Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs
https://github.com/ConsciousHacker/WFH
Windows Feature Hunter (WFH) is a proof of concept python script that uses Frida, a dynamic instrumentation toolkit, to assist in potentially identifying common “vulnerabilities” or “features” within Windows executables. WFH currently has the capability to automatically identify potential Dynamic Linked Library (DLL) sideloading and Component Object Model (COM) hijacking opportunities at scale.
Introducing SharpConflux - LRQA Nettitude Labs
Today, we are releasing a new tool called SharpConflux, a .NET application built to facilitate Confluence exploration.
GrimResource - Microsoft Management Console for initial access and evasion — Elastic Security Labs
Elastic researchers have uncovered a new infection technique also leveraging MSC files, which we refer to as GrimResource. It allows attackers to gain full code execution in the context of mmc.exe after a user clicks on a specially crafted MSC file.