You got access to vsphere and want to compromise the Windows hosts running on that ESX? 💡
1) Create a clone into a new template of the target VM
2) Download the VMDK file of the template from the storage
3) Parse it with Volumiser, extract SAM/SYSTEM/SECURITY
(1/3)
Dumping LSASS is old school. If an admin is connected on a server you are local admin on, just create a scheduled task asking for a certificate on his behalf, get the cert, get its privs. All automatized in the schtask_as module for NetExec 🥳🥳🥳
#malware
"clipup.exe" in System32 is very powerful. It can destroy the executable file of the EDR service 😉. Experimenting with overwriting the MsMpEng.exe file
github: /2x7EQ13/CreateProcessAsPPL
#redteam#BlueTeam
"Localhost tracking" - How Meta bypassed Android sandboxing to track users browsing other websites with Meta's embedded pixel.
Fun fact: 22% of the most visited websites across the world embed Meta's pixel.
zeropartydata.es/p/localhost-tr…
#malware
If you use a directory symlink path to create a process, Process Explorer will interpret the Path and Command Line of this process as the path containing the symlink, rather than the location of the executable file 🤔
#redteam#code
#redteam
Hey, look! Windows with two "System32" folders.😲
Hey, keep looking at this! A process loads the same DLL twice and keeps both instances in memory.😲
#malware#blueteam
⚠️⚠️ CVE-2025-54982(CVSS 9.6)Zscaler's server-side SAML authentication mechanism allowed authentication abuse due to improper cryptographic signature verification.
🎯3.6M+Results are found on the en.fofa.info nearly year
🔗FOFA Link:en.fofa.info/result?qbase64…
FOFA…
7K Followers 3K FollowingEnfocados en elevar la #Seguridad de la Información y #Ciberseguridad en la escala nacional.
Focused on #InfoSec & #Cybersecurity at the national level.
0 Followers 166 FollowingRecruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/PXYxuvrAR9
890 Followers 1K Following2x Founder @VoltAI & @Hackmetrix, Security Researcher. D̶o̶n̶’̶t̶ have the drive to become a big scary famous hacker. Always watching, never seen.
25K Followers 27K FollowingA Hacker who is A Lover of People, and Life @RetroTwinz @Secbsd, @GrumpyHackers, @NovaHackers, @deadpixelsec @hacknotcrime Advocate @PositivelyBlue_ OSCP, OSWP
234K Followers 5K FollowingCloudflare is the world’s leading #ConnectivityCloud, and we have our eyes set on an ambitious goal — to help build a #BetterInternet.
193K Followers 107 FollowingWe're sharing/showcasing best of @github projects/repos. Follow to stay in loop. Promoting Open-Source Contributions. UNOFFICIAL, but followed by github
10K Followers 6 FollowingBringing AI to offensive security by autonomously finding and exploiting web vulnerabilities. Watch XBOW hack things: https://t.co/D5Mco1u8zM
353 Followers 448 FollowingPentest Workflow Management Solutions for Technology and Security teams. Making pentest management and reporting less crappy since 2014
5K Followers 181 FollowingSenior Security Researcher @akamai - Malicious Group - SRT - DoD researcher of the year 2022 - Top 10 web attacks 2023 - CRTO - MSRC Top 75 in Q1/Q2 2025
60K Followers 1K FollowingSecurity information portal, testing and certification body.
Organisers of the annual Virus Bulletin conference. @[email protected]
36K Followers 19 FollowingWe're a data center operator & web hosting company that doesn't need to pretend to be nerdy.
Legal Notice: https://t.co/oRD82JSeVK
1K Followers 435 FollowingCan we hack it?? Yes we can!!! 😎😎😎
Hey Im BobDaHacker, reformed WinRAR trial abuser and Ethical Hacker.
Thx 4 coming to my ted talk
2K Followers 17 FollowingBlackstorm Security is a highly specialized company on exploit development, reverse engineering, malware analysis and threat hunting.
8K Followers 1K FollowingAt Praetorian, our mission is clear: prevent breaches before they happen by emulating real-world attackers. That’s the power of #ContinuousOffensiveSecurity.
No recent Favorites. New Favorites will appear here.