safe
@safe0x17
Red Team Operator
๐ฆ Introducing ๐ฅ๐๐๐๐ถ๐๐ฒ๐๐๐บ๐ฝโLSASS memory dumper in pure Rust, using ๐ผ๐ป๐น๐ ๐ก๐ง ๐๐ฃ๐๐, creating a ๐บ๐ถ๐ป๐ถ๐บ๐ฎ๐น ๐บ๐ถ๐ป๐ถ๐ฑ๐๐บ๐ฝ from scratch, with no std, no CRT, and just ๐ญ๐ด๐๐! github.com/safedv/Rustiveโฆ #redteam #CyberSecurity
Mildly irritating things seen by malware nerds: - Person saying {thing} evades EDR and/or AV, but they've never performed against an enterprise environment with an active Blue Team (they don't know what they're talking about). Yes, your payload avoided basic analysis, but stopโฆ
I created a hypervisor-based emulator for Windows x64 binaries. This project uses Windows Hypervisor Platform to build a virtualized user-mode environment, allowing syscalls and memory accesses to be logged or intercepted. elastic.co/security-labs/โฆ Project: github.com/x86matthew/Winโฆ
๐ฆ ๐ฅ๐๐๐๐ฃ๐ผ๐๐ฎ๐๐ผ: A Rust implementation of ๐๐ผ๐ฑ๐ฃ๐ผ๐๐ฎ๐๐ผ, abusing ๐ฆ๐ฒ๐๐บ๐ฝ๐ฒ๐ฟ๐๐ผ๐ป๐ฎ๐๐ฒ to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTAPI for various operations. github.com/safedv/RustPotโฆ #redteam #ethicalhacking
๐ฆ ๐ฅ๐๐๐๐ฆ๐ผ๐น๐ถ๐น๐ผ๐พ๐๐: Rust-based Internal-Monologue implementation for capturing NetNTLM hashes locally without touching LSASS. Using SSPI for NTLM negotiation and indirect NTAPIs for core operations. github.com/safedv/RustSolโฆ #redteam #ethicalhacking
Interesting things that happened lately: October 31st: @safe0x17 released RustVEHSyscalls, a Rust port for LayeredSyscalls โ performs indirect syscalls while generating legitimate API call stack frames by abusing VEH October 30th: @FeribHellscream released a paper on forming aโฆ
๐ฆ ๐ฅ๐๐๐๐ฉ๐๐๐ฆ๐๐๐ฐ๐ฎ๐น๐น๐: a Rust port of ๐๐ฎ๐๐ฒ๐ฟ๐ฒ๐ฑ๐ฆ๐๐๐ฐ๐ฎ๐น๐น that performs indirect syscalls while generating legitimate API call stack frames by abusing VEH, bypassing user-land EDR hooks in Windows. github.com/safedv/RustVEHโฆ #RedTeam #EthicalHacking
๐ฆ RustiveDump can now be compiled ๐ฎ๐ ๐๐ต๐ฒ๐น๐น๐ฐ๐ผ๐ฑ๐ฒ (๐ฃ๐๐) using the ๐ฅ๐๐๐๐ถ๐ฐ๐ฒ๐ฐ ๐ฑ๐ฒ๐๐ถ๐ด๐ป. LSASS memory dumper using only ๐ก๐ง ๐๐ฃ๐๐, supporting ๐ซ๐ข๐ฅ and ๐ฟ๐ฒ๐บ๐ผ๐๐ฒ ๐๐ฟ๐ฎ๐ป๐๐บ๐ถ๐๐๐ถ๐ผ๐ป. #redteam #ethicalhacking github.com/safedv/Rustiveโฆ
Choosing the right #cybersecurity #certifications can feel like a maze ๐งฉ. Iโve shared some #tips on how to avoid common pitfalls and align your #CertificationPath with your #CareerGoals. Check it out at link.medium.com/QWxcdtHnlNb #InfoSec #CyberPath
๐ Just dropped Rustic64Shellโ64-bit position-independent reverse tcp shell for Windows, built in Rust! ๐ github.com/safedv/Rustic6โฆ #RedTeam #EthicalHacking #CyberSecurity
New on Medium: Analyzing the Rustic64 Project for building #Windows #Shellcode in #Rust. ๐ฆ๐ป Explore #PIC shellcode creation and dive into the code architecture! Check it out here: ๐ link.medium.com/depGXMredNb #Cybersecurity #RustLang #MalwareDevelopment
I'm excited to share ๐ฅ๐๐๐๐ถ๐ฐ๐ฒ๐ฐ. A Modern 64-bit ๐ฃ๐ผ๐๐ถ๐๐ถ๐ผ๐ป-๐๐ป๐ฑ๐ฒ๐ฝ๐ฒ๐ป๐ฑ๐ฒ๐ป๐ Shellcode Template for ๐ช๐ถ๐ป๐ฑ๐ผ๐๐, written ๐ถ๐ป ๐ฅ๐๐๐! #rustlang #CyberSecurity #redteam github.com/safedv/Rustic64
