A side effect of 🍎's privacy mindset: in-memory payloads remain largely invisible/inaccessible to macOS security/3rd-party tools
Apple nuked their reflective code loading APIs - but was that enough? 🫣
From #OBTS v7:
"Restoring Reflective Code Loading"
https://t.co/VtREKszXN4
@__invictus_@malcomvetter One objective is just the “avoid eviction” where post DA you deliberately trigger an alert and the team needs to evict you completely
Today, we're releasing NachoVPN, our VPN client exploitation tool, as presented at SANS #HackfestHollywood 2024 🌮🔒
Find the details on the @AmberWolfSec blog, along with the individual advisories, including a not-yet-fully fixed PaloAlto GlobalProtect client RCE👀
🚀 We're hiring a DevOps/Cloud Engineer at Outflank!
Join us to build and manage complex Azure environments that deliver our OST toolkit.
Skills: Kubernetes (AKS), GitOps, IaC, Tekton, Python💻 It's NOT an offensive role!
Based in NL or a time zone-friendly region? Let's chat!
.@buffaloverflow & @johnnyspandex are discussing how to exploit corporate VPN clients for remote root & SYSTEM shells. Join to see live demos on Windows & macOS vulnerabilities & how attackers gain control w/ just one click.
Register Free: https://t.co/keBn9S7HNK
#SANSHackFest
Don't we all get to the point where all you want to do is capture and relay NTLM and Kerberos authentications in a BOF?
It's just faster to write a capture & relaying framework in C for ntlm, kerberos, dcom, smb, http, mssql with native Windows support than fixing impacket.
Available for 0xC2 clients in the coming update
Hands down the best offensive security conference. Free exchange of tactics , findings and awesome ideas. Always come away full of inspiration but this one was on a whole new level
And thats a wrap of #RedTreat 2024
2 days of hardcore red teaming research and meeting other rt researchers and operators. Mind still 🤯 processing some of the discussions!
Thanks to all the attendees and speakers for being present at our little conf! /c @MDSecLabs@OutflankNL