Author | Lightnews

Revisiting Browser Cache Smuggling

r1cksec @r1cksec.bsky.social · 1d

How attackers can exploit browser-cache-smuggling in combination with COM hijacking🕵️‍♂️

medium.com/@danemeth90/...

#infosec #cybersecurity #pentest #redteam #phishing #windows

I recently came across an article detailing a campaign using browser cache smuggling and ClickFix to deliver malware to a system. I found…

medium.com

2 4

r1cksec @r1cksec.bsky.social · 4d

ClickForClickOnce - Generate configurable clickonce payloads🕵️‍♂️

github.com/whokilleddb/...

#infosec #cybersecurity #pentest #redteam #opensource

GitHub - whokilleddb/ClickForClickOnce: ClickForClickOnce - Generate configurable clickonce payloads

ClickForClickOnce - Generate configurable clickonce payloads - whokilleddb/ClickForClickOnce

GitHub - protectai/modelscan: Protection against Model Serialization Attacks

2 4

r1cksec @r1cksec.bsky.social · 7d

Protection against Model Serialization Attacks🕵️‍♂️

github.com/protectai/mo...

#infosec #cybersecurity #pentest #redteam #opensource #ai

Protection against Model Serialization Attacks. Contribute to protectai/modelscan development by creating an account on GitHub.

GitHub - Nomad0x7/sekken-enum: adws enumeration bof

r1cksec @r1cksec.bsky.social · 8d

A Beacon Object File (BOF) for Active Directory enumeration through Active Directory Web Services (ADWS) compatible with BOFHound🕵️‍♂️

github.com/Nomad0x7/sek...

#infosec #cybersecurity #pentest #redteam #windows #opensource

adws enumeration bof. Contribute to Nomad0x7/sekken-enum development by creating an account on GitHub.

GitHub - nyxgeek/onedrive_user_enum: onedrive user enumeration - pentest tool to enumerate valid o365 users

r1cksec @r1cksec.bsky.social · 9d

Time-based user enum via Basic Auth in Azure against Autodiscover🕵️‍♂️

github.com/nyxgeek/oned...

#infosec #cybersecurity #pentest #redteam #osint

onedrive user enumeration - pentest tool to enumerate valid o365 users - nyxgeek/onedrive_user_enum

When Azure Relay Becomes a Red Teamer’s Highway – Hackers Hermanos

r1cksec @r1cksec.bsky.social · 12d

A post about how Azure Relay Bridge (azbridge) can be abused by red teams to tunnel C2 traffic through Microsofts Azure Service Bus infrastructure🕵️‍♂️

hackerhermanos.com/azbridge

#infosec #cybersecurity #pentest #redteam #cloud #micorosoft

hackerhermanos.com

1 1

r1cksec @r1cksec.bsky.social · 14d

On r1cksec.de it is possible to search for URLs based on my cheatsheets🕵️‍♂️

#infosec #cybersecurity #redteam #pentest #malware #threatintel #dfir

GitHub - r1cksec/cheatsheets: Collection of knowledge about information security

r1cksec @r1cksec.bsky.social · 16d

New cheatsheets pushed🕵️‍♂️

github.com/r1cksec/chea...

#infosec #cybersecurity #pentest #redteam #cloud #malware #dfir

Collection of knowledge about information security - r1cksec/cheatsheets

Living off the land: stealing NetNTLM hashes

1 2

r1cksec @r1cksec.bsky.social · 18d

A collection of different methods of stealing NetNTLM hashes🕵️‍♂️

www.securify.nl/blog/living-...

#infosec #cybersecurity #pentest #redteam #windows #activedirectory

Securify provides reality checks to lower security risks and build up resilience against threats. Agile Security, Pentesting (scenario-based) and Red Teaming.

www.securify.nl

GitHub - toneillcodes/EntraID-API-Library: A collection of useful API endpoints for security operators and administrators

r1cksec @r1cksec.bsky.social · 19d

A collection of useful API endpoints for security operators and administrators🕵️‍♂️

github.com/toneillcodes...

#infosec #cybersecurity #pentest #redteam #cloud

A collection of useful API endpoints for security operators and administrators - toneillcodes/EntraID-API-Library

GitHub - KittenBusters/CharmingKitten: Exposing CharmingKitten's malicious activity for IRGC-IO devision Counterintelligence devision (1500)

r1cksec @r1cksec.bsky.social · 20d

Exposing CharmingKitten's malicious activity for IRGC-IO devision Counterintelligence devision (1500)🕵️‍♂️

github.com/KittenBuster...

#infosec #cybersecurity #threatintel #malware #dfir

Exposing CharmingKitten's malicious activity for IRGC-IO devision Counterintelligence devision (1500) - KittenBusters/CharmingKitten

GitHub - TwoSevenOneT/WSASS: This is the tool to dump the LSASS process on modern Windows 11

2

r1cksec @r1cksec.bsky.social · 21d

This is the tool to dump the LSASS process on modern Windows 11🕵️‍♂️

github.com/TwoSevenOneT...

#infosec #cybersecurity #pentest #redteam #windows #opensource

This is the tool to dump the LSASS process on modern Windows 11 - TwoSevenOneT/WSASS

GitHub - Maldev-Academy/MaldevAcademyLdr.2: RunPE implementation with multiple evasive techniques

r1cksec @r1cksec.bsky.social · 22d

RunPE implementation with multiple evasive techniques🕵️‍♂️

github.com/Maldev-Acade...

#infosec #cybersecurity #pentest #redteam #windows #opensource

RunPE implementation with multiple evasive techniques - Maldev-Academy/MaldevAcademyLdr.2

GitHub - dis0rder0x00/obex: Obex – Blocking unwanted DLLs in user mode

2

r1cksec @r1cksec.bsky.social · 23d

Obex – Blocking unwanted DLLs in user mode🕵️‍♂️

github.com/dis0rder0x00...

#infosec #cybersecurity #pentest #redteam #windows #opensource

Obex – Blocking unwanted DLLs in user mode. Contribute to dis0rder0x00/obex development by creating an account on GitHub.

GitHub - gabriel-sztejnworcel/pipe-intercept: Intercept Windows Named Pipes communication using Burp or similar HTTP proxy tools

r1cksec @r1cksec.bsky.social · 25d

Intercept Windows Named Pipes communication using Burp or similar HTTP proxy tools🕵️‍♂️

github.com/gabriel-szte...

#infosec #cybersecurity #redteam #pentest #opensource #windows

Intercept Windows Named Pipes communication using Burp or similar HTTP proxy tools - gabriel-sztejnworcel/pipe-intercept

GitHub - Print3M/ByteCaster: Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supported)! ☢️

1 2

r1cksec @r1cksec.bsky.social · 26d

Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supported)🕵️‍♂️

github.com/Print3M/Byte...

#infosec #cybersecurity #pentest #redteam #opensource

Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supported)! ☢️ - Print3M/ByteCaster

One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens

4

r1cksec @r1cksec.bsky.social · 29d

A critical flaw in Microsofts Entra ID allowed undocumented Actor tokens to bypass tenant boundaries and impersonate Global Admins across any tenant via a Azure AD Graph API (CVE-2025-55241)🕵️‍♂️

dirkjanm.io/obtaining-gl...

#infosec #cybersecurity #pentest #redteam #cloud

While preparing for my Black Hat and DEF CON talks in July of this year, I found the most impactful Entra ID vulnerability that I will probably ever find. One that could have allowed me to compromise ...

dirkjanm.io

GitHub - Fudgedotdotdot/nimpersonate: Impersonate Windows tokens in Nim

r1cksec @r1cksec.bsky.social · Sep 22

This is a tool that takes any link and makes it look malicious🕵️‍♂️

phishyurl.com

#infosec #cybersecurity #phishing #url

Create a Phishy URL

phishyurl.com

1 3

r1cksec @r1cksec.bsky.social · Sep 19

Impersonate Windows tokens in Nim🕵️‍♂️

github.com/Fudgedotdotd...

#infosec #cybersecurity #pentest #redteam

Impersonate Windows tokens in Nim. Contribute to Fudgedotdotdot/nimpersonate development by creating an account on GitHub.

Typosquat Detective — Learn & Play

r1cksec @r1cksec.bsky.social · Sep 18

Decide if the domain is Typosquatted or Real🕵️‍♂️

typo.himanshuanand.com

#infosec #cybersecurity phishing

typo.himanshuanand.com

GitHub - Mr-Un1k0d3r/DotnetNoVirtualProtectShellcodeLoader: load shellcode without P/D Invoke and VirtualProtect call.

r1cksec @r1cksec.bsky.social · Sep 16

Load shellcode without P/D Invoke and VirtualProtect call🕵️‍♂️

github.com/Mr-Un1k0d3r/...

#infosec #cybersecurity #pentest #redteam #malware #opensource

load shellcode without P/D Invoke and VirtualProtect call. - Mr-Un1k0d3r/DotnetNoVirtualProtectShellcodeLoader

GitHub - tijme/dittobytes: Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.

1 5

r1cksec @r1cksec.bsky.social · Sep 14

Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE🕵️‍♂️

github.com/tijme/dittob...

#infosec #cybersecurity #pentest #redteam

Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE. - GitHub - tijme/dittobytes: Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.

An Attacker’s Blunder Gave Us a Look Into Their Operations | Huntress

1 2

r1cksec @r1cksec.bsky.social · Sep 12

A threat actor accidentally installed Huntress’s EDR agent on their own infrastructure, giving Huntress a view into their daily tradecraft🕵️‍♂️

www.huntress.com/blog/rare-lo...

#infosec #cybersecurity #threatintel #malware

An attacker installed Huntress onto their operating machine, giving us a detailed look at how they’re using AI to build workflows, searching for tools like Evilginx, and researching targets like softw...

www.huntress.com

GitHub - 8ales/Azure-AppHunter: Azure AppHunter is an open-source tool created for security researchers, red teamers and defenders to help them identify excessive privileges assigned to Service Princi...

r1cksec @r1cksec.bsky.social · Sep 12

Azure AppHunter is an open-source tool created for security researchers, red teamers and defenders to help them identify excessive privileges assigned to Service Principals🕵️‍♂️

github.com/8ales/Azure-...

#infosec #cybersecurity #pentest #redteam #cloud

Azure AppHunter is an open-source tool created for security researchers, red teamers and defenders to help them identify excessive privileges assigned to Service Principals - 8ales/Azure-AppHunter