Dom chell twitter
WebSep 18, 2024 · Dominic Chell @domchell Sep 19, 2024 There’s pcaps on the Mordor project, but given you’re already talking about signatures, I suspect your theory is already flawed. Just to confirm again, this does not touch disk, the macro code is run in memory, instrumented over dcom and inside the excel.exe process’ xlm engine 1 David Ledbetter … Web1 day ago · Dominic Chell 👻 on Twitter: "Another big night at the theatre of dreams tonight 🤞👹" Another big night at the theatre of dreams tonight 🤞👹 13 Apr 2024 19:43:22
Dom chell twitter
Did you know?
WebOct 5, 2024 · Dominic Chell @domchell OST aficionado, red teamer and founder at @MDSecLabs Creator of /r/redteamsec Lead author of the Mobile App Hacker's Handbook http://mdsec.co.uk http://nighthawkc2.io Manchester, England mdsec.co.uk Joined February 2009 Tweets © 2024 Twitter About Help Center Terms Privacy policy … WebRT @ShitSecure: Just pushed some of my Nim experiments from the last months into the Creds Repository. Heap encryption, self debugging, RemoteLoadLibrary, HandleKatzWrapper, SystemFunction032 decryption, baseThreadThunk hooking and more.
WebMar 14, 2024 · Dominic Chell 👻 on Twitter: "@LastRedredred @MDSecLabs You can relay from the outside to anything on the perimeter that supports NTLM also 🙃" / Twitter …
WebJul 30, 2024 · I guess while I'm on a roll, it would be rude not to show the token store feature (which is slick AF) 🔥.... WebMar 14, 2024 · Dominic Chell @domchell · Mar 15 Replying to @wdormann Locally you can trigger it via an etw event as it has a start trigger tied to it - there's a few other natural events that cause it to start. Remotely you can serve a searchconnector file and it'll auto start it 1 6 Show replies rvrsh3ll @424f424f · Mar 15 Replying to @domchell GIF ALT
WebMar 30, 2024 · “@ShitSecure @chvancooten @HackingLZ @OutflankNL Yea it does happen for sure, I just don't think it's THAT common. In terms of starting the service remotely, the only way I've found so far is using a searchconnector”
WebRT @mubix: Releasing a NFS Client today, it's written in Go, has file list, upload, download, delete, make directory and delete directory functions without having to mount the drive or permissions (locally) to do so. running shoes full gel cushionWebDec 22, 2024 · “This request is again dodged and no evidence of the original payment or transaction trace has still been provided, I wonder what the reason for the lack of transaction tracing could be 🤔” running shoes from usaWebDec 22, 2024 · “Shortly after this sometime in September, you may remember a bit of a twitter spat followed with @ninjaparanoid. Although he’s deleted most of the tweets, … sccm running powershell scriptsWebAug 3, 2024 · Dominic Chell @domchell OST aficionado, red teamer and founder at @MDSecLabs Creator of /r/redteamsec Lead author of the Mobile App Hacker's … sccm run command line packageWebMar 15, 2024 · Dominic Chell 👻 on Twitter: "I also have questions about who thought it was a good idea to allow the sender to specify the location of a sound file for the recipient to play too 😂🙈" I also have questions about who thought it was a good idea to allow the sender to specify the location of a sound file for the recipient to play too 😂🙈 sccm run as high performance power planWebJul 30, 2024 · @domchell and @modexpblog Hard to show in a screenshot but Moneta gives it a completely clean bill of health. And as an added bonus a strings search of memory shows no C2 traffic residue etc. Finally getting there! 2 2 Dominic Chell @domchell · Jul 30, 2024 I’ll post a little video later for completeness 😉 1 Show replies Her0 @Her0_IT · sccm run a powershell scriptWebMar 14, 2024 · @domchell Just confirmed that this works nicely over WebDAV - Microsoft's mitigation of blocking outbound 445 is insufficient, you can exploit this on any port as … sccm run powershell script package