Alh4zr3d

I streamed Sunday and yesterday! Those VODs are up right now.

Twitch deletes VODs older than 60 days, unfortunately :(.

GitHub - 0xsp-SRD/ZigStrike: ZigStrike, a powerful Payload Delivery Pipeline developed in Zig, offering a variety of injection techniques and anti-sandbox features. ZigStrike, a powerful Payload Delivery Pipeline developed in Zig, offering a variety of injection techniques and anti-sandbox features. - 0xsp-SRD/ZigStrike

Red Teamers: Some new tooling for shellcode injection in the presence of EDR, featuring a variety of injection techniques to include Early Cascade. I may look into this one on stream for a Tool Review.

github.com/0xsp-SRD/Zig...

Newbie Tuesday today @5 EDT!!!

twitch.tv/alh4zr3d

Abusing Windows Built-in VPN Providers

Another TrustedSec blog for this one, written by Christopher Paschen!

trustedsec.com/blog/abusing...

Red Teamers: Look into VPN settings in Windows. Can be applied from userland--transparent to all users--used to MITM network connections, blind EDR, etc!

Pwsh:

Add-VPNConnection -Name x -ServerAddress <domain>

Add-VPNConnectionRoute -ConnectionName "x" -DestinationPrefix "1.2.3.4/32"

Okta for Red Teamers Learn how to bypass Okta's security measures using post-exploitation techniques, including Delegated Authentication, AD Agent Hijacking, and Fake SAML…

For more info, check this awesome blogpost by TrustedSec:

trustedsec.com/blog/okta-fo...

Red Teamers: If your target is using Okta (check <orgname>.okta.com), pull a TGS for the SPN HTTP/<orgname>.kerberos.okta.com and inject it into your host session. When proxied, this will allow you to access their Okta dashboard.
Rubeus asktgs /spn:<spn>
Rubeus ptt /ticket:<ticket>

Completely successful first stream back today (even though I didn't do any hacking); resolved the mic issues and I'm ready for Newbie Tuesday!

RED TEAM TIPS START UP IN EARNEST TOMORROW

Long have you waited.

I return to streaming and content creation at large with a vengeance starting on Sunday, 6 April 2025.

Powered by the baddie you see below, revamped recording equipment/webcam, and more.

Expect me. Cthulhu fhtagn.

Red Teamers: do NOT neglect SNMP like sysadmins usually do! SO many networks have granted me very quick wins through SNMP enumeration, which can be done with Metasploit, snmpwalk, and onesixtyone:

Enum Windows accounts (spray?):
snmpwalk -c public -v1 $TARGET 1.3.6.1.4.1.77.1.2.25
#hacking #redteam

As a reminder, my "red team tips" found both on this and where I used to post them (the Nazi app) are not necessarily tips specifically for adversary emulators; they are generalized offensive tips useful to both penetration testers and red teamers. "Red team" is shorthand here!

Hackers, give me good cybersecurity follows on this site. Who's made the jump from the Nazi site?

I've been at home a grand total of two weeks since November; hard to stream when I'm gone that much I am afraid! Back to the grind next week, though!

A screenshot of an email complaining about someone in the video game League of Legends sent to the Trump Administration's fascist anti-diversity email address

See, THIS is exactly the kind of unprofessional behavior that I do not condone.

Hackers, the Trump Admin has set up a govt email at DEIATruth@opm.gov for people to report DEI workers and people who support diversity. Make sure that you do NOT drown it in garbage; that would be unprofessional.

And make sure you do NOT use services like 10minutemail.com to hide your identity!

Red Teamers, I'm starting off my bsky tips with a banger: using pending file change operations in the Registry to rename executables and indirectly disable AV/EDR!

If the EDR has tamper protection, make a junction to the EXE first!

Here's your PowerShell command: pastebin.com/Jikaicm1