scareing @dupu14 - Twitter Profile

A link with 0 VT detection ,dropping a payload with 0 VT detection is an attackers' dream. Here they achieve it by using Syncro, a legit tool used for MSP for running scripts. One can get a subdomain on syncro to monitor their specific instance. Syncro has also been used in past by Muddywaters APT because of their unfortunate suitability. Live stage 1 : livepanel[.]info Syncro custom subdomain: mysergiosanz[.]syncroapi[.]com Sample https://t.co/VBhE22Ayim URL live link https://t.co/0BGS3xjEOX #malware #paintsync #cybersecurity

ankit_anubhav's tweet photo. A link with 0 VT detection ,dropping a payload with 0 VT detection is an attackers' dream.

Here they achieve it by using Syncro, a legit tool used for MSP for running scripts.

One can get a subdomain on syncro to monitor their specific instance. Syncro has also been used in past by Muddywaters APT because of their unfortunate suitability.

Live stage 1 : livepanel[.]info

Syncro custom subdomain:
mysergiosanz[.]syncroapi[.]com

Sample https://t.co/VBhE22Ayim

URL live link https://t.co/0BGS3xjEOX
#malware #paintsync #cybersecurity

2

76

19

26

9K

scareing @dupu14

over 2 years ago

@sunwear_cn 冲🤣

0

5K

dupu14 retweeted

fortunato lodari @flodari

over 2 years ago

The best C2? Microsoft Azure ARC+Automation Account+Hybrid Runbook Worker. Undetectable and signed #redteam #c2

4

183

28

120

26K

dupu14 retweeted

an0n @an0n_r0

over 2 years ago

sometimes in hardened AD env they disable (actually remove) SeDebugPrivilege globally (via GPO) in order to prevent malicious things targeting process memory (like token stealing, etc.) even as local admin. good (or bad) news is that the bypass is easy: https://t.co/IhhHQXLLXV

5

336

119

166

40K

dupu14 retweeted

HackGit @hack_git

almost 3 years ago

HTTP-Shell Multiplatform Reverse Shell. This tool helps you to obtain a shell-like interface on a reverse connection over HTTP. Unlike other reverse shells... https://t.co/eCgvvdupO6 #infosec #pentesting #redteam

hack_git's tweet photo. HTTP-Shell

Multiplatform Reverse Shell. This tool helps you to obtain a shell-like interface on a reverse connection over HTTP. Unlike other reverse shells...

https://t.co/eCgvvdupO6

#infosec #pentesting #redteam https://t.co/DEL628tJ2a

3

579

150

207

52K

dupu14 retweeted

Germán Fernández

@1ZRR4H

about 3 years ago

🚨 1/ Ongoing campaign primarily targeting security researchers here on Twitter. Possibly they are trying to exploit some vulnerability in Internet Explorer and database tools like Navicat. I haven't been able to get the malicious payload yet, but something fishy is going on 🤔

1ZRR4H's tweet photo. 🚨 1/ Ongoing campaign primarily targeting security researchers here on Twitter.

Possibly they are trying to exploit some vulnerability in Internet Explorer and database tools like Navicat. I haven't been able to get the malicious payload yet, but something fishy is going on 🤔 https://t.co/d9Q6JdvC7A

6

332

144

64

99K

dupu14 retweeted

Oliver Lyak

@ly4k_

almost 4 years ago

Certipy reached 1k stars on GitHub. Let’s celebrate with a brand new version, new research, a forked BloodHound GUI with ADCS support, and many new features, for instance Schannel authentication via LDAPS, SSPI authentication, and much more! https://t.co/h85p3cCO1N

18

435

153

78

0

scareing

@dupu14

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users