🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Paged Out! Issue #5 is out now! pagedout.institute/?page=issues.p… Happy reading! Please RT and tell your friends! :)

Fancy retrieving plaintext user credentials, deactivation passcodes and uninstall passwords for Palo Alto Global Protect VPN? Thank goodness Palo Alto make that easy for you ... Full write up here : shells.systems/extracting-pla… Tooling available here : github.com/t3hbb/PanGP_Ex…

Not many people are willing to go through the effort of writing an agent in C, and of them, very few are willing (or able) to open source it. silentwarble went beyond even that and also released a blog about it! silentwarble.com/posts/making-m… check them out!

NachoVPN - a Proof of Concept that demonstrates exploitation of SSL-VPN clients, using a rogue VPN server github.com/AmberWolfCyber…

Introducing NachoVPN: One VPN Server to Pwn Them All (blog): blog.amberwolf.com/blog/2024/nove…

Dopped a spicy 25-min read exploring adversarial ML 🤠 It's a mix of in-depth & light peppering of the broader field. So much I couldn’t fit (extraction, inversion, poisoning), but I hope it sparks curiosity. Made for learners no fancy background ❤️ boschko.ca/adversarial-ml/

If you haven't done this yet, please do! It only takes a few minutes and makes it easier for me to help you make your lives easier :)

But you know what's even better? KrbRelay also works from a low privileged users perspective! 🔥🔥🔥

A BloodHound collector for Microsoft Configuration Manager github.com/CrowdStrike/sc… #redteam

New blog from me on using CLR customizations to improve the OPSEC of your .NET execution harness. This includes a novel AMSI bypass that I identified in 2023. By taking control of CLR assembly loads, we can load assemblies from memory with no AMSI scan. securityintelligence.com/x-force/being-…

I am excited to announce the first conference dedicated to the offensive use of AI in security! Request an invite at offensiveaicon.com. Co-organized by RemoteThreat, Dreadnode, & DEVSEC. The Call for Papers opens Tuesday, March 25, 2025, and will remain open until Friday,

So I wanted to collate a bunch of different attacks you can perform via ServiceNow that we've used pretty regularly, but for which there doesn't seem to be much out there publicly.

As promised... this is Loki Command & Control! 🧙‍♂️🔮🪄 Thanks to Dylan Tran for his work done on the project and everyone else on the team for making this release happen! github.com/boku7/Loki

RemoteMonologue - A Windows credential harvesting attack that leverages the Interactive User RunAs key and coerces NTLM authentications via DCOM. Remotely compromise users without moving laterally or touching LSASS. Hope you enjoy the blog & tool drop 🤟 ibm.com/think/x-force/…

RemoteMonologue is now live on the X-Force Red GitHub! 🔥 github.com/xforcered/Remo…

Me and the homies are dropping browser exploits on the red team engagement 😎. Find out how to bypass WDAC + execute native shellcode using this one weird trick -- exploiting the V8 engine of a vulnerable trusted application. ibm.com/think/x-force/…

Today we unveil BadSuccessor - a new no-fix Active Directory privilege escalation technique. We will explore the recently introduced dMSA feature, and show how it enables turning a very common, seemingly benign permission, into a full domain take over. akamai.com/blog/security-…

Azure Arc is Microsoft's solution for managing on-premises systems in hybrid environments. My new blog covers how it can it be identified in an enterprise and misconfigurations that could allow it to be used for out-of-band execution and persistence. ibm.com/think/x-force/…

To trigger local SYSTEM authentication for relaying to ADCS or LDAP for LPE you would usually need the printer service or EFS service to be enabled (printerbug/petitpotam). Here is an alternative without this requirement 🤠 github.com/rtecCyberSec/R…

I'm releasing a backend for multi-agent AI systems that need to model complex non-linear problems. Kafka handles async agent communication, with ingestion plugins that route data to Neo4j, Qdrant, and MinIO. Check it out on the IBM X-Force GitHub! github.com/xforcered/Agen…