Olivia
Online
Dwight Hohnstein
@djhohnstein
IBM X-Force Red
@[email protected]
Joined January 2018
214 Following
3.8K Followers
1.1K Posts
Pinned Tweet
Apollo 2.0 is now out! 7 months and ~450,000 lines of code led to:
- Dynamic Command Loading
- P2P over SMB/TCP
- SOCKS5 Proxying (tested w/RDP/impacket/FireFox)
- "Safe" In-process Assembly Execution
- User-compiled PE execution
- Reduced size (~450kb)
https://t.co/2E71r2xwaf
Mythic 2.3.7 is finally out! This includes an entirely new interface, tab-completable and conditional command parameters, LaTeX reporting, updated ATT&CK mappings, updated agents, and more! Check out the blog at https://t.co/Fy7kxeEuJU and the change log https://t.co/MhpM8LzakI
Ever been on an SCCM site server and *this* close to a DA pw that you couldn't decrypt for some reason? Check out my new blog looking at encryption in use within SCCM sites configured for High Availability and accompanying tooling to recover passwords: https://t.co/tJXwuqKbii
@chompie1337 that's our boy that's wassup
kernel hackers go serverless
ring0 → cloud 9 ☁️ ??
brb pwning yr gpu nodes ✨
Who to follow
Matt Hand 
@matterpreter
Building @originhq | Author, Evading EDR @nostarch
Ryan Cobb
@cobbr_io
Developing training labs and CTFs @SpecterOps
Developer: Covenant, SharpSploit, PSAmsi
Cody Thomas
@its_a_feature_
Mythic Developer (https://t.co/Uz4fOxIUbe) | @SpecterOps @[email protected] | @its-a-feature.bsky.social
I'm releasing a backend for multi-agent AI systems that need to model complex non-linear problems. Kafka handles async agent communication, with ingestion plugins that route data to Neo4j, Qdrant, and MinIO.
Check it out on the IBM X-Force GitHub!
https://t.co/OSNgSAsLcK
To trigger local SYSTEM authentication for relaying to ADCS or LDAP for LPE you would usually need the printer service or EFS service to be enabled (printerbug/petitpotam). Here is an alternative without this requirement 🤠
https://t.co/N3ZIXBVBpo
Azure Arc is Microsoft's solution for managing on-premises systems in hybrid environments. My new blog covers how it can it be identified in an enterprise and misconfigurations that could allow it to be used for out-of-band execution and persistence. https://t.co/CI6U1M9Mbn
Today we unveil BadSuccessor - a new no-fix Active Directory privilege escalation technique.
We will explore the recently introduced dMSA feature, and show how it enables turning a very common, seemingly benign permission, into a full domain take over.
https://t.co/k4roTZE36T
Me and the homies are dropping browser exploits on the red team engagement 😎. Find out how to bypass WDAC + execute native shellcode using this one weird trick -- exploiting the V8 engine of a vulnerable trusted application.
https://t.co/ykJv0sePN9
RemoteMonologue is now live on the X-Force Red GitHub! 🔥
https://t.co/wVylkbFeQV
RemoteMonologue - A Windows credential harvesting attack that leverages the Interactive User RunAs key and coerces NTLM authentications via DCOM. Remotely compromise users without moving laterally or touching LSASS.
Hope you enjoy the blog & tool drop 🤟
https://t.co/ch9WuSP6bm
As promised... this is Loki Command & Control! 🧙♂️🔮🪄
Thanks to @d_tranman for his work done on the project and everyone else on the team for making this release happen!
https://t.co/fR44ukK1Y2
So I wanted to collate a bunch of different attacks you can perform via ServiceNow that we've used pretty regularly, but for which there doesn't seem to be much out there publicly.
RT @retBandit: I am excited to announce the first conference dedicated to the offensive use of AI in security! Request an invite at https:/…
New blog from me on using CLR customizations to improve the OPSEC of your .NET execution harness. This includes a novel AMSI bypass that I identified in 2023. By taking control of CLR assembly loads, we can load assemblies from memory with no AMSI scan. https://t.co/SkiuwSxVfI
A BloodHound collector for Microsoft Configuration Manager https://t.co/SOGgP2OEGE #redteam
But you know what's even better? KrbRelay also works from a low privileged users perspective! 🔥🔥🔥
If you haven't done this yet, please do! It only takes a few minutes and makes it easier for me to help you make your lives easier :)
Dopped a spicy 25-min read exploring adversarial ML 🤠 It's a mix of in-depth & light peppering of the broader field. So much I couldn’t fit (extraction, inversion, poisoning), but I hope it sparks curiosity. Made for learners no fancy background ❤️
https://t.co/QE1j0tu4Jl
NachoVPN - a Proof of Concept that demonstrates exploitation of SSL-VPN clients, using a rogue VPN server https://t.co/keHskrGI7l
Introducing NachoVPN: One VPN Server to Pwn Them All (blog):
https://t.co/HCgHoHOYHY
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers