enoire

#Log4J latest exploitation strategies @ankit_anubhav just got a sample of a base64 serialized payload, this will likely become the dominate strain of weaponization soon. In addition the attackers are launching them from Google cloud addresses.

While everyone is focused on #log4j Defenders really need to patch their domain controllers against CVE-2021-42278 and CVE-2021-42287 released on 11/9/21 MS Guidance: support.microsoft.com/en-us/topic/kb… Exploit POC: github.com/WazeHell/sam-t… Me dropping into a DC from a standard AD user:

🚨 Over 250,000 Fortinet firewalls publicly accessible on the Internet. They just dropped a patch for a major Remote Code Execution vulnerability. ...and then announced the vuln may have been used in attacks already. Lets dive in 👇

Collection of Wordlists for #BugBounty | Thanks to the Researchers for sharing this. gist.github.com/yassineaboukir… github.com/0xspade/Combin… github.com/six2dez/OneLis… github.com/orwagodfather/… #bugbountytips #bugbountytips #cybersecuritytips #infosec #cybersecurity #Pentesting

Reverse Engineering a #CobaltStrike #malware sample and extracting C2's using three different methods. We'll touch on #cyberchef, #x64dbg and Speakeasy from fireeye to perform manual analysis and emulation of #shellcode. A (big) thread ⬇️⬇️ [1/23]

Is there anyone following (or not) me who's real, real good at encryption? Got a question about Bouncy Castle in relation to EngageOne Server and ActiveMQ.

Up and getting ready for a cyber conference but like...how do people function when they are awake this early in the day??

6 Burp Extensions to Check for Access Control & Privilege Escalation Issues. 🧵

If you compromise a member of the Backup Operators group there is a direct path the become Domain Admin without a RDP/WinRM access to the DC ! Dump and export the SAM remotely on a remote share ! 🔥🎉 Thanks to @filip_dragovic for the initial POC ! github.com/mpgn/BackupOpe…

Good news ! CrackMapExec v5.2.2 is now available through @kalilinux 🎉 Lot of juicy features available : ➡️ LAPS support ➡️ BloodHound integration ➡️ no more CTRL-C ➡️ lot of new modules ➡️ LDAP support improvement Update your Kali ⬇️ apt update && apt install crackmapexec

Got this gorgeous ball python this week from my local shelter. After a full cleanout of the tank, he seems happy and active. He wasn't hungry when I tried to feed him so I'll wait a few days to let him settle into his new home. Tank is next to my desk so he gets used to my voice.

it has been long time since i updated it. anyway it has been rebuild to match @BurpBounty new profile syntax, deleted another bb and add detection for #log4j CVE-2021-44228 with and without waf bypass. github.com/Sy3Omda/burp-b… #bugbountytips

I'm phoning it in -- red teams, if folks are saying they're patched to log4j, I sincerely hope you're hitting their environment with merciless creativity. Orgs, if you think you're fully patched, time to bring in the red teams. Trust but verify.

Are there any red team managers following me where I could pick your brain for a quick second?

Full article: news.sophos.com/en-us/2021/12/…

Ok guys, I need new feeds to browse. Where do you go to find information on new and upcoming TTPs and tools for offensive security?

New #Log4j attack vector analysis via @Junior_Baines: VMware vCenter Server trivially exploitable by remote, unauthenticated attackers. Details, PoC, and IoCs available here. attackerkb.com/topics/in9sPR2…

#log4j Update: IF YOU WERE DEPENDING ON JAVA VERSIONS TO PROTECT YOU FROM RCE INSTEAD OF DIRECTLY PATCHING LOG4J THAT IS NO LONGER A VIABLE MITIGATION STRATEGY *ALL* VERSIONS OF JAVA CAN NOW TRIGGER FULL RCE DUE TO A BYPASS PATCH LOG4J ASAP

Can't wait to spend my weekend following laser eye surgery tomorrow watching @glock9gamer play 7DTD Alpha 20. Glad you made the list buddy!