Discover and read the best of Twitter Threads about #payloads

Most recents (2)

Gather round #infosec fam

Warning: This is a long Thread with lots of #VBALostArts & new goodies for #c2c #opsec & #payloads in Office Malware #VBA

Spoilers: This thread is gonna make some Blue Teams & sandboxes mad

Red Teams: There is plenty of fun up ahead.

Enjoy.
Currently Office Malware is 3 steps generally:

1. Encrypt/Obfuscate Your #Macro Dropper
2. Get Your Powershell/Java/JS/DLL flavor of the week onto the victim ASAP
3. Bug out

I want to change all of this, however before we do that we need to upgrade Office Malware
For now lets focus on the first step and why obfuscating/encrypting your macros not ideal.

1. Your code will eventually get deobfuscated
2. Your code is not unique - same sample <-> many targets
3. Most obfuscation methods = Noise/Signatures
4. Your code becomes evidence
Read 18 tweets
Vamos a usar este tweet para publicar #Dorks de todo tipo, empecemos con este:

inurl:wp-config.php intext:DB_PASSWORD -stackoverflow -wpbeginner -foro -forum -topic -blog -about -docs -articles

#CyberSecurity #dork #BugBounty
intext:"pass" ! "usuario" | "user" | "contraseña" filetype:sql -github
Este es muy bueno, nos permite hacer uploads, ha sido probado con imágenes .jpeg

intitle:"FCKeditor - Uploaders Tests"
Read 63 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!