OffSecOps setup (@xenosCR), direct syscalls in CobaltStrike (@brsn76945860), VBA DLL linking (@rd_pentest), advanced red teaming (@BorjaMerino), invoking managed code in .NET DLLs (@_xpn_), shellcode execution via PostgreSQL extensions (@DarkCoderSc), and more!
New macOS C2 (@cedowens), Nim implant (@NotoriousRebel1), x64 AMSI bypass in VBA (@rd_pentest), VBA purging tool (@h4wkst3r/@AndrewOliveau), macOS privesc via MS Teams (@theevilbit), Kali tool developer partnership (@kalilinux/@byt3bl33d3r), and more!
AV bypasses for common C2s (@ShitSecure), Big Sur firewall bypass (@patrickwardle), 10 vulns in Bitdefender (@0xlandave), Win7 LPE (@itm4n), COM mapping tool (@hotnops), hooks for Windows password dumping (@last0x00), and more!
New Mythic agent (@djhohnstein), mobile app interception tools (@EvilPenguin_), CobaltStrike 4.2 and C2 docs (@AndrewChiles), AD post-ex toolkit (@FuzzySec), proxy awareness for CS (@lefterispan), user-mode unhooking ( @slaeryan), and more!
NAT Slipstreaming by @samykamkar, a new AV evasion method by @jxy__s, Kerberoasting in pure VBA by @TheXC3LL, Linux LPE by @scannell_simon, browser extension vulnerabilities from @WPalant, new Maldoc techniques from @Matt_Grandy_, a new autonomous red team tool from @privateducky and team, and more!
LOLBin post from @bohops, new Excel macro tool from @JoeLeonJr, Windows sandbox detection by @LloydLabs, macOS LPE by @0xm1rch, how to use Azure passwords by @kfosaaen, a review of low cost pentests by @_sophron, and more!
Ryzen Driver LPE by @h0mbre_, Discord desktop RCE by @kinugawamasato, Azure Pipeline abuse by @Flangvik, macOS TCC tricks by @_xpn_, AWS enumeration bug by @Frichette_n, new loader from @Cribdragg3r, and more!
DLL Hijacking persistence by @duff22b, Unauth RCE against HP Device Manager from @nickstadb, Linux package manager persistence by @pwnshift, malware unpacking techniques from @Marco_Ramilli, criticals in Apple infra by @samwcyo, DLL hijacking for lateral movement by @domchell, and more!
Sysmon exploit by @0x00dtm, physical smartcard/kerberos attack tools by @_EthicalChaos_, UACMe update (and Defender bypasses) by @hFireF0X, dynamic instrumentation by @rh0main, a new checksec from @mtarral, and more!
Malicious MSI transforms from @_EthicalChaos_, Group Policy caching LPE by @decoder_it, another Cisco AnyConnect LPE by @AntoineGoichot, Phishing your password manager by @CurtBraz, a different ZeroLogon use case by @_dirkjan, and more!
