TGTGInsighttelegram intelligenceLIVE / telegram public index
Recent posts
Recent posts
Page 45 of 85 · 1,013 posts
Posted Sep 23
https://powerseb.github.io/posts/LSASS-parsing-without-a-cat/?s=35
42 views
Posted Sep 23
https://www.elastic.co/security-labs/inside-microsofts-plan-to-kill-pplfault?s=35
43 views
Posted Sep 22
40 views
Posted Sep 22
https://medium.com/@cyb_detective/analyzing-telegram-chats-and-channels-regular-expressions-in-osint-in-practice-48810d5b77e6?s=35
41 views
Posted Sep 21
When investigating a suspicious process on Linux, try this: strings /proc/<PID>/environ For example, a socat command was used to spawn a reverse bindshell backdoor. Environ entry shows SSH connection data and traces to the socat comand. Some versions of netcat do similar. Many attackers do not wipe their process environment and this can leave behind high fidelity forensics to help investigate. Many programs leave really obvious data in the process environment. It's there for the asking on Linux.
47 views
Posted Sep 18
https://github.com/trevorsaudi/Mshikaki?s=35
52 views
Posted Sep 18
https://medium.com/@talthemaor/moving-laterally-between-azure-ad-joined-machines-ed1f8871da56
51 views
Posted Sep 18
https://templates.nuclei.sh/
50 views
Posted Sep 17
https://riccardoancarani.github.io/2023-09-14-attacking-an-edr-part-2/
50 views
Posted Sep 17
https://labs.watchtowr.com/xortigate-or-cve-2023-27997/?s=35
51 views
Posted Sep 16
https://github.com/n0a/telegram-get-remote-ip
50 views
Posted Sep 16
51 views