Olivia
Online
eks
@eks_perience
Joined January 2018
110 Following
205 Followers
51 Posts
Wrote a small C# tool that is able to make a network token using a certificate. Comes handy in RTs ;) https://t.co/XZOfbamxMv
Today we are releasing TokenCert, a C# tool that will create a network token using a provided certificate via PKINIT, by @lefterispan
This is useful for Red Teams giving make-token functionality with certificates instead of passwords.
https://t.co/TvCLIq87t5
I just released my C2 I was working on, on my free time. Feel free to play around make your own forks if you like it. It needs a lot of work but it is a fully rust one with small implant and working sleep obfuscation.
https://t.co/kSu1KW6IYN
Calling all Red Teamers 🚨
Today we are introducing Tartarus-TpAllocInject, a new OPSEC-safe loader and technique for bypassing EDR solutions, by @trickster012
https://t.co/mEWnIvU3c7
Red Team ops need diverse malware for various scenarios. @naliferopoulos of #Hackcraft created #Blueprint, an open-source tool for source-level templating. It enables the use of sinister modules & metaprogramming in Jinja2 syntax. Learn more: https://t.co/K16iPveZer #redteam
Red Team's malware samples often end up in public sources for analysis. Hackcraft's first open-source tool, Fairplay, monitors these to identify payloads & notify operators, ensuring fair play between teams.
Learn more: https://t.co/6iQD1Xe0Tb #redteam #hackcraft
Took me a few days, still don't know exactly how/why it works, but I now have a new-ish on-prem to cloud technique via a Seamless SSO (Kerberos) backdoor key. Some features:
- No GA needed to add key
- Invisible backdoor (no logs in AAD) 🫣
- 1st factor auth to any synced user
Introducing ETWHash!
ETWHash is a new method and tool by @lefterispan for consuming SMB events from Event Tracing for Windows (ETW) and extracting NetNTLMv2 hashes for cracking offline.
https://t.co/wLmsQf71J8
A short🧵 detailing a Kerberos LPE I discovered while working with @tiraniddo on our BlackHat research.
https://t.co/LjM3t1b0DC (CVE-2023-21817)
This was fixed in Feb, but I think some will find the vulnerability & exploitation interesting.
1/
Released a small tool that is able to dump crackable hashes from user DPAPI keys https://t.co/KioCIQ4mGg
Introducing Aladdin, a new tool by @lefterispan for red teamers to generate payloads bypassing misconfigured WDAC and AppLocker.
https://t.co/doyRU7GYad
The last part of A New Attack Surface on MS Exchange - #ProxyRelay is out! Have also left some final thoughts on the Closing part. Hope you all enjoy this journey :D
https://t.co/XOmClEtB4n
Introducing MalSCCM!
Today, we are releasing MalSCCM, a .NET tool by @The_Keeb which enhances PowerSCCM functionality and makes it easier to use over command and control channels.
https://t.co/InO8p0syFj
🥳Introducing PoshC2 v8.0!
Major improvements, including:
* A brand-new native Linux implant;
* The capability to execute Beacon Object Files (BOF) directly from PoshC2;
* Massive SharpSocks rewrite;
* New registry edit module;
* And plenty more!
https://t.co/MZcA52AukX
Got #CobaltStrike BOFs but love #PoshC2? We've got you covered! Introducing 'RunOF', available now.
https://t.co/GIzi3XZ59M
The Russian military website (https://t.co/h3n4oxn0ac) is returning HTTP error code 418 indicating the Russian Military is now a Teapot.
No, this is not a joke.
Relaying Kerberos, for real this time 😁 (teaser, needs some more work)
That's kinda broken 😬😬, Defender For Endpoint (eg ATP) is also affected by the sandboxing tokens method found by @GabrielLandau....
I set myself the challenge of auto executing JavaScript without a click with the animate tag. You can now do this on Firefox and Chrome using the use element.
https://t.co/SvAMIGJI3F
Because clear text passwords is so trendy, I added this small credential provider that I had in stock to #mimikatz
Just 300 lines of ❤❤❤ into this file https://t.co/5XTchc8l50
Works in LogonUI.exe but also in all applications asking for creds
cc: @gentilkiwi @PythonResponder
Last Seen Users on Sotwe
À đen Khmer
Seen from Vietnam
Bokep Terbaru Video Mesum Viral Foto Bugil Montok
Seen from Indonesia
BUNROEUNG RIEV
stewe13
Seen from Singapore
PENIKMAT TANTEH
Seen from Indonesia
Dina Poison
Seen from Turkey
احب الدلع
Seen from Algeria
itirafet
Seen from Netherlands
رورو💗
아델피
Seen from United States
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers