Noticed that #semgrep default rule set does not always catch dangerouslySetInnerHtml, this rule did however catch it https://semgrep.dev/playground/s/oeo9 #xss #trustbutverify
| Github | https://github.com/1njected/ |
| Rzec | https://rzec.se |
1njected 
- 133 Followers
- 160 Following
- 19 Posts
Founder and Seniorπ¨βπ¦³security consultant at Rzec | OSEP | Attacker/Defender, causer of guru meditations, creator of 4bar loops πΈπͺ
Great post on offensive techniques that can be used towards #ConfigMgr / #SCCM
https://http418infosec.com/offensive-sccm-summary
https://http418infosec.com/offensive-sccm-summary
New #DefenderforIdentity sensor for Active Directory Certificate Services (#ADCS):
https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/microsoft-defender-for-identity-expands-its-coverage-with-new-ad/ba-p/3894215
Can detect suspicious activity used by adversaries as well as detect insecure settings.
The #SCCM AdminService API is vulnerable to NTLM relaying and can be abused for SCCM site takeover. https://posts.specterops.io/site-takeover-via-sccms-adminservice-api-d932e22b2bf
I am sure #ChatGPT must be able to hack the underlying system it is running on, escape to internet and #hackallthethings - #skynet https://www.engraved.blog/building-a-virtual-machine-inside/
#Meshtastic (https://meshtastic.org/) looks like a cool project. "Open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices". Ordered a Lora32 2.1 today, hopefully I can reach some other devices in the Sthlm area.
Labs post on how to find interesting stuff in #SCCM / #ConfigurationManager content library shares during #pentest and #redteam operations.
https://labs.withsecure.com/publications/looting-microsoft-configuration-manager
π½π΄πππ΄ππ΄π²Extracting a #CobaltStrike beacon config from #PCAP in 5 simple steps:
π #CapLoader
βοΈ #NetworkMiner
β¨οΈ cmd.exe
π 1768 K
π¦ΉββοΈ Cobalt Strike Beacon Config
Full video, writeup and link to pcap file is available here:
https://netresec.com/?b=21536fc
Detecting Cobalt Strike and Hancitor traffic in PCAP
This video shows how Cobalt Strike and Hancitor C2 traffic can be detected using CapLoader. Your browser does not support the video tag. I bet you're going: π± OMG he's analyzing Windows malware on a Windows PC!!! Relax, I know what I'm doing. I have also taken the precaution of analyzing the PCAP f[...]
#Amiga really got me into computers in the 90's, even though C64 was fun, the Amiga was something else. Been doing IT-sec since ~2000. Started with network, firewalls, and related stuff. Eventually got into pentesting and been doing that since 2010. #netsec is my thing, but I like web, hardware and SDR as well. Security architecture and pragmatic threat modelling is also something I would like to do more of.
Free time: Family, MTB, play drums, or make electronic music:
https://soundcloud.com/trehune/tracks
#funfact: Played drums in a band that got to the finals of a local music competition, . A band called #Sabaton won, guess the jury was right! π€
trehune
Listen to trehune | SoundCloud is an audio platform that lets you listen to what you love and share the sounds you create.