Rasta Mouse
@_RastaMouse
Followers
47K
Following
7K
Media
2K
Statuses
20K
Brand-new admin protection bypasses by @tiraniddo As usual, awesome work! 💪💪💪 https://t.co/PysmzK9XFL and
0
21
67
Looks like me tbf
Our designers are on leave… but our discounts aren’t 🔥 Hack smarter, not pricier — get 25% OFF the annual HTB Pro Labs subscription. Access 26 different scenarios (with many more coming by the beginning of next year), built to train you for real-world, enterprise environments.
2
1
37
Venom C2 tool drop! 🐍 During a recent red team engagement we needed a simple python agent that needs no dependencies to setup persistence on some exotic boxes we landed on. Some had EDR so we didn't want anything off-the-shelf. The server, agent, and client were made
10
90
418
As a fun side project - I’ve started tracking vendors whose guides ask customers to create ESC1-style certificate templates, leaving an entire environment exposed 😅
medium.com
This post isn’t about vendor-bashing. With attacks against Active Directory Certificate Services (ADCS) increasing, I want to show how…
5
39
139
I spent some time today (ok, the whole day), trying to find a way to bypass PPID spoofing detections. I failed miserably.
5
1
51
First blogpost in a while, check it out! PoC is a Crystal Palace shared library, format inspired by @_RastaMouse's LibTP https://t.co/7nGj4OyGrZ
Callstacks are largely used by the Elastic EDR to detect malicious activity. @SAERXCIT details a technique to evade a callstack-based detection and allow shellcode to load a network module without getting detected. Post: https://t.co/hckL3n8it5 PoC: https://t.co/0dqBDQeKWm
0
20
83
I spent years bypassing security tools as a red teamer. So I built the product to catch me. Launching Nov. 10th.
We are Red Teamers. We know the problem. Here's how we fix It. Launching November 10th. https://t.co/qBgCurNlXo
10
22
278
A new milestone for Hack The Box 🚀 We’re joining forces with LinkedIn Learning, becoming their first-ever cybersecurity training labs partner. Together, we’re reshaping how the world learns cybersecurity, making hands-on, performance-based skill development accessible to
5
17
201
I felt another MythicC2 demo and showcase was in order, showing off both the new Forge collection utility, but also my Apollo fork with HTTPx Malleable Profile support. Video is out now (link in comments)
5
31
112
Released my Cobalt Strike BOF for fork & run injection! Features Draugr stack spoofing, PPID spoofing, multiple execution methods, and indirect syscalls for enhanced OpSec. https://t.co/kfiAcfLSaY
6
74
279
The KB5067036 update is now available on Windows 11 computers running 24H2 &25H2 and includes the Administrator Protection feature. This feature leverages Windows Hello (PIN or biometric) for administrator actions and uses a temporary token which is destroyed after use. This
4
76
296
My annual contribution to the small boats and migrant hotels...
5
0
34
I've also updated Crystal Loaders to benefit from some of the new CP features
github.com
A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike - rasta-mouse/Crystal-Loaders
0
3
23
LibGate - a Crystal Palace shared library for resolving and performing syscalls
github.com
A Crystal Palace shared library to resolve & perform syscalls - rasta-mouse/LibGate
3
19
108