noodlearms
@infosecnoodle
Followers
292
Following
3K
Media
6
Statuses
48
Love this. That last demo is one of the coolest things I’ve seen in a while🔥.
0
0
0
RT @_jamiepegg: Pleased to announce version 0.1.0 of Lodestar Forge! . Introducing support for Adaptix C2 alongside tonnes of other bug fix….
github.com
Version 0.1.0 Release The first official "version" of Lodestar Forge to be released 🥳 Key Changes New landing page Whilst currently closed source, we have a new landing page! It can be fo...
0
2
0
RT @_RastaMouse: Having another look at Raffi's Crystal Palace PIC loaders today. This time as a post-ex reflective loader with embedded f….
0
4
0
RT @joehowwolf: [BLOG] Dynamically Instrumenting Beacon with BeaconGate - For All Your Call Stack Spoofing Needs!
cobaltstrike.com
See how to instrument Beacon via BeaconGate and walk through return address spoofing, indirect syscalls, and a call stack spoofing technique, Draugr.
0
52
0
RT @YuG0rd: 🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability.It allows….
0
373
0
RT @0xTriboulet: rssh-rs is a reflective DLL that performs some hacky integration with your favorite C2 Framework to provide SSH session ac….
github.com
Contribute to 0xTriboulet/rssh-rs development by creating an account on GitHub.
0
30
0
Short post on an alternative method for obtaining Microsoft Entra refresh tokens via Beacon. Proof of concept BOF is available on my GitHub 🙂
infosecnoodle.com
An alternative technique for obtaining Microsoft Entra refresh tokens (and "family refresh tokens") using beacon on a compromised endpoint.
1
65
163
RT @binaryz0ne: This is an interesting post by @modexpblog . highly recommend checking it out.
0
41
0
RT @hacker_ralf: AdaptixC2 v0.4 is out. * New Linux/MacOS "gopher" agent.* TCP/mTLS external listener for "gopher"….
0
110
0
RT @0xTriboulet: Been thinking about the acceptance of BOFs as the goto development platform for capability development. From their incepti….
0
11
0
RT @Tyl0us: Been super busy with some secret things but SoucePoint 4.0 is live with all the latest CS stuff #redtea….
github.com
New Features Updated Useragent Strings Updated SSH Banners Huge Shout out to 0xflagplz for all their hard work in adding the following: Added CS 4.10 - BeaconGate Options Added CS 4.11 Shhhhhh, Be...
0
24
0
RT @jack_halon: Back in 2018, I released a post on how to break into pentesting, and it's been shared widely in the security community ever….
jhalon.github.io
It goes without saying that being a Professional Penetration Tester is considered to be one of the “cooler” jobs in InfoSec. I mean, let’s be honest here - who wouldn’t want to break into buildings,...
0
10
0
RT @_RastaMouse: [BLOG].This post summarises how to tie Cobalt Strike's UDRL, SleepMask, and BeaconGate together for your syscall and call….
rastamouse.me
I've been looking into Cobalt Strike's UDRL, SleepMask, and BeaconGate features over the last couple of days. It took me some time to understand the relationship between these capabilities, so the...
0
104
0
RT @RWXstoned: An example of custom Sleep in the new Cobalt Strike framework, reusing Sleepmask-VS. Hopefully clarifying how BeaconGate, Sl….
rwxstoned.github.io
a quick new Sleep PoC using the latest Cobalt Strike features
0
8
0
RT @joehowwolf: New CS Blog - Revisiting the UDRL Part 3: If you like the idea of loading a custom c2 channel in y….
cobaltstrike.com
Learn UDRL's role in runtime masking, including how to track Beacon with BUD and loading an External C2 DLL at the same time as Beacon and mask both DLLs at runtime with Sleepmask-VS.
0
53
0
RT @mcnamee_simon: I know it's that time of year we all set out with lofty goals to achieve great things, but if there's anyone out there l….
0
15
0