몾 Artemis @mixic@nanao.cybtex.fr
247365
Inscrit·e en mar. 2022
RustScan
RustScan is a tool that turns a 17 minutes Nmap scan into 19 seconds.
Dynamic Assembly Loader
DotNet Assembly Loader using a Dynamic Method & Emitted MSIL instructions
https://gist.github.com/sdcampbell/41dcaef1068b6b44fd05ac1d3a0dc661
asminject
Injects arbitrary assembly or precompiled binary payloads directly into x86-64, x86, and ARM32 Linux processes without the use of ptrace
Notre monde est devenu ... le théâtre de combats
« Le monde est un chaos, et son désordre excède tout ce qu'on y voudrait apporter de remède. » ( Pierre Corneille )
Seuls les ignorants seront surpris de la tournure des évènements. Alors peut-être devrions-nous s'interroger sur la fabrique de nos ignares ?
« La crainte de la guerre est encore pire que la guerre elle-même » ( Sénèque )
Certaines menaces sont belles et bien nouvelles cependant combien d'entre elles le sont et combien étaient-elles prévisibles ?
Everybody has a plan until they get punched in the mouth ( Mike Tyson )
Doit-on s'interroger sur le temps restant avant ouverture de cette maudite boîte de Pandore ou devrions-nous accepter son ouverture et œuvrer sans tarder à bâtir nos forces avec une volonté de vaincre ?
« Un changement en prépare un autre. » ( Nicolas Machiavel )
몾 Artemis
a partagé
#AADInternals @bsidesorlando edition is out now!
New functionality:
▪ Get access tokens for managed identities
▪ Add new MOERA domains (.onmicrosoft.com)
And as demonstrated in my BSides Orlando talk:
▪ Modify #AzureAD policy details (including Conditional Access metadata) without detailed Audit Log events
Change log: https://aadinternals.com/aadinternals/#version-info
Havoc v0.4.1
Havoc is a modern and malleable post-exploitation command and control framework
Socks4aproxy support
https://github.com/HavocFramework/Havoc/commit/133f6ead8085147dc39beb368c41aead2873927e
ntfsDump
Use to copy a file from an NTFS partitioned volume by reading the raw volume and parsing the NTFS structures
💭 Used successfully for reading ntds.dit on a DC
CrackMapExec module to dump Microsoft Teams cookies ( mpgn, ησυѕєℓєѕѕтє¢н, KuiilSec )
https://gist.github.com/mpgn/100ae809fde94ac58f4bc610580f705b
Mimikatz
2.2.0-20220919
[legacy] Backport djoin parser & Citrix SSO password extractor
https://github.com/gentilkiwi/mimikatz/releases/tag/2.2.0-20220919
Pyramid
The main purpose of the tool is to perform offensive tasks by leveraging some Python evasion properties and looking as a legit Python application usage.
RunasCs
Added flag
--bypass-uacthat allows to spawn a process as an Administrator (if password is known) with full privileges
PIVert-Relay
Modified Ceri's PIVert to support authentication where the smart card holding the private key is on another machine
📕 Helping SOC teams while providing a custom cookbook on adversaries
poc.xmla
PoC for Windows SQL Server to authenticate on an arbitrary machine.
Malware Behavior Catalog
A catalog of malware objectives and behaviors
NimicStack
Pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs.
VulnerabilitiesDataImport is a standalone script that adds information about unpatched vulnerabilities to BloodHound based on parsed vulnerability scanners reports.
https://github.com/zeronetworks/BloodHound-Tools/tree/main/VulnerabilitiesDataImport
247365
Inscrit·e en mar. 2022
