Olivia
Online
Liam
@HaxStuff
🏴
New York, NY
Joined November 2009
25 Following
271 Followers
602 Posts
Was recently tinkering with DPAPI and CREDHIST and managed to find a way to extract hashes for old passwords and recover them in a new module written for hashcat. Blog -> https://t.co/iX9mn4DdUd
Wrote a BOF that is able to execute .NET assemblies in-memory via module stomping so ETW / AMSI are seeing a legitimate GAC assembly instead - https://t.co/IimpD8aZ66
The latest Proxmark3 release is called BREAKMEIFYOUCAN!
Not a random name.
That is the actual 3DES factory default key NXP burned into every MIFARE Ultralight C they shipped since 2008.
Somebody finally broke it properly.
The paper drops the keyspace from 2^112 down to 2^28.
Counterfeit cards fall in under 60 seconds from a single card interaction. The tooling is merged: https://t.co/2CYKrRdv22
#Proxmark3 #RFID #NFC #MifareUltralightC #NXP #OpenSource
Just shared a SharePoint file enumeration tool in C#. We have been using it for a while with quite the success via C2.
https://t.co/7NiiSpLU9D
Google research created a dataset with rainbow tables for NetNTLMv1 with the 1122334455667788 challenge.
https://t.co/fLBxwTIY2H
Dataset is available for download at:
▪️https://t.co/mCt6R7y5Pk [Login required]
▪️gs://net-ntlmv1-tables
![sekurlsa_pw's tweet photo. Google research created a dataset with rainbow tables for NetNTLMv1 with the 1122334455667788 challenge.
https://t.co/fLBxwTIY2H
Dataset is available for download at:
▪️https://t.co/mCt6R7y5Pk [Login required]
▪️gs://net-ntlmv1-tables https://t.co/8sh34mJ4yT](https://pbs.twimg.com/media/G4B_bWxW4AAdjlR.png)
Stumbled across a legacy .NET Remoting service during a red team gig — turned out to be a critical unauth RCE (CVE-2025-5333 - CVSS 9.5) in Broadcom Altiris 😅
Details at https://t.co/1eRcZc5vko
This is my research project in creating read, write and allocate primitives that can be turned into an injection in order to evade certain telemetry which I presented last year in RedTreat. I hope everyone likes it \m/.
https://t.co/GY37MMfCGl
🦝 Introducing Raccoon - a C# tool developed by LRQA's @eks_perience for extending the screenshot functionality of Command and Control (C2) frameworks, even capturing minimised windows.
Check it out on GitHub and in our latest Labs article below.
Today we are releasing TokenCert, a C# tool that will create a network token using a provided certificate via PKINIT, by @lefterispan
This is useful for Red Teams giving make-token functionality with certificates instead of passwords.
https://t.co/TvCLIq87t5
Wrote a small C# tool that is able to make a network token using a certificate. Comes handy in RTs ;) https://t.co/XZOfbamxMv
Recently discovered an insecure DCOM deserialization on Dell Power Manager <= 3.15.0 and prior, allowing elevation to SYSTEM. The vulnerability was reported to Dell who assigned CVE-2024-39576 - CVSS 8.8. @tiraniddo's work relevant seven years later and many years ahead 🤯
🚨 CVE-2024-20356: Command Injection in Cisco's CIMC, discovered by LRQA Nettitude's @thackeraaron.
Full technical details and exploit toolkit are included in our latest Labs article below.
#CVE #Cisco #Exploit
https://t.co/xzWJPth7FG
Introducing SharpConflux, a .NET tool built to facilitate Confluence exploration during Red Team engagements.
Find out more and download SharpConflux in our latest LRQA Nettitude Labs article.
https://t.co/d3AXL4jdhH
Calling all Red Teamers 🚨
Today we are introducing Tartarus-TpAllocInject, a new OPSEC-safe loader and technique for bypassing EDR solutions, by @trickster012
https://t.co/mEWnIvU3c7
A TLP RED conference for red teamers.
👌 quality content, some of the best red team firms present, and a group sized small enough so you can speak to everybody and discuss your ideas.
This is 🔥af and what we think confs should be like. We need more like this. #redtreat23
Hunting Posh C2 🎯
You can fingerprint Threat Actors infra even when they change default certs 🤷♂️
Hunting rule 👇
https://t.co/drvTQhHPv6
Introducing ETWHash!
ETWHash is a new method and tool by @lefterispan for consuming SMB events from Event Tracing for Windows (ETW) and extracting NetNTLMv2 hashes for cracking offline.
https://t.co/wLmsQf71J8
Released a small tool that is able to dump crackable hashes from user DPAPI keys https://t.co/KioCIQ4mGg
My sister was diagnosed with Breast Cancer early this year.
I’m doing the Three Peaks to help raise funds. Any donations or shares would be REALLY appreciated! #fuckcancer https://t.co/leFzIVbBez
Last Seen Users on Sotwe
shahbaz
Seen from Pakistan
Türk Porno
Seen from Germany
giant white cocks
Seen from United Kingdom
Memories
Seen from Vietnam
G ชอบผู้หญิงมีอายุ
Seen from Thailand
Arb 🇸🇦🇪🇬🇦🇪🇯🇴🇮🇶🇧🇭🇴🇲🇱🇧🇦🇪🇰🇼🇶🇦
Seen from France
pasutri new 30 an
Seen from Indonesia
emak emak hot
Seen from Indonesia
Furkistayla
Seen from Turkey
yang mau ngewee dm
Seen from Singapore
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers