APT

@APT_Notes

Channel's geo and language: Russia, English

Category: Software & Applications

This channel discusses:
— Offensive Security
— RedTeam
— Malware Research
— OSINT
— etc
Disclaimer:
t.me/APT_Notes/6
Chat Link:
t.me/APT_Notes_PublicChat

Related channels | Similar channels

Channel's geo and language

Russia, English

APT

18 Apr, 13:52

Forward from: Ralf Hacker Channel

Ой, красота))) Получить данные из LSA без дампа LSASS.

Tool: https://github.com/EvanMcBroom/lsa-whisperer

Blog: https://posts.specterops.io/lsa-whisperer-20874277ea3b

#redteam #pentest #creds #dump

GitHub - EvanMcBroom/lsa-whisperer: Tools for interacting with authentication packages using their individual message protocols

Tools for interacting with authentication packages using their individual message protocols - EvanMcBroom/lsa-whisperer

1.1k 0 52 13

APT

16 Apr, 07:32

Forward from: 1N73LL1G3NC3

CVE-2024-21338

LPE from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.

Blog: https://hakaisecurity.io/cve-2024-21338-from-admin-to-kernel-through-token-manipulation-and-windows-kernel-exploitation/research-blog/

2.3k 0 43 14

Evilginx ❤️ Gophish

The highly anticipated official integration between Evilginx and Gophish has been unveiled in the latest Evilginx 3.3 update. Alongside this major feature, the update brings numerous quality-of-life enhancements.

🔗 https://breakdev.org/evilginx-3-3-go-phish/

#evilginx #gophish #phishing

4.6k 0 72 1 23

APT

27 Mar, 09:23

Forward from: 1N73LL1G3NC3

00:14

Video is unavailable for watching

Show in Telegram

CVE-2024-1086 Linux kernel LPE

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

A full write-up of the exploit - including background information and loads of useful diagrams - can be found in the Flipping Pages blogpost .

4.2k 0 56 18

APT

7 Mar, 19:33

Forward from: PT SWARM

🎁 Source Code Disclosure in IIS 10.0! Almost.

There is a method to reveal the source code of some .NET apps. Here's how it works.

👉 https://swarm.ptsecurity.com/source-code-disclosure-in-asp-net-apps/

3.9k 0 45 1 12

APT

27 Feb, 19:22

Forward from: Внутрянка

Материал про пентест 1С

Еще 1 раз про пентест 1С

Введение Настоящий материал по большей части состоит из общедоступных наработок других людей. Целью было проверить указанные наработки на практике и собрать получившиеся результаты в одном месте. Именно этим объясняется название статьи. Продолжу рассуждение в терминах, обозначенных ранее. По имеющем...

4.6k 0 74 17

APT

19 Feb, 16:11

Forward from: 1N73LL1G3NC3

00:19

Video is unavailable for watching

Show in Telegram

CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability PoC

📜 Description
This script presents a proof of concept (PoC) for CVE-2024-21413, a significant security vulnerability discovered in Microsoft Outlook with a CVSS of 9.8. Termed the #MonikerLink bug, this vulnerability has far-reaching implications, including the potential leakage of local NTLM information and the possibility of remote code execution. Moreover, it highlights an attack vector that could bypass Office Protected View, thereby extending its threat to other Office applications.

5.2k 0 66 1 17

APT

16 Feb, 15:05

Forward from: Ralf Hacker Channel

CVE-2024-21413: Microsoft Outlook Leak Hash

https://github.com/duy-31/CVE-2024-21413

#exploit #pentest #redteam #ad

GitHub - duy-31/CVE-2024-21413: Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC

Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC - duy-31/CVE-2024-21413

4.2k 0 38 8

APT

15 Feb, 16:10

Forward from: SecuriXy.kz

Теперь можно извлекать учетные данные без обращения к диску (Dumping credentials without touching disk) с помощью утилиты #go-secdump которая поддерживает и SOCKS Proxy решая проблему #Impacket

https://github.com/jfjallid/go-secdump

скоро и в Impacket запилят и будет красота
https://github.com/fortra/impacket/pull/1698

3.7k 0 98 15

APT

8 Feb, 14:08

🔑 I Know What Your Password Was Last Summer...

This is a blog post about password analysis and some research regarding frequently hacked NTLM passwords.

🔗 https://labs.lares.com/password-analysis/

#bruteforce #hashcat #ntlm

I Know What Your Password Was Last Summer...

We have spent the last six months researching on the previous two years of prior cracked passwords and built some tools to understand password creation strategies better. Here are the results.

7k 1 81 9

APT

7 Feb, 18:32

⚙️ MultiDump

This is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly. MultiDump supports LSASS dump via ProcDump.exe or Comsvc.dll, it offers two modes: a local mode that encrypts and stores the dump file locally, and a remote mode that sends the dump to a handler for decryption and analysis

🔗 https://github.com/Xre0uS/MultiDump

#lsass #remote #cpp #python

5.1k 0 128 20

APT

6 Feb, 17:49

👍 Whitespots: Application Security Platform

It’s a really powerful security automation platform for those of us who are working on defense side.

🚀 The platform solves such problems as:
— Issues deduplication (within incremental scans + between different scanners using rules);
— Automated verification (using rules);
— Automated resolving (if the issue doesn’t exist in a new report);
— Running of custom tools in a sequence (like Subfinder -> Naabu -> Httpx-> Nuclei);
— Sequences scheduling.

🔗 Source:
https://gitlab.com/whitespots-public/appsec-portal

#devsecops #sast #dast #osa #automation

How to automate vulnerability scanning process?

Use Whitespots Appliation Security portal to quickly discover vulnerabilities within a few clicks

3.9k 0 62 13

APT

6 Feb, 15:04

⚙️ Introduction to Bypassing Hooks EDR

The article explores methods of bypassing EDR hooks in the user mode of the Windows operating system, starting with an explanation of system calls and their role in transitioning between user and kernel modes. Subsequently, various techniques for bypassing hooks are discussed, including direct and indirect syscalls, along with their advantages and potential limitations when used for evading protective mechanisms.

🔗 https://malwaretech.com/2023/12/an-introduction-to-bypassing-user-mode-edr-hooks.html

#maldev #edr #hooks #syscalls

An Introduction to Bypassing User Mode EDR Hooks – MalwareTech

Understanding the basics of user mode EDR hooking, common bypass techniques, and their limitations.

3.7k 0 54 9

APT

2 Feb, 15:23

00:32

Video is unavailable for watching

Show in Telegram

🖼️ Bypass Medium Paywall

A little lifehack if you, like me, come across paid articles from Medium. These sites allow you to read paid Medium articles for free:

🔗 https://freedium.cfd/
🔗 https://medium-forall.vercel.app/

#medium #premium #bypass

27.4k 10 790 3 28

APT

2 Feb, 12:14

Forward from: Ralf Hacker Channel

Набор инструментов для удалённого дампа паролей.

https://github.com/Slowerzs/ThievingFox/

Ну и сам блог:
https://blog.slowerzs.net/posts/thievingfox/

#pentest #redteam #creds

2.8k 0 63 9

APT

31 Jan, 20:06

⛓ Trusted Domain, Hidden Danger

In this blog post describes a prevalent tactic used in phishing attacks, which involves exploiting legitimate platforms for redirection through deceptive links.

Source:
🔗 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trusted-domain-hidden-danger-deceptive-url-redirections-in-email-phishing-attacks/

#phishing #url #redirect

3.8k 0 57 10

APT

31 Jan, 18:14

🖼️ Protect Evilginx using Cloudflare

Using a combination of Cloudflare and HTML Obfuscation, it is possible to protect your Evilginx server from being flagged as deceptive and so increase your chances of success on Red Team and Social Engineering engagements.

Source:
🔗 https://www.jackphilipbutton.com/post/how-to-protect-evilginx-using-cloudflare-and-html-obfuscation

#phishing #cloudflare #evilginx #html

3.6k 0 68 9

APT

31 Jan, 11:42

🖼️ BOFHound

This is an offline BloodHound ingestor and LDAP result parser. BOFHound allows operators to utilize BloodHound's beloved interface while maintaining full control over the LDAP queries being run and the spped at which they are executed. This leaves room for operator discretion to account for potential honeypot accounts, expensive LDAP query thresholds and other detection mechanisms designed with the traditional, automated BloodHound collectors in mind.

Tools:
🔗 https://github.com/coffeegist/bofhound

Research:
🔗 https://posts.specterops.io/bofhound-session-integration-7b88b6f18423

#c2 #bof #cobaltstrike #redteam

GitHub - coffeegist/bofhound: Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel

Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel - GitHub - coffeegist/bofhound: Generate BloodHound compatible JSON fro...

3.6k 0 39 9

APT

28 Jan, 14:13

👩‍💻 Azure Outlook Command & Control

Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid/ScarCruft/APT37.

🔗 https://github.com/boku7/azureOutlookC2

#c2 #azure #outlook #graphapi #redteam

GitHub - boku7/azureOutlookC2: Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.

Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP...

3.5k 0 55 7

APT

26 Jan, 23:07

🐶 SOAPHound

This is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

Tool:
🔗 https://github.com/FalconForceTeam/SOAPHound

Research:
🔗 https://falconforce.nl/soaphound-tool-to-collect-active-directory-data-via-adws/

#ad #windows #bloodhound #soap #adws

3.5k 0 48 10

20 last posts shown.

6 067

subscribers

Channel statistics

Popular in the channel

Evilginx ❤️ Gophish The highly anticipated official integration between Evilginx and Gophish has...

Site language

КриптАрс | Новости, мысли, трейды

$BCCoins

$BCCoins Performance

APT

Channel's geo and language

Category

6 067

Popular in the channel