@domchell.bsky.social
๐ค 215
๐ฅ 115
๐ 5
reposted by
Emeric Nasi
2 months ago
Binary injection vulnerabilities can be found in many MacOS apps. Those may be abused to bypass EDR, hide backdoor, access memory, or bypass TCC! DarwinOps provides - An advanced injection vulnerability scanner - A redteam scenario to exploit them
#redteam
blog.balliskit.com/macos-dylib-...
loading . . .
macOS DYLIB Injection at Scale: Designing a Self-Sufficient Loader
Letโs explore Dylib injection and Dylib proxying on macOS (the equivalent of Windows DLL injection)
https://blog.balliskit.com/macos-dylib-injection-at-scale-designing-a-self-sufficient-loader-da8799a56ada
0
3
2
reposted by
harmj0y
2 months ago
Lots of cool new Nemesis features merging in soon from @tifkin_ and I! Development definitely didn't stop with the 2.0 release :)
github.com/SpecterOps/N...
loading . . .
GitHub - SpecterOps/Nemesis: An offensive data enrichment pipeline
An offensive data enrichment pipeline. Contribute to SpecterOps/Nemesis development by creating an account on GitHub.
https://github.com/SpecterOps/Nemesis
0
4
1
reposted by
Phrack Zine
3 months ago
Thanks for the excellent writeup
@intel471.bsky.social
www.intel471.com/blog/the-phr...
loading . . .
The Phrack leak: Examining an APTโs workstation
In August 2025, two anonymous researchers released 9 GB of data from a workstation of a likely advanced persistent threat (APT) group. Hereโs an analysis of the data by Intel 471โs Cyber Geopolitical ...
https://www.intel471.com/blog/the-phrack-leak-examining-an-apts-workstation
0
19
5
reposted by
Clรฉment Labro
6 months ago
๐ New blog post! "Offline Extraction of Symantec Account Connectivity Credentials (ACCs)" Following my previous post on the subject, here is how to extract ACCs purely offline. ๐
itm4n.github.io/offline-extr...
#redteam
#pentesting
3
10
4
reposted by
FalconForce
8 months ago
We are proud to introduce
#dAWShund
to the world: a framework for putting a leash on naughty AWS permissions. dAWShund helps blue and red teams find resources in
#AWS
, evaluate their access levels and visualize the relationships between them.
falconforce.nl/dawshund-fra...
#blueteaming
#redteaming
1
11
3
Our red team is growing and we have a rare open position for a Principal RT Operator - if this sounds like you, get in touch ๐
8 months ago
0
4
3
reposted by
bohops
8 months ago
[Blog] This ended up being a great applied research project with my co-worker Dylan Tran on weaponizing a technique for fileless DCOM lateral movement based on the original work of James Forshaw. Defensive recommendations provided. - Blog:
ibm.com/think/news/f...
- PoC:
github.com/xforcered/Fo...
loading . . .
Fileless lateral movement with trapped COM objects | IBM
New research from IBM X-Force Red has led to the development of a proof-of-concept fileless lateral movement technique by abusing trapped Component Object Model (COM) objects. Get the details.
https://ibm.com/think/news/fileless-lateral-movement-trapped-com-objects
0
15
12
reposted by
Catalin Cimpanu
9 months ago
Prodaft has published a technical analysis of Anubis, a new Python-based backdoor linked to Savage Ladybug (FIN7) operations
catalyst.prodaft.com/public/repor...
0
8
2
reposted by
Catalin Cimpanu
9 months ago
The Blind Eagle APT group has compromised over 1,600 victims inside Colombian institutions and government agencies. The campaign took place in November & December of last year and used an exploit similar to a zero-day exploited by Russian hackers in Ukraine.
research.checkpoint.com/2025/blind-e...
loading . . .
Blind Eagle: โฆAnd Justice for All - Check Point Research
Key Points Introduction APT-C-36, also known as Blind Eagle, is a threat group that engages in both espionage and cybercrime. It primarily targets organizations in Colombia and other Latin American co...
https://research.checkpoint.com/2025/blind-eagle-and-justice-for-all/
0
9
6
reposted by
Andrea P
9 months ago
KrbRelayEx-RPC tool is out! ๐ Intercepts ISystemActivator requests, extracts Kerberos AP-REQ & dynamic port bindings and relays the AP-REQ to access SMB shares or HTTP ADCS, all fully transparent to the victim ;)
github.com/decoder-it/K...
loading . . .
GitHub - decoder-it/KrbRelayEx-RPC
Contribute to decoder-it/KrbRelayEx-RPC development by creating an account on GitHub.
https://github.com/decoder-it/KrbRelayEx-RPC
0
9
10
reposted by
Mehmet Ergene
9 months ago
๐จ Detect C2 Beacons! New Microsoft Defender for Endpoint telemetry provides new opportunities for threat detection! ๐
academy.bluraven.io/blog/beaconi...
#ThreatHunting
#DetectionEngineering
#MDE
loading . . .
C2 Beaconing Detection with MDE Aggregated Report Telemetry
Detecting C2 Beaconing using MDE Aggregated Report Telemetry.
https://academy.bluraven.io/blog/beaconing-detection-using-mde-aggregated-report-telemetry
0
8
3
reposted by
Dirk-jan
9 months ago
It appears Microsoft quietly mitigated most of the risk of the "Intune company portal" device compliance CA bypass by restricting the scope of Azure AD graph tokens issued to this app, making them almost useless for most abuse scenarios. Thx
@domchell.bsky.social
for the heads up.
0
29
9
you reached the end!!
feeds!
log in
