Local SYSTEM auth trigger for relaying🕵️♂️
#penTest
A tool to transform Chromium browsers into a C2 Implant🕵️♂️
Weaponize DLL hijacking easily. Backdoor any function in any DLL🕵️♂️
A Python reconnaissance tool designed to discover Azure services and attribute tenant ownership information based on their responses.🕵️♂️
https://github.com/NetSPI/ATEAM
#infosec #cybersecurity #pentest #redteam #cloud #opensource
Mini Pen Test Diaries story, happened in the last couple of years. The debrief meeting went like this:
“In your report you said you we’re able to crack the domain admin account instantly because the password was stored using the LM hash?”
“That’s right, yes.”
“But we’ve had LM hashing disabled for like 15 years, that can’t be possible?!”
“When was the last time that password was changed?”
“Well it’s been the same since I got here, 20 years ago.”
“And what hashing mechanism do you think was used back then?”
“Oh no."
For more, less mini stories like this, check out https://infosecdiaries.com.
OS fingerprinting works by analyzing a system’s network responses or behavior to identify its operating system. In offensive security, it helps attackers tailor exploits to known OS-specific vulnerabilities
Here are freely available OS fingerprinting tools 😎👇 #linux #infosec #pentest
Find high-res pdf books with all my #cybersecurity related infographics at https://study-notes.org
DEFCON Workshop: Putting EDRs in Their Place
Killing and Silencing EDR Agents Like an Adversary
#red_team #defcon #edr #pentest #hacking #lab
**Setup**
https://github.com/arosenmund/defcon33_silence_kill_edr/blob/main/0-setup/README.md
**EDR Killing**
https://github.com/arosenmund/defcon33_silence_kill_edr/blob/main/1-edr-killing/README.md
**Custom EDR Evasion**
https://github.com/arosenmund/defcon33_silence_kill_edr/blob/main/2-custom-edr-evasion/README.md
FindMeAccess is a tool useful for finding gaps in Azure/M365 MFA requirements for different resources, client ids, and user agents🕵️♂️
https://github.com/absolomb/FindMeAccess
#infosec #cybersecurity #pentest #redteam #azure #entra #cloud #opensource
„Recursive Request Exploits (RRE) trace API chains backward from a protected resource (like a video stream) back to it's origin.
If any upstream API is unauthenticated, the whole chain can be abused to bypass access. This Burp extension automates this to find low-trust inputs that generate high-value outputs”
https://github.com/jumpycastle/rre-burp
#pentest #pentesting #vulnerability #appsec #webdev #programming #cybersecurity
Arch is down (again). AskUbuntu is hotter than OnlyFans. Kali’s fresh ISO comes with 500 updates pre-installed. BlackArch is a museum of broken clones. BackBox vanished like a ghost.
Meanwhile, the few who actually know what they’re doing quietly grab BashCoreTX.
No drama, just domination. 😆👊💪
#LinuxLife #Pentest #BashCoreTX #ArchIsDown #Cyberpunk #NoHypeJustShell
A post about how misconfigured Intune certificate deployment via ADCS can enable attackers to escalate from a cloud-managed endpoint to Domain Admin in Active Directory🕵️♂️
https://dirkjanm.io/extending-ad-cs-attack-surface-intune-certs
📢Neu im Research-Blog: Red-Team Glossar
Begriffe wie #RedTeaming #Penetrationstest oder Adversary Simulation begegnen uns immer wieder – doch was bedeuten sie wirklich? Unser Glossar bündelt die wichtigsten Fachbegriffe aus der Welt der offensiven #Cybersicherheit an einem Ort.
Klar strukturiert und verständlich von unseren Experten Marcel Heisel und Rouven Koslowski erklärt, hilft es dabei, die oft missverständlich oder inflationär genutzten Begriffe richtig einzuordnen und besser zu verstehen.
Jetzt aufschlauen 👉 https://research.hisolutions.com/2025/08/red-team-glossar/
#ResearchBlog #Resilienz #Pentest
A post that describes a scenario in which a user could be coerced into inadvertently giving an attacker access to their entire home drive or other network shares🕵️♂️
https://blog.delivr.to/filejacking-exfiltrating-mapped-drives-from-the-browser-bb0af6736625
🎥 Missed one of my past conference talks? Let’s fix that.
I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.
“DIY Azure Security Assessment" - with Teri Radichel
📽️ https://twp.ai/4ipUKe
A tool designed for smuggling interactive command and control traffic through legitimate TURN servers hosted by reputable providers such as Zoom🕵️♂️
Using Notion for Cybersecurity Notes
In this article, I covered creating files, organizing them, making to-do lists, building tables, and setting up timelines — all of which will help you start exploring this tool with more confidence and apply it to your cybersecurity needs.
https://air-academy.org/using-notion-for-cybersecurity-notes/
#notion #cybersecurity #tech #osint #pentest
New cheatsheets pushed🕵️♂️
https://github.com/r1cksec/cheatsheets
#infosec #cybersecurity #redteam #pentest #malware #phishing #osint #opensource
PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph🕵️♂️
BRS-XSS: Новое поколение сканера уязвимостей XSS
BRS-XSS - это профессиональный инструмент для сканирования уязвимостей Cross-Site Scripting (XSS), разработанный компанией EasyProTech LLC в рамках экосистемы Brabus Recon Suite (BRS). Он создан разработчиком Brabus и впервые опубликован 7 августа 2025 года. Проект ориентирован на специалистов по информационной безопасности, пентестеров и командный редтиминг. Архитектура построена на Python с акцентом на модульность, масштабируемость и практическое применение. Репозиторий: github.com/EPTLLC/brs-xss
PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph🕵️♂️
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst