Arris Huijgen
@bitsadmin
Followers
2K
Following
263
Media
37
Statuses
230
Windows Offensive Security Enthusiast 🤠 Blog: https://t.co/CAwdjs2rKS GitHub: https://t.co/YG2YOxfosm
Amsterdam, The Netherlands
Joined March 2016
Excited to finally publish research which in the background I have been working on for several years!😃. Introducing Living Off the FOREIGN Land (#LOFL), using a Windows VM over SOCKS as offensive platform✨. 📖 🏝 More info ⬇️
12
236
590
RT @hackyboiz: [Research] Starting Chrome Exploitation with Type Confusion 101 ^-^☆ Part 1.(EN). Ever wondered how….
0
42
0
RT @YuG0rd: 🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability.It allows….
0
372
0
RT @yudasm_: What if you skipped VirtualAlloc, skipped WriteProcessMemory and still got code execution?.We explored process injection using….
0
77
0
RT @ShitSecure: Blogpost from my colleague about what’s still possible with recently published COM/DCOM toolings, Cross Session Activation….
0
112
0
RT @_atsika: ProxyBlob is alive ! We’ve open-sourced our stealthy reverse SOCKS proxy over Azure Blob Storage that can help you operate in….
0
46
0
Cool, novel, lateral movement technique by @william_knows by dropping a .dll file on a remote host obtaining code execution! 💡
.NET GAC and NIC hijacking for lateral movement:
0
22
155
RT @decoder_it: I just published a blog post where I try to explain and demystify Kerberos relay attacks. I hope it’s a good and comprehens….
0
150
0
RT @sensepost: The S is for Security. How to use WinRMS as a solid NTLM relay target, and why it’s less secure than WinRM over HTTP. By @De….
0
45
0
RT @AirbusSecLab: We’re glad to announce we released Soxy!🚀.A Rust-powered suite of services for Citrix, VMware Horizon & Windows RDP. Red….
0
61
0
RT @Neodyme: Your laptop was stolen. It’s running Windows 11, fully up-to-date, device encryption (BitLocker) and Secure Boot enabled. Your….
0
29
0
RT @doopsec: Just released SCCMHound! A BloodHound collector for SCCM. SCCMHound allows both attackers and defenders to construct BloodHoun….
0
102
0
RT @slowerzs: Ever wondered how CryptProtectMemory with the CRYPTPROTECTMEMORY_SAME_PROCESS flag worked, or if encrypted blobs could be dec….
0
57
0
Per suggestion of @jelleverg, added the memory-efficient script to the dir2json repository. As a bonus also added to convert the output of cmd.exe's dir /s /a command to csv. Useful to avoid PowerShell's logging mechanisms 😉 Enjoy!
Have you ever been stuck at a red team and needed to plow through the local filesystem/shares in an attempt to find credentials? 🧐 This blog and new tool will greatly increase successes and efficiency for this tedious job! 😃.📖 ⚙
0
3
7
Because in the 24H2 release of Windows 11 vbscript is being phased out, the missingkbs utility for Windows Exploit Suggester - Next Generation (#WESNG) is now also available in PowerShell flavor! 🙂. 🎯 Check out missingkbs.ps1 @
Windows Exploit Suggester - Next Generation v1.0 has been released! Including the new missingkbs.vbs utility and an in-depth blog post on how to use it: Windows Security Updates for Hackers. Latest #WESNG release: blog:
0
21
70
RT @ustayready: Dropping a new initial access technique via RDP that I dubbed "Rogue RDP". Use malicious .RDP files to bypass email/servers….
0
318
0
RT @decoder_it: Hello: I'm your ADCS server and I want to authenticate against you. My latest Post and PoC are out. You can read it here: h….
0
241
0
RT @0gtweet: Eliminate huge part of lateral movement scenarios with one command: "reg.exe add HKLM\SYSTEM\CurrentControlSet\Control /v Disa….
0
309
0