » and boom you have a command injection.
@podalirius_ found two command injection vulnerabilities in Windows Explorer's context menus, both exploitable since 9 years. https://t.co/LNNTpKeDnJ
shipping v5 of LitterBox after way too many late nights
real EDR in the loop now. drop an agent on your VM, fire payloads at it, alerts land back with full call stacks. Elastic Defend + Fibratus work. new UI + better performance — notes in the release.
https://t.co/NWCd3KIxXh
DrvEye automates kernel driver analysis to uncover IOCTL paths , symbolic, dangerous primitives, and exploitable code paths, then generates PoCs, fuzzers, and rev artifacts auto
and even check if u can download any new drivers
https://t.co/cWGHmOJPgt
Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system by @virtualloc 🔥
https://t.co/vLwWuLyXi7
Recent supply chain attacks have demonstrated that the most valuable targets are developers 🧑💻
In this new blog post, I'll walk you through the full setup of a phishing attack 🎣 (ab)using GitHub OAuth App to gain control over an account! Trusted domains, free infrastructure, social engineering tricks, ...
🌐 https://t.co/6zFxAUemy6
P.S: I've updated the blog design ✨, hope you enjoy it
After @Coiffeur0x90 found 3 LPEs in Intego antivirus for macOS, @kaluche_ had to check the Windows version too.
Spoiler: it was vulnerable.
Here's the full write up of a symlink attack to achieve Local Privilege Escalation👇
https://t.co/5HOygEPoVP
😁
Bon allez, je me lance.
Petit article, sans prétention, sur les IDOR.
https://t.co/UrF1Dvoz8s
Je sais que le sujet est déjà pas mal traité, mais j'ai essayé de regrouper pas mal de tips and tricks. En français, pour permettre aux non-anglophones de pouvoir comprendre :)
New in the Knowledge Library: Windows system programming in Rust @zodiacon.
windows crate features, unsafe Win32 boundaries, Toolhelp process enumeration, and UTF-16 handling.
https://t.co/vZghAzIPdT
Cette semaine nous avons organisé une formation interne "Android 101" orientée recherche de vulnérabilités.
L'objectif est de présenter le fonctionnement interne d'Android avant de passer à la recherche et l'exploitation de vulnérabilités.
Un grand merci à nos formateurs 🙏
New Sliver release!
> Improvements to shell you can now manage multiple shells and swap between them!
> Windows PE metadata spoofing
> Improvements to MacOS shellcode loader
> Bug fixes
https://t.co/hQ6wTCKMLd
🥳 ProxyBlob V2 is now available 🎉
As promised, here is the new version of ProxyBlob, boosted with aznet. Az-what 🤔?
This version introduces a new Go module called aznet that allows you to use Azure storage services (not just blobs 😏) as a direct replacement for net.Conn!
🏎️https://t.co/AZDniVnzGY
🌐https://t.co/BkczwWO1xi
Complete documentation is available in the aznet repo to understand how it works 📚
Huginn Project:
Project to generate COFF-format shellcode with API for :
- Indirect syscall API
- Stack Spoofing
- Proxied LoadLibraryA calls
Great for UDRLs, stage0 and OPSEC-conscious shellcode.
https://t.co/tIiSlawD8K
Our new website is live 🎉
Check out https://t.co/1XhBsTS8Gs and let us know what you think:
https://t.co/Vt2UVM1oNY
loot and pillage while you can
Even if stealth wasn't the objective, I still wanted to test the next release during my engagement. I must say that I'm very happy with the costs incurred 💸 This is the result of a large number of actions, which led to a massive DCSync with ~ 20k hashes 🎯
Spring is just around the corner, and that's when I offer online training courses on Burp Suite Pro 👨🏫 Two sessions are planned (in English and French), and there are still a few spots left in each.
Contact me to get an early-bird discount code! 💰
https://t.co/7ysNLmvJat
Last Seen Users on Sotwe
Trai Bến Tre thích cho bú
Seen from Vietnam
سالب ممحون الهرم - الجيزة
Seen from Egypt
Mr. A
Seen from Indonesia
Indo bokep 18+
Seen from Indonesia
Excalibur
Seen from Malaysia
농악
Seen from Korea
อ้วนคับ
Seen from Thailand
Türbanlı Sedef
Seen from Turkey
Bursa olgun pasif köle
Seen from Turkey
JSF 
Seen from Japan
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.6M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers