shinobiops
shinobiops
ShinobiOps - Red Team Tips
5 posts
Don't wanna be here? Send us removal request.
Statistics
We looked inside some of the posts by shinobiops and here's what we found interesting.
Average Info
Notes Per Post
9
Likes Per Post
9
Reblog Per Post
0
Reply Per Post
0
Time Between Posts
1 month
Number of Posts By Type
Text
5
Last Seen Tumblr Blogs
grandduckpeanut-blog
Brillmindz Technologies
31 posts
absenthndibi
Yeşil Peri
879 posts
ratfink-kryptonite
Things Are Looking Up!
839 posts
markpeterson01
Untitled
1 post
dancediedanceagain
DIE$$DIE$$DIE$$
43K posts
Fun Fact
Users from the US are the majority of Tumblr visitors.
shinobiops · 3 years ago
Text
Dumping hashes without triggering EDR
After getting annoyed with nanodump being detected I did some searching for methods that can dump LSASS without triggering sensors. Recently I had read about a method using Forensics software doing a full ram dump.
A link to that article is here - https://pentestmag.com/bypass-lsass-dump-protection-with-ram-dump/ (commands as listed did not work, so here is a fresh post)
I decided to give this a shot however against Crowdstrike Falcon, first downloading Magnet Ram Capture - https://support.magnetforensics.com/s/article/Acquire-Memory-with-MAGNET-RAM-Capture
(Requires a biz email)
Armed with Magnet Ram Capture I was able to dump all data from Ram without triggering any Crowdstrike Falcon alerts.
Tumblr media
Avoid setting a segment size, life was easier with all ram dumped to a single file.
Now use volatility! The following volatility3 command worked for me -
python3 vol.py dump.raw windows.hashdump
#redteam
0 notes
shinobiops · 3 years ago
Text
GO Race Condition hunting
Tumblr media
I recently discovered the power and beauty of the in-built GOLANG race detector -
It can be used in the following ways
$ go test -race mypkg // to test the package
$ go run -race mysrc.go // to run the source file
$ go build -race mycmd // to build the command
$ go install -race mypkg // to install the package
It is recommended you run your project with -race and test as many code paths as possible as you will find more race conditions under load. I found 5 bugs with this just this week!
P.S you will need GCC! :)
#bug hunting#redteam#codereview#dynamic testing
0 notes
shinobiops · 3 years ago
Text
Conditional Access Policies
Ever pop MSOL creds and but still cant access external resources due to access policies or MFA?
Try MS GraphAPI ;) (may lack the same controls as other resources.)
Tumblr media
#redteam
1 note · View note
shinobiops · 3 years ago
Text
Tumblr media
The FlipperZero continues to be a great hacking multi tool, capabilities tested so far
LF Badge Cloning
Hotel Key Cloning
Wireless Light Control
Tesla Door charger ports
D&B Arcade cards
NFC Cloning/Bank Cards
I have found the following Github to be a great source for useful files
#hacking#infosec#redteam
6 notes · View notes
shinobiops · 3 years ago
Text
Keeping covert access equipment hidden
Tumblr media
There are times when I would like to carry things like lockpicks, handcuff keys, and RFID bypass tools on me without drawing attention. I have found matchboxes work great for this purpose.
Additional Sneaky places
hat brim
under belt
in phone case
hidden in shoe
Think about places you are commonly searched and what is felt for, you will quickly find strategies that work best for you.
Stay tuned for more red team tips...
#red team#physical security
2 notes · View notes