Olivia
Online
Snowscan
@snowscan
Load "$",8; Red Team
Canada
Joined January 2009
424 Following
6.2K Followers
374 Posts
Relayed NTLM creds are powerful, if you can use them.
@senderend shows why browsers fail through ntlmrelayx SOCKS and introduces ghostsurf to make NTLM-authenticated web apps accessible.
Read more ⤵️ https://t.co/BdtzoKquD1
@b13bs_ AWS explicitly prohibits using Amazon API Gateway for outbound pentesting now: See prohibited activities -> https://t.co/mLijd1DUIu
And the source code: https://t.co/vUVnuoSoDv
My new blog for Check Point Research - check it out! 💙 // #ProcessInjection : #WaitingThreadHijacking
#pypykatz new version 0.6.11 is out on github and pip.
Big thanks to all awesome contributors!!
Besides the fixes, the two important things in this version:
- Kerberos aes keys extraction is now supported
- !!!!Windows 24H2 support is here!!!!!
https://t.co/BFvq0VMkWD
Introducing PowerHuntShares 2.0 Release!
NetSPI VP of Research @_nullbind introduces new insights, charts, graphs, & LLM capabilities that can be used to map the relationships & risks being exposed through the network shares: https://t.co/t04BNLmuot
@Bell Is this a standard fiber cabling installation? Running the fiber over my neighbor's driveway?
CcmPwn is equipped with various modules. The “exec” module runs an AppDomainManager Injection payload for every logged-in user. The “coerce” module coerces SMB/HTTP authentications, which can then be used for password cracking or relay attacks. 👇
https://t.co/QrfZr4VGKB
Struggeling to get those precious certificates with #certipy and AD CS instances that do not support web enrollment and do not expose CertSvc via RPC? @qtc_de has you covered and added functionality to use DCOM instead of good old RPC #redteaming https://t.co/uyeXu8XeBQ
@MarcOverIP @podalirius_ @OutflankNL @msftsecresponse Pretty sure this is using the Windows Search Service. My own implementation here: https://t.co/qKeUfdaKB8
It's been quiet for a while around bloodhound Python, however I'm happy to share that I am now maintaining the project at my personal GitHub. The latest version fixes many bugs/issues, also thanks to the many PRs that were submitted (thanks all!). https://t.co/biBprRdgJj
Do you want to start the RemoteRegistry service without Admin privileges?
Just write into the "winreg" named pipe 👇
@splinter_code I think this only works if the service start type is not disabled, otherwise triggers are inactive.
@reversebrain congrats!
Did Bethesda hire the Microsoft UX team to work on Starfield? This is so shit. Really disappointed with the game so far.
Thanks to the generous folks @bcsecurity @hackthebox_eu @SANSOffensive @sektor7net and @nostarch for sponsoring prizes at the DEF CON Red Team Village CTF!
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.2M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers