🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

The first blog post is here. This one covers the technical details of CVE-2022-26923 (Active Directory Domain Services Elevation of Privilege Vulnerability). The vulnerability was patched as part of the May 2022 Security Updates from Microsoft. research.ifcr.dk/9e098fe298f4

Have fun everyone Certifried: Active Directory Domain Privilege Escalation (CVE-2022–26923) research.ifcr.dk/certifried-act…

Exploit CVE-2022–26923 -> DCSync as domain controller -> Bypass most of the 4662 event based DCSync detection🤔

I said I'd write up how you could exploit RBCD using a normal user account if you know the password. So here it is tiraniddo.dev/2022/05/exploi…

とりあえずあと4話。

I've wrote an article a few months ago about Kerberoasting with OpSec and I came across someone's work who wrote a tool in C# to enumerate accounts with SPNs, while remaining OpSec. Based on my blog post. github.com/Luct0r/KerberO…

It's #BOFFriday so time for a new Outflank C2-Tool-Collection update: > Psx - Show detailed process information incl. OPSEC checks. > Psc - Show detailed information from processes with established TCP and RDP connections. github.com/outflanknl/C2-…

Recently I got asked to do an overview on ETW. I tried to cover everything useful for #DFIR, including multiple ways to capture ETW, useful providers and finding existing trace sessions. #cybersecurity bmcder.com/blog/a-beggine…

Having some fun to re-implement indirect syscall in C#. netero1010-securitylab.com/evasion/indire…

[RELEASE] After a little wait, I'm happy to present SilentMoonwalk, a PoC implementation of a TRUE call stack spoofer, result of a joint research on an original technique developed by namazso, done with my friends trickster0 and waldoirc. Enjoy! ;) github.com/klezVirus/Sile…

Microsoft Excel now blocking untrusted XLL add-ins by default - Sergiu Gatlan bleepingcomputer.com/news/microsoft…

Today I am releasing a whitepaper and new tool (ADOKit) as part of my X-Force research I will be presenting at Black Hat #BHEU on Wednesday. Links are below 🔗 Whitepaper: ibm.com/downloads/cas/… Tool: github.com/xforcered/ADOK…

Finally, the last release for this year - Brute Ratel v1.8 codename Mirage is here. Various internal updates for evasion such as ETW Kernel telemetry evasion, new unhooking mechanisms for VEH and hardware breakpoints, raw DNS badger and more. Lots of reversing went into this

“Windows Kernel Exploitation — HEVD on Windows 10 22H2” by ommadawn46 medium.com/@ommadawn46/wi…

Binding to port 445 on Windows without WinDivert. This is highly useful for NTLM relaying. Big thanks to Nick Powers for the talk.

Something interesting I found in SCCM remote control. netero1010-securitylab.com/red-team/abuse…

We have all heard about attackers leveraging firewall policies or WFP to block EDRs from communicating with their servers. Today I am releasing a Huntress blog talking about how to mitigate that tampering technique within EDR products: huntress.com/blog/silencing…

Our Cyber 5W's next month #DFIR webinar will be about Windows Scheduled Tasks and GhostTask Investigations. #DFIR #Cybersecurity #infosec If you would like to join, please sign-up below (FREE). bit.ly/ghost-task