DragoQCC
@DragoQccAdversary Simulation @SpecterOps
Similar User
@Octoberfest73
@MalDevAcademy
@werdhaihai
@kleiton0x7e
@zyn3rgy
@OtterHacker
@eversinc33
@VirtualAllocEx
@Jonas_B_K
@d1rkmtr
@waldoirc
@C5pider
@0xBoku
@LittleJoeTables
@d_tranman
github.com/DragoQCC/HardH… Today, I am releasing HardHat C2 on GitHub. HardHat is a multiplayer, cross-platform C2 developed in C# for adversary emulation and red teaming. I would like to give some thanks to my coworkers @SpecterOps and to @_RastaMouse for all their help.
Oh man, when your POC ends up in LWiS even though it's dropped same day! You guys are doing amazing work @badsectorlabs blog.badsectorlabs.com
New tool published which is proving to be useful. Cred1py allows execution of the CRED-1 SCCM attack published by @Raiona_ZA over SOCKS5 UDP by wrapping the awesome PxeThiefy.py from @0xcsandker Enjoy :) github.com/SpecterOps/cre…
Is Kerberos relaying so limited? I'd say no, thanks to @tiraniddo CredMarshalTargetInfo trick. In this case, I'm relaying SMB to HTTP (ADCS) with a modified version of @cube0x0 krbrelay using DFSCoerce and PetitPotam - classic ESC8 attack with Kerberos, no DCOM involved ;)
Check out my recent blog post on the new incremental Dotnet source generators. It covers the basics of getting started, a breakdown of common Roslyn terminology, and logging issues as they come up. posts.specterops.io/dotnet-source-… #dotnet #SoftwareDevelopment #csharp
Want to generate cleaner, more efficient code with Source Generators? @dragoqcc covers the essentials, how to solve common problems, and logging tips in our new blog post. Read more ⤵️ ghst.ly/3N6Vxth
I wrote a blog post about some of the intangible benefits of working as a red team operator and adversary simulation consultant at SpecterOps. It's pretty awesome here. And we're hiring! posts.specterops.io/life-at-specte…
I recently released a Discriminated Union like result type library for .NET github.com/DragoQCC/Union… Some of its key features are - Set up to 16 different return types - Capture custom errors and exceptions - Safely invoke methods without try-catch #Dotnet #csharp #opensource
Just wrapped up DEF CON Demo Labs and published Maestro, a new tool for lateral movement with Intune from C2. Thanks to everyone who came to check it out! I'll be posting a blog and wiki with more info soon, but here's the code and link to today's slides: github.com/Mayyhem/Maestro
What's better than seeing Attack Paths from Active Directory to Azure and back down? Seeing them in dark mode. Check out the new release!
Hybrid Attack Paths across AD & Azure now in BloodHound! 🙌 Along with this update, BloodHound v5.13.0 also includes view improvements & the long awaited Dark Mode! Check out our latest blog post from @JustinKohler10 to learn more about these features. ⬇️ ghst.ly/4ftbqY4
I've published my draft open source C2 specification. github.com/rasta-mouse/OS… All comments and discussions welcome.
My first talk finally landed on YouTube from @SpecterOps #socon24, looking forward to doing it again on a new topic (but can’t bring myself to watch it back 😂) youtu.be/SoTHxMrsXrs?si…
I just published a blog and tool for the LSA Whisperer work that was presented at the SpecterOps Conference (SOCON) back in March. If you are interested in getting credentials from LSASS without accessing its memory, check it out! medium.com/specter-ops-po…
List is complete😂 Thanks to all who joined live! I had a blast, and I hope you all did too🥳 Next week, same time, I'm apparently doing an EDR tier list... 🤡If u missed it, VOD is here: youtu.be/iYKItfBbPoY
I’ve used a lot of Adam’s work throughout the years, and now I actually get to work with him! So excited for him to join the team!
First con talk done. Was scarier than I thought, but in a good way! Looking forward to doing it again! Also excited that I’ll be joining @SpecterOps in April. This is a team that I’ve wanted to work with ever since the company started. I’ve used so many of their revolutionary…
Have you used a web shell on an offensive assessment recently? Were you able to task and create it through your C2 framework? I'm excited to announce the new Arachne agent for Mythic that allows you to do just that! Check it out posts.specterops.io/spinning-webs-…
I fixed some things in SharpSCCM. On @_RastaMouse 's suggestion, it's using dnMerge and the exe is ~1MB now. Still working on getting it under the beacon default task size. Code also reflects the correct SCCM site system roles now, so -mp option is now -sms in a lot of cases🧵
The HardHat Toolbox is finally ready github.com/HardHatToolbox. It contains Rivet, a demo Asset (Implant) written in Rust, along with the Asset Development repo, which contains detailed step-by-step guides and templates to help get you started on writing custom Assets for HardHat.
Alpha 0.3 of HardHat C2 is out, another giant update with around 16k additions & 6k deletions. Includes a ton of bug fixes and new features. Check out the full changelog here docs.hardhat-c2.net/changelog/alph… and try it out here github.com/DragoQCC/HardH…
💡 WHAT IS PURPLE TEAMING AT SPECTEROPS? SpecterOps recently introduced our Purple Team service offering, but what is it? We define it as "the evaluation of security control efficacy through atomic testing using deliberately selected test cases." ghst.ly/3EUVRHB
Get an introduction to the HardHat C2 framework. Check out @DragoQcc's #BHUSA booth presentation. ➡️ ghst.ly/3Q3UTy3 Get HardHat today: github.com/DragoQCC/HardH…
United States Trends
- 1. #IDontWantToOverreactBUT N/A
- 2. #Superman 36,6 B posts
- 3. #mondaymotivation 24,3 B posts
- 4. #SkylineSweeps N/A
- 5. Victory Monday 2.211 posts
- 6. Good Monday 55,6 B posts
- 7. John Williams 1.459 posts
- 8. #MondayVibes 3.289 posts
- 9. Big Bass Xmas Extreme N/A
- 10. SoftBank 6.925 posts
- 11. James Gunn 14,9 B posts
- 12. $BOOST 12 B posts
- 13. Look Up 103 B posts
- 14. Man of Steel 2.085 posts
- 15. Boston Tea Party 3.004 posts
- 16. Jane Austen 2.173 posts
- 17. Immanuel 5.355 posts
- 18. Burna 33,7 B posts
- 19. Boston Harbor 1.339 posts
- 20. Zimmer 3.468 posts
Who to follow
-
Octoberfest7
@Octoberfest73 -
MalDev Academy
@MalDevAcademy -
werdhaihai
@werdhaihai -
Kleiton Kurti
@kleiton0x7e -
Nick Powers
@zyn3rgy -
OtterHacker
@OtterHacker -
eversinc33 🤍🔪⋆。˚ ⋆
@eversinc33 -
Daniel
@VirtualAllocEx -
Jonas Bülow Knudsen
@Jonas_B_K -
Saad AHLA
@d1rkmtr -
waldoirc
@waldoirc -
5pider
@C5pider -
Bobby Cooke
@0xBoku -
Moloch
@LittleJoeTables -
Dylan Tran
@d_tranman
Something went wrong.
Something went wrong.