Udayveer Singh
@m4lici0u5
Followers
2K
Following
15K
Media
94
Statuses
4K
Offensive Security | Red Teamer | Learning MalDev | CRTL | OSEP | OSWP | CRTO | CARTP | CRTE | CRTP | CESP-ADCS | eJPT
Joined January 2015
3
53
242
RT @helpnetsecurity: LudusHound: Open-source tool brings BloodHound data to life - - @SpecterOps @GitHub #GitHub #O….
0
6
0
RT @init1security: Hijacking Azure PowerShell Authentication Flow.#redteam.
init1security.com
While looking into some interesting Azure attacks I came upon something interesting when using the `Connect-AzAccount`Now noticing the PowerShell opens a port when using the Connect -AzAccount, I...
0
2
0
RT @0xthirteen: I wanted to find out if you could start the WebClient service remotely, so I ended up digging into it .
specterops.io
A walkthrough to answer the question: "Can you start the WebClient service remotely as a low privileged user?"
0
52
0
RT @Print3M_: I'm releasing my new tool: DllShimmer 🔥 Weaponize DLL hijacking easily. - backdoor any function, no….
0
93
0
RT @albinowax: Ever seen two responses to one request? That's just pipelining. or is it? I've just published "Beware the false false-posi….
0
34
0
RT @RedTeamPT: 👀Turns out MS-EVEN can do a lot more than NULL auth:. In addition to leaking environment variables, it is possible to coerce….
0
39
0
RT @dmcxblue: Back from PTO and back on my Azure vulnerable lab project Function Apps, Runbooks, VMs, DBs, SPNs & more. Built to learn Azur….
github.com
An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations - dmcxblue/AzureStrike
0
37
0
RT @rj_chap: Last weekend marked the 5th year in a row that @ARosenmund and I have presented a workshop at DefCon!. Our DC33 Workshop is en….
0
5
0
RT @SEKTOR7net: Introducing bundles, both for individuals and teams!. Now you can get several courses on a reduced pricing. Go check it out….
0
22
0
RT @AlteredSecurity: Congratulations to @m4lici0u5 for clearing our Certified by Altered Security Red Team Professional for Azure exam!.#CA….
0
1
0
RT @0xfluxsec: I have uploaded a proof of concept MVP for Hells Hollow (removing the bloat from my previous project it was part of). You c….
github.com
Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls - 0xflux/Hells-Hollow
0
35
0
RT @0xKylm: You're lazy, I'm lazy, so what if your compiler did the evasion for you?.Based on my blogpost from earlier this week: https://t….
0
29
0
RT @0x64616e: I stumbled upon this tweet and dug a bit deeper into the internals of ksetup.exe: When you are local….
pentest.party
0
41
0
RT @aniqfakhrul: Powerview 2025.1.5:. Added --obfuscate flag to obfuscate ldap filters and base DN. This is heavily inspired by https://t.c….
0
40
0
RT @mrgretzky: I highly recommend watching this talk by Keanu Nys if you're interested in learning about novel phishing techniques! 🪝🐟.
0
26
0
RT @RedByte1337: Thanks to everyone who joined my DEFCON33 talk!🎉.For those of you who missed it and are interested in seeing how we can ex….
0
140
0
RT @wil_fri3d: gpoParser, which I presented at #leHACK2025 and #DEFCON, is available here: It is a specialized util….
github.com
gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory environment. - synacktiv/gpoParser
0
169
0
RT @blackroomsec: Sol, as you requested last night :D. CC: @IceSolst.
beyondtrust.com
Discover how attackers can escalate privileges in Entra ID using Azure VMs, PRT theft, and device identity abuse. Learn how the “Evil VM” attack unfolds,…
0
36
0
RT @nickvangilder: Big shoutout to all the C2 developers out there! Thank you for what you do!
0
5
0
RT @WebSecAcademy: How to manually check for CL.TE Request Smuggling Vulnerabilities:. 1️⃣ See if a GET request accepts POST.2️⃣ See if it….
0
107
0