IT Guy
@T3chFalcon
Offensive Security Engineer
New attack vector: FileFix. A phishing trick that executes PowerShell straight from your browser no Run dialog, no pop-ups. Just a fake file path + clipboard + File Explorer. Red teamers, this one’s wild. 📽️ PoC + write-up: medium.com/@t3chfalcon/fi…
Great work 👏@mrd0x I'll try to replicate this "FileFix Attack Simulation" 💪
Nice explainer on OAuth consent phishing, and even better news, users will no longer be able to consent like this by default (already started rolling out) mc.merill.net/message/MC1097…
The replies to this blew me away 😅 lots of sharp minds here. The real answer? OAuth Consent Phishing + Token Replay APT-grade tradecraft used by the big dogs like APT29. Even Microsoft got hit with this. 🧵Here’s how it works:
Sharp guy...that's why you're the falcon here. I've never thought of it this way. Thank you chief🙌
The replies to this blew me away 😅 lots of sharp minds here. The real answer? OAuth Consent Phishing + Token Replay APT-grade tradecraft used by the big dogs like APT29. Even Microsoft got hit with this. 🧵Here’s how it works:
Did you know… certutil.exe can: Download remote payloads Base64 decode files Write to disk All using a signed Microsoft binary? This LOLBin is trusted by Defender. Attackers love it. Blue teams often miss it. 👊🏾
Thanks for reading to the end. I'll post more scenarios like this Stay tuned. #RedTeam
Ross Ulbricht was the founder and operator of the Silk Road, a darknet marketplace launched in 2011 on the Tor network. It allowed people to buy and sell illegal goods primarily drugs anonymously using Bitcoin. Ulbricht was arrested on October 1, 2013, at a public library in…
Wow! I like your story and i also wonder what the man Ulbritch has to do with the darkweb creation. Are there differences between freenet,darknet and the darkweb? Just curious
I sell hacking tools. I’ve been selling since. Any Pentester or Redteamer who needs a hardware for their operations. You can dm.
The wireless adapter successfully got to Nigeria after 2 days shipment. From Ghana to Delta State. Thank you @Phosenterprise for trusting me. Please if you’re in Nigeria and you need a wireless adapter let me know. @IamTheCyberChef @akintunero @marshalwahlexyz…
Ethical Hacker / Offensive Security Specialist role. If you fit the JD or know someone who is qualified, forward it to them to apply. Good luck.