I just published a new blog post on cross-domain pivoting through an outbound trust in Active Directory.
Check it out here:
👉 https://t.co/XZv1xwJAzS
#redteam#activedirectory#pivoting#infosec#pentest
TailVNC — Drop-in Windows VNC persistence over Tailscale. Single binary, Session 0 bypass, zero exposed ports. Built for offensive security & ops. Inspired by @Yeeb_ 's SockTail.
https://t.co/EaN4DycFi4
#redteam#Pentesting#CyberSecurity
Did you know that you can kerberoast without any valid credentials? All you need is an account that is ASREProastable.
This allows you to request service tickets for any account with a set SPN🔥
NetExec now has a native implementation of this technique, thanks to Azox
I just published a new blog post on cross-domain pivoting through an outbound trust in Active Directory.
Check it out here:
👉 https://t.co/XZv1xwJAzS
#redteam#activedirectory#pivoting#infosec#pentest
Revisiting COM Hijacking
Used for: Persistence via COM hijacking
- Loads payloads into browsers
- Exploits HKCU registry for access
- Avoids noisy direct injection
https://t.co/x3ogEMrCJD
#redteam#pentest#infosec#persistence
MSC_Dropper. Python script designed to automate the creation of MSC (Microsoft Management Console) files with customizable payloads for arbitrary execution, by @MarcelBilal
https://t.co/97k4Hg6nqr
@Carlos_LopezMkt The best approach is to test upstream in a fully monitored environment, so as to analyze each response related to each action performed.
I recommend Elastic EDR, which can be deployed locally for free (trial period).
LitterBox
Sandbox for red team payload testing
- Validate evasion techniques before deployment
- Analyze payload behavior in virtual environments
https://t.co/7BZZH5wh5O
#redteam#pentest#infosec