RT @decoder_it: I just published a blog post where I try to explain and demystify Kerberos relay attacks. I hope it’s a good and comprehens….

If you wanna do it in c#, merge this with the og krbrelay https://github[.]com/CICADA8-Research/RemoteKrbRelay.

I asked myself, how difficult would it be to run a 0xC2 agent in a non-rooted Samsung phone, via an APK installation, and use it for lateral movement. Turns out, not very difficult at all

RT @decoder_it: M'm glad to release the tool I have been working hard on the last month: #KrbRelayEx.A Kerberos relay & forwarder for MiTM….

I have received a few questions about reusing existing open-source and in-house BOFs in 0xC2 so I am leaving it here for visibility. Yes the 0xC2 Windows agent has a backward-compatible layer so you can reuse your existing object file tools after converting the Sleep script to

Don't we all get to the point where all you want to do is capture and relay NTLM and Kerberos authentications in a BOF?. It's just faster to write a capture & relaying framework in C for ntlm, kerberos, dcom, smb, http, mssql with native Windows support than fixing impacket.

RT @decoder_it: @_RastaMouse @curi0usJack @tiraniddo @cube0x0

RT @decoder_it: Is Kerberos relaying so limited? I'd say no, thanks to @tiraniddo CredMarshalTargetInfo trick. In this case, I'm relaying….

0xC2 is now available and the site has been updated with a brief introduction.

RT @artem_i_baranov: Red Teaming in the age of EDR: Evasion of Endpoint Detection Through Malware Virtualisation.

Is your team actively using for external communication during red team engagements?.

RT @rotarydrone: First blog! Reversing a VPN client to hijack sessions.

Over a year ago, I left my position at WithSecure to start a new journey, create something new, and do my own thing. Today, I'm excited to publicly announce what I've been working on all this time. Introducing 0xC2, a cross-platform C2 framework targeting Windows, Linux, and

RT @Laughing_Mantis: Since I'm 6 drinks in for 20 bucks, let me tell you all about the story of how the first Microsoft Office 2007 vulnera….

RT @_EthicalChaos_: Time to be terrified. I've just dropped my Okta Terrify tool which I demonstrated as part of my @BSidesCymru talk last….

🔥.

RT @tiraniddo: Taking a cue from @D1iv3 and @decoder_it's work on inducing authentication out of remote DCOM I thought I'd quickly write up….

RT @curi0usJack: Interested in red team operations using almost all internal tooling against some of the hardest companies in the world? Lo….

RT @decoder_it: ADCS: Coercing NTLM Auth just for fun (or maybe for profit?)

RT @edwardzpeng: #VisualStudio 1-click RCE, No Smartscreen warning, No trust need, No futher interaction need. Just download from internet….