Kerberoasting without SPNs by @_mohemiv, spoof any gmail/gsuite customer with a technique from @ezhes_, SharpBlock in memory loading by @_EthicalChaos_, new COM based lateral movement from @El3ct71k, Windows LPE by @RedVuln, and more!
Azure AD to on-prem lateral movement by @_wald0, a new Windows un-hooking project from @peterwintrsmith, 🔥 Russian Linux malware analysis from @NSACyber, modern AV evasion primer from @_batsec_, dumping LSASS from the kernel by @zerosum0x0, and more!
A new telemetry inspection tool by @Jackson_T, macOS goodies from @_D00mfist and @patrickwardle, subdomain finding enhancement from @TheXC3LL, malleable droppers from @s0lst1c3, true red teaming from @pruby, and more!
A ton of macOS exploits and techniques from @xorrior, @A2nkF_, @mattshockl, and @vladimir_metnew, Zoom meeting bruteforce by @TomAnthonySEO, Windows driver fun by @brsn76945860, a burp technique from @n00py1, and more!
NTLM relaying via Citrix Workspace by @_EthicalChaos_, access the entire AD database via Exchange with a new tool from @_mohemiv, a new Go based C2/Agent from @paragonsec and team, phishing tips from @lorentzenman, and more!
Sophos XG 0day discovery by @ramoliks and @niph_, a D/Invoke primer by @_RastaMouse, EDR bypass via driver exploits by @matteomalvica, fooling facial recognition from @shawnshan26 and team, and more!
VBA macro static analysis defeats by @gabriele_pippi, anti-RE VBS tricks from @Laughing_Mantis, EDR telemetry redirection techniques by @Jackson_T, Google open sources their Tsunami security scanning engine from @slekies and team, an index of Windows binaries from @m417z, and more!
A new DLL hijacking finder from @CTXIS, the dangers of window.opener.postMessage by @zoczus, Windows Telemetry LPE by @vm_call, certutil.exe LOLBin replacement from @gal_kristal, a digital sticky note reader from @two06, and more!
1,566 hijackable DLLs in Windows 10 from @Wietze, a Bitdefender RCE from visiting a website by @WPalant, CobaltStrike Beacon Object File implementations start dropping (like @ilove2pwn_'s), a Docker Desktop for Windows LPE from @spaceraccoonsec, and more!
Bypassing CSP with Google Analytics by @amirshaked, @itm4n drops yet another Windows LPE, @OptivSourceZero/@Tyl0us advance the state of the art in Windows domain password spraying, and more!