Sarthak Saini
@Sarthak_0000Security enthusiast || Love to Automate || Security Researcher || opinions are my own ;)
Similar User
@sagarparmar121
@pratikyadav7_
@win3zz
@princechaddha
@Shubham_4500
@mrgretzky
@LearnerHunter
@Hackers_Guild
@swaroopsy
@garethheyes
@pentest_swissky
@SynackRedTeam
@gauravnarwani97
@infosecRavi
@MrUn1k0d3r
Hi all, For past three years, we have have been maintaining a resource channel on discord, Today we are releasing a fork of @ippsec 's website for our own server, thanks to ippsec for the foundation of the website. Link: search.redteam.fail
over the years our discord server created by @Sarthak_0000 has been collecting various red team resources. so now we have a search engine to search this resources search.redteam.fail
Red Teaming in the age of EDR: Evasion of Endpoint Detection Through Malware Virtualisation blog.fox-it.com/2024/09/25/red…
Nice work! Much more comfortable than my old implementation 🙌 github.com/nbaertsch/nimv…
New technique to bypassing EDRs with EDR-Preloading. Tldr: blocking EDR from loading it's DLL into a process preventing the deployment of user land hooks. malwaretech.com/2024/02/bypass…
My first research and tool are finally out. If you want to deep dive into some CLR internals and understand how we can abuse it to blend-in within its own logic go check it out. Hope you'll enjoy the read. ipslav.github.io/2023-12-12-let…
My latest blog post about avoiding kernel triggered EDR memory scans via Caro-Kann PoC is now released: 🔥 r-tec.net/r-tec-blog-pro…
Here's Process Stomping injection and how you can use it in a Mockingjay-ish way to load a Beacon on a exe's RWX section using sRDI. Check it out! Blog: naksyn.com/edr%20evasion/… Tool: github.com/naksyn/Process… Thanks to @hasherezade and @monoxgas for their awesome work
It's time to share the tips and tricks I used to dig into the .NET runtime implementation: it is not as complicated as it might seem :^) chnasarre.medium.com/bd67d884f8da?s…
Just finished Grand Theft Auto – RF Locks Hacking Flipper-Zero Edition Part 2 chaos-lab.blogspot.com/2023/10/grand-…
We are excited to share a new "threadless" process injection technique by @dec0ne This new technique utilizes DLL Notification Callbacks in the remote process to trigger the shellcode github.com/ShorSec/DllNot… Detailed blog post: shorsec.io/blog/dll-notif… Demo video in next tweet
Material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low" github.com/VirtualAlllocE… #redteam
Are you into cloud hacking? Got an MS Graph token but unsure what to do with it? Do you want to forge your own primary refresh token with a malicious device registration. I got you covered. Bypass MFA like a boss with this guide. #Azure trustedsec.com/blog/hacking-y…
MalDev Academy is ready! Website: MaldevAcademy[.]com Launch date: April 16th, 2023 - 32 Beginner modules - 49 Intermediate modules - 10 Advanced modules - 20 in the works for updates in the next few months - 65 Custom code samples Very fair pricing, starting at 249$ @NUL0x4C
New technique to dump NTDS remotely WITHOUT DSRUAPI: github.com/zblurx/certsync (Golden Certificates + UnPAC the hash automation) Thanks @ly4k_ for certipy, which my script heavily relies on.
Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime github.com/D1rkMtr/Unhook…
Hello ! I've just released my first blogpost about VLAN Hopping and how to exploit and mitigate it. Post is available in French 🇫🇷 and English 🇬🇧. Feel free to check it out and give me any kind of feedback 😄 bwlryq.net/posts/vlan_hop…
Today we're publishing new techniques for recovering NTLM hashes from encrypted credentials protected by Windows Defender Credential Guard. These techniques also work on victims logged on before the server was compromised. research.ifcr.dk/pass-the-chall…
I pushed all the NtCreateUserProcess stuff to my D/Invoke wiki. dinvoke.net/en/ntdll/NtCre…
Check out this fantastic blog post about detecting and evading sandboxing through time-based evasion written by a friend of mine: shubakki.github.io/posts/2022/12/…
Execute commands as another user w/t dumping LSASS or touching the ADCS server ? Thanks to @Defte_ a new module has been added to CrackMapExec 🚀 The module will impersonate any logged on user to exec command as "this" user (system, domain user etc) 🔥
United States Trends
- 1. CASSANDRA 32,9 B posts
- 2. #SmackDown 111 B posts
- 3. Kyrie 9.304 posts
- 4. Caleb Love 1.723 posts
- 5. Jamal Murray 2.104 posts
- 6. Jokic 13,9 B posts
- 7. Naji 4.830 posts
- 8. Lively 8.819 posts
- 9. Klay Thompson 3.075 posts
- 10. CM Punk 31,8 B posts
- 11. Nuggets 29,9 B posts
- 12. Khalid 33,8 B posts
- 13. Franco 73,9 B posts
- 14. Checo 21,2 B posts
- 15. #LasVegasGP 66,7 B posts
- 16. PJ Washington 1.604 posts
- 17. Cooper Flagg 1.827 posts
- 18. Paul Heyman 13,4 B posts
- 19. Westbrook 4.510 posts
- 20. Duke 35,5 B posts
Who to follow
-
Sagar M Parmar
@sagarparmar121 -
Pratik Yadav
@pratikyadav7_ -
Bipin Jitiya
@win3zz -
pwnmachine
@princechaddha -
Shubham Patel
@Shubham_4500 -
Kuba Gretzky
@mrgretzky -
Aakash Choudhary
@LearnerHunter -
luffydragneel
@Hackers_Guild -
Swaroop Yermalkar 👨🏻💻
@swaroopsy -
Gareth Heyes \u2028
@garethheyes -
Swissky
@pentest_swissky -
Synack Red Team
@SynackRedTeam -
Gaurav Narwani
@gauravnarwani97 -
Ravi Rajput
@infosecRavi -
Mr.Un1k0d3r
@MrUn1k0d3r
Something went wrong.
Something went wrong.