1njected 

@[email protected]
133 Followers
160 Following
19 Posts
Founder and Senior👨‍🦳security consultant at Rzec | OSEP | Attacker/Defender, causer of guru meditations, creator of 4bar loops 🇸🇪
Githubhttps://github.com/1njected/
Rzechttps://rzec.se
1njected Sep 4, 2023
Noticed that #semgrep default rule set does not always catch dangerouslySetInnerHtml, this rule did however catch it https://semgrep.dev/playground/s/oeo9 #xss #trustbutverify
Semgrep

1njected Aug 29, 2023
Great post on offensive techniques that can be used towards #ConfigMgr / #SCCM
https://http418infosec.com/offensive-sccm-summary
1njected Aug 18, 2023

New #DefenderforIdentity sensor for Active Directory Certificate Services (#ADCS):
https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/microsoft-defender-for-identity-expands-its-coverage-with-new-ad/ba-p/3894215

Can detect suspicious activity used by adversaries as well as detect insecure settings.

Microsoft Defender for Identity expands its coverage with new AD CS sensor!

We are happy to announce the availability of the Microsoft Defender for Identity sensor for Active Directory Certificates Services (AD CS) after successfully..

TECHCOMMUNITY.MICROSOFT.COM
1njected Aug 10, 2023
The #SCCM AdminService API is vulnerable to NTLM relaying and can be abused for SCCM site takeover. https://posts.specterops.io/site-takeover-via-sccms-adminservice-api-d932e22b2bf
Show thread1njected Dec 6, 2022
@bugch3ck yeah, and if that’s on the interwebz, how does it look on the inside 🙈
Show thread1njected Dec 6, 2022
@bugch3ck I heard on the news it is not their fault that they got hacked, anybody can get hacked. I just removed all the locks on my doors, because it’s not my fault if I get a break in. 🥳
1njected Dec 4, 2022
I am sure #ChatGPT must be able to hack the underlying system it is running on, escape to internet and #hackallthethings - #skynet https://www.engraved.blog/building-a-virtual-machine-inside/
Building A Virtual Machine inside ChatGPT

Unless you have been living under a rock, you have heard of this new ChatGPT assistant made by OpenAI. Did you know, that you can run a whole virtual machine inside of ChatGPT?

Engraved
1njected Dec 1, 2022
#Meshtastic (https://meshtastic.org/) looks like a cool project. "Open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices". Ordered a Lora32 2.1 today, hopefully I can reach some other devices in the Sthlm area.
Meshtastic

An open source, off-grid, decentralized mesh network built to run on affordable, low-power devices

1njected Nov 29, 2022

Labs post on how to find interesting stuff in #SCCM / #ConfigurationManager content library shares during #pentest and #redteam operations.

https://labs.withsecure.com/publications/looting-microsoft-configuration-manager

Looting Microsoft Configuration Manager

Configuration Manager often contain information that could be used by an attacker to find new attack paths or credentials that allow lateral movement.

1njected Nov 28, 2022
New #blackfriday plugins. #pigments #infiltrator2 #technovember