Top Tweets for #Hacktip
You want to learn programming??
This is a #HackTip
Programming is not about how computer work. But how your brain work.
[#HackTip ⚒️] Something fun I’ve had to do on an engagement today: swapping SYSTEM ↔️ user contexts to decrypt the local state key. The result can be passed to GhostPack’s #SharpChrome as /statekey to get target user’s plaintext cookies 🍪
![snovvcrash's tweet photo. [#HackTip ⚒️] Something fun I’ve had to do on an engagement today: swapping SYSTEM ↔️ user contexts to decrypt the local state key. The result can be passed to GhostPack’s #SharpChrome as /statekey to get target user’s plaintext cookies 🍪 https://t.co/xHWsTwmahN](https://pbs.twimg.com/media/Gage7N9WkAAXJI7.jpg)
@xeno_swift @BonnieGlaser Get ahead of the propaganda game, Bonnie. Write something staggeringly foul about Saudi-Arabia BEFORE your bosses tell you to.
#hacktip
[#HackTip ⚒️] Who even cares about MS17-010 in 2k23?! Well I did at the recent pentest engagement 🤦🏻♂️
(1/) I’ve not practiced #EternalBlue exploitation already for a while, so I decided to deploy a vulnerable VM first in order not to screw up the production server ⤵️
[#HackTip ⚒️] One idea for NTDS on-site dumping without VSS: NTFSCopy (thx @RedCursorSec) + #impacket’s RemoteOperations.getBootKey() + secretsdump[.]py (e.g., via a pre-compiled binary or @naksyn’s awesome Pyramid) 🤪
https://t.co/0UATJuJ1ob
![snovvcrash's tweet photo. [#HackTip ⚒️] One idea for NTDS on-site dumping without VSS: NTFSCopy (thx @RedCursorSec) + #impacket’s RemoteOperations.getBootKey() + secretsdump[.]py (e.g., via a pre-compiled binary or @naksyn’s awesome Pyramid) 🤪
https://t.co/0UATJuJ1ob https://t.co/zKOwYVo0Fj](https://pbs.twimg.com/media/FoOE7tzWAAMNjk3.jpg)
![snovvcrash's tweet photo. [#HackTip ⚒️] One idea for NTDS on-site dumping without VSS: NTFSCopy (thx @RedCursorSec) + #impacket’s RemoteOperations.getBootKey() + secretsdump[.]py (e.g., via a pre-compiled binary or @naksyn’s awesome Pyramid) 🤪
https://t.co/0UATJuJ1ob https://t.co/zKOwYVo0Fj](https://pbs.twimg.com/media/FoOE7tqXwAIBz0v.jpg)
That DIT is going to take forever to exfiltrate. Better to strip the hashes out and exfiltrate those instead.
https://t.co/JpJlpiI2hA
ntdsAudit.exe '.\Active Directory\ntds.dit' -s registry\SYSTEM -p pwddump.txt -u users.csv
Its c#, so you can reflectively load it in PS, too.
[#HackTip ⚒️] A simple post-exploitation tip when you’ve added a GitLab admin from a compomised gitlab-rails console: if there’s only LDAP auth available and you cannot sign in even when you possess valid creds, do this to enable password auth for web 🤓
https://t.co/uJCcbhQZNz
![snovvcrash's tweet photo. [#HackTip ⚒️] A simple post-exploitation tip when you’ve added a GitLab admin from a compomised gitlab-rails console: if there’s only LDAP auth available and you cannot sign in even when you possess valid creds, do this to enable password auth for web 🤓
https://t.co/uJCcbhQZNz https://t.co/AIuP9gQHEm](https://pbs.twimg.com/media/Fi_94tqXECA4Brt.jpg)
![snovvcrash's tweet photo. [#HackTip ⚒️] (1/3) There’re a couple of ways to become a local admin on a box when you possess only the corresponding machine account NT hash. The first one being the well known Silver ticket technique that can be performed via ticketer[.]py from #Impacket ⬇️ https://t.co/QpS7UiULtj](https://pbs.twimg.com/media/Fd-0WecWAAEKL_K.jpg)
[#HackTip ⚒] While guys @_EthicalChaos_ and @an0n_r0 are talking about a legitimate way of jumping into RDP via smart card auth having a certificate, I’ll give a more clumsy approach: UnPAC-the-Hash (PKINIT) ⏭ DisableRestrictedAdmin=0 ⏭ scforceoption=0 ⏭ xfreerdp /pth 🎉
![snovvcrash's tweet photo. [#HackTip ⚒] While guys @_EthicalChaos_ and @an0n_r0 are talking about a legitimate way of jumping into RDP via smart card auth having a certificate, I’ll give a more clumsy approach: UnPAC-the-Hash (PKINIT) ⏭ DisableRestrictedAdmin=0 ⏭ scforceoption=0 ⏭ xfreerdp /pth 🎉 https://t.co/yJG3XOvJAR](https://pbs.twimg.com/media/FancCPRWAAMLki6.jpg)
@DanielCasasB_ @andrescamachom_ @IreneVelezT @MinEnergiaCo #HackTip pon la página en modo lectura, y listo 😉
[#HackTip ⚒] Looking for a legitimate way of achieving #persistence on Windows? How about #AnyDesk silent deployment? 😉
![snovvcrash's tweet photo. [#HackTip ⚒] Looking for a legitimate way of achieving #persistence on Windows? How about #AnyDesk silent deployment? 😉 https://t.co/hKPjvcv7EA](https://pbs.twimg.com/media/FaCLnBZXwAIzcsz.jpg)
![snovvcrash's tweet photo. [#HackTip ⚒] A cool technique for initial AD access during a pentest. Got a Cisco IP Phone nearby? Congrats, you’re (almost) an domain user!
#pentest #ad #cisco https://t.co/847lCaPssv](https://pbs.twimg.com/media/FZZli5gXEAMWF2j.jpg)
![snovvcrash's tweet photo. [#HackTip ⚒] A cool technique for initial AD access during a pentest. Got a Cisco IP Phone nearby? Congrats, you’re (almost) an domain user!
#pentest #ad #cisco https://t.co/847lCaPssv](https://pbs.twimg.com/media/FZZli5eWYAAS-Co.jpg)
![snovvcrash's tweet photo. [#HackTip ⚒] A cool technique for initial AD access during a pentest. Got a Cisco IP Phone nearby? Congrats, you’re (almost) an domain user!
#pentest #ad #cisco https://t.co/847lCaPssv](https://pbs.twimg.com/media/FZZli5XXEAQ5MGr.jpg)
![snovvcrash's tweet photo. [#HackTip ⚒] Such a tiny code snippet that can help you bypass some automatic sandbox detections ⏳
#maldev https://t.co/lsw2j5YpCD](https://pbs.twimg.com/media/FZKZFfnXEAcd3ns.jpg)
[#HackTip ⚒] When there’s not much info revealed about AD sites from CME subnets module, we can combine @_dirkjan’s adidnsdump with @pdiscoveryio mapcidr to get a nicely formatted list of the target intranetworks 🕸
#ad #dns
![snovvcrash's tweet photo. [#HackTip ⚒] When there’s not much info revealed about AD sites from CME subnets module, we can combine @_dirkjan’s adidnsdump with @pdiscoveryio mapcidr to get a nicely formatted list of the target intranetworks 🕸
#ad #dns https://t.co/uRhfx7cQFu](https://pbs.twimg.com/media/FYSMZ_VXgAIPTF9.jpg)
#hacktip nc -nlvp 5656 > puppo (Recieve file via nc)
On sender machine run nc -nv IPofreciever 5656 < file-to-send
The file sent will appear as puppo
[#HackTip 🛠] Some tips and links on how NTDS reversible encryption usage (means you can DCSync cleartext passwords) can be enumerated during an AD security assessment:
🔗 https://t.co/pjUzcqzxYK
🔗 https://t.co/km8ZhkrJrt
#ntds #ad #adsecurity
![snovvcrash's tweet photo. [#HackTip 🛠] Some tips and links on how NTDS reversible encryption usage (means you can DCSync cleartext passwords) can be enumerated during an AD security assessment:
🔗 https://t.co/pjUzcqzxYK
🔗 https://t.co/km8ZhkrJrt
#ntds #ad #adsecurity https://t.co/AdAlQJDz37](https://pbs.twimg.com/media/FVt2g2FWUAE-vHe.jpg)
#HackTip
Si tienes un restaurante, crea un perfil de Tinder y diles a tus Matchs que los verás ahí, que vayan pidiendo. Luego les escribes y les dices que algo paso y no podrás llegar.
Clientes seguros.
[#HackTip 🛠] (1/2) Until I finally get around to watching @ippsec’s video on parsing #BloodHound JSONs with jq, I continue using my crappy Python script for printing neo4j node names in console 🐕
https://t.co/Tjm65TCVdU
#bloodhound #cypher
![snovvcrash's tweet photo. [#HackTip 🛠] (1/2) Until I finally get around to watching @ippsec’s video on parsing #BloodHound JSONs with jq, I continue using my crappy Python script for printing neo4j node names in console 🐕
https://t.co/Tjm65TCVdU
#bloodhound #cypher https://t.co/rPatf4HdaZ](https://pbs.twimg.com/media/FTzLsI5WAAAiRQ0.jpg)
Just uploaded a video on parsing Bloodhound Data with JQ, which allows us to create a lot of interesting lists. My favorite one is looking at passwords that have a set time newer than their last logon time. https://t.co/ZhbHN0KQyQ
![snovvcrash's tweet photo. [#HackTip ⚒] So, you’ve got a DA but feel like missing some plaintext credz or other valuable info in the infrastructure? Inspecting sensitive users’ habits by shadow monitoring their RDP sessions may set you on the right path 👀
#ad #pentest #rdp #shadow https://t.co/CFKoRebnnM](https://pbs.twimg.com/media/FRMJlZPVgAA09Xu.jpg)
#Hacktip
RECUERDEN SOBRINOS: 👌🏻 😉
— Perejil con "P" de pirámide.
— Cilantro con "C" de circulo.
Tip de seguridad: si recorres un edificio buscando Wifi y Bluetooth es fácil ver qué chismes tienes por casa, TVs modernas sobre todo, cámbiales el nombre, no des pistas a los amigos de lo ajeno de lo que tienes en tu vivienda #hacktip
Last Seen Hashtags on Sotwe
forzahorizon5
Seen from United States
IncestMotherSon
AI
Seen from Korea
GolpeMilitarDemocratico
Seen from United States
waifu
Seen from Netherlands
minichat
Seen from United States
Hijabi cum tribute
Seen from Sweden
รีทวิตส่งรูปเด็ด
Seen from Thailand
droneshit
Seen from United Arab Emirates
trans
Seen from Turkey
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers