Hi! I really need some help with this concept can you DM me?

Sir, I do appreciate you and your content. I was able to use this on a recent engagement and it worked flawlessly. Sidenote for anyone who stumbles across this comment: Don't forget to check disk space and RAM size before you take a memory dump. Would hate to overfill a C drive on a production server 😂 Get-CimInstance Win32_PhysicalMemory | Measure-Object -Property Capacity -Sum | Select-Object Sum).Sum / 1GB Get-PSDrive C

Thanks for sharing. Unfortunately I’m stuck at the ./setup.sh part of the tutorial, for unknown reasons mine won’t begin the installation process instead is reposts the setup.sh list. Can you please advise. Thank you.

I really enjoyed your video, and you've just gained another subscriber! I have a quick question about the AZON EC2. Could you please explain more about how you set up all the prerequisites for the simulation test, such as how to configure the API keys? Thank you so much.

could u please provide some working phislets in 2024 and also create a video on how to create own custom phislets ,btw best content

Amazing work 👏 Please add time line ❤

Really shame on Defender, how idiot it is to flag when seeing base64 like key words. These guys doesn't know smart way of detecting threats. That's why playing safe game by arresting keys words on exe

All antivirus especially Windows Defender are super mad. Sadist... Never be happy.

What other attacks are possible, if the machine account quota is set too high?

Hi and thanks for the content I have question If template called User Allowing users to enroll and it has client authentication but the user cant specify the san or upn , is it exploitable ? And if yes , how to do that

is evilgophish run in kali linux ?

Not my field of expertise normally, but just encoding and using eval or equivalent would by pass your check...? Edit: ahh, of course, you are checking for eval-like keywords as well.

Good topic for all merci

Another great content! Your hard work and creativity really shine through. Keep up the awesome work!

Does it affect different EDR vendors by chance?

Another awesome presentation. Thank you for sharing

❤

Let’s get it another cyber attack&defense vid

Respect from Pakistan

Man no words. So simple and next level . I look forward to your company and courses on red teaming for beginner

I was trying to open an account of atera to give it a try. But there are a lot of verification I have to go through. They have to interview me to get an account. This is too much. Is there any alternative you can refer me to?

What if you dont get the ticket option? Just detect the event id and the cipher code?

Off-topic question: As a pentester wanna be, where do I find exploits before they die. Like before they are 2 years old and works no more. We want more videos on exploits. And thanks for the amazing contents you provide us for free.

Amazing tricks

How do I open the console at minute 6:04? pls

This is awesome! Thank you very much. I keep learning new things from you, buddy

how do i set prefilled user email variable through the lure link and will be prefilled on the login page

Anyone have luck creating specific KQL queries for detecting these?

How do i keep the evilgophish to persist on screen, i mean i want the gophish and evilginx to run simultanously why i exit my ssh session.

Have been looking for such this nice video, bro.. kudos to your talent and am having problems showing on evilginx2 after I run this command ./build/evilginx -p ./phishlets/ and it showing certdb: tls: private key does not match public key, could you help on this such case please.

just watching this amazing video, what happens if i can't find the gophish binary in the directory. how do i resolve this

I don't understand why numbers of viewers is so low? Thank you for sharing

Great video! Thank you

I love how you simplify stuff !! thanks a lot for this

Hi subscriber hereh. We want a video on how we can set up elastic and configure sysmon on all our windows hosts and servers.

Really nifty usage of dev tunnels another great vid!

If someone has a L7 firewall rule between the compromised host and the file server will that deep packet inspection be able to block the attack?

Awesome series, thank you for sharing

I love this series of video! They're just too great. Thanks!

Lol sophos doesnt alert on default smbexec……..

My main problem is invisibility cloak only supports one project file, but i only have one solution file on the outside so individually doing the folders doesn't work either. i get this error normally [*] INFO: Generating new GUID for C# project [*] INFO: New project GUID is bb1ce2d5-e8ab-44fc-92ef-15754b1a870f [-] ERROR: Currently this tool only supports having one C# project file to modify. The project directory you provided has 4. or when trying each folder separately. Traceback (most recent call last): File "C:\Users\Riley\Desktop\Personal\RedTeam\Obfuscation\InvisibilityCloak.py", line 542, in <module> main(theObfMethod, theDirectory, theName) File "C:\Users\Riley\Desktop\Personal\RedTeam\Obfuscation\InvisibilityCloak.py", line 497, in main replaceGUIDAndToolName(theDirectory, theName) File "C:\Users\Riley\Desktop\Personal\RedTeam\Obfuscation\InvisibilityCloak.py", line 96, in replaceGUIDAndToolName copyfile(slnFile, slnFile + "_copy") File "C:\Users\Riley\AppData\Local\Programs\Python\Python312\Lib\shutil.py", line 260, in copyfile with open(src, 'rb') as fsrc: ^^^^^^^^^^^^^^^ FileNotFoundError: [Errno 2] No such file or directory: '' How can I get around this? And its sad I noticed on the invisibility git hub they mentioned adding support for this but it hasn't been updated in 2 years.

You rlly saved me a lot of trouble with this one!

MindBlowing Content as always. Only thing is bothering me that memory dump size can be huge if our target systems are windows servers so how we will be able to exfiltrate that huge file without detection and evading dlp?

Thank you a bunch for this series, im a newb when it comes to red teaming and you've been helping a bunch on my journey, will edit the comment after i've watched :D Loved the video. Very interesting version of memprocfs, I used the tool once and had to resort to the pypykatz module. Since you showed it's possible I will try to tweak it!

Do you happen to have a way for winpmem to be able to write to a remote location? Also why you gotta flex the custom memprocfs like that..... Sending me on a mission this weekend.

Love this series!

Would be really nice from your side if you are stop promoting memprocfs since author is really against of it use in any kind of redteam activity and he explained why in he's discord

Always have the best content

Correct me if I am wrong but this is not gonna work in win11 - the MOTW bypass ;)