0x1337dtm

@0x00dtm

Just because you can't read assembly doesn't mean Windows isn't open source. Don't change my mind.

Far away from you
0x00sec.org/u/dtm/
Vrijeme pridruživanja: siječanj 2018.
10 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @0x00dtm

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @0x00dtm

  1. Prikvačeni tweet
    23. sij

    New article! Anti-virus Exploitation: Malwarebytes 4.0.4 - Protection Not Found - Hijacking Malwarebytes via COM IPC

    64 proslijeđena tweeta 126 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    3. velj

    UPDATED FOR 2020: The Infosec Introvert Travel Blog via

    13 replies 35 proslijeđenih tweetova 152 korisnika označavaju da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    4. velj

    Root cause analysis and exploit for a Windows kernel ws2ifsl.sys use-after-free vulnerability.

    19 proslijeđenih tweetova 42 korisnika označavaju da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    3. velj

    I constantly get asked on how to enter the and industry. In hopes of helping more people I wrote an article about it. Medium: LinkedIn:

    32 proslijeđena tweeta 56 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    3. velj

    VB6 Packers are no joke, This one took me a while to write and I do hope you enjoy it! Analyzing Modern Malware Techniques - Part 3 Vb6 packers

    41 proslijeđeni tweet 68 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    27. sij

    Interested in learning Windows Kernel exploitation ? wrote 3 challenges to help you write your first Windows Kernel shellcodes ! You can already try the first one, or all of them if you're a premium member.

    135 proslijeđenih tweetova 311 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    2. velj

    Can your EDR detect symbolic link callback rootkits? Because ours sure as heck can't. and I wrote about these!

    161 proslijeđeni tweet 368 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    2. velj

    A curated list of resources for learning about deploying, managing and hunting with Microsoft Sysmon. Contains presentations, deployment methods, configuration file examples, blogs and additional github repositories.

    1 reply 56 proslijeđenih tweetova 124 korisnika označavaju da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    2. velj

    KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore,

    170 proslijeđenih tweetova 320 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    1. velj
    Odgovor korisniku/ci

    Everyone you admire has made tradeoffs to get where they are, and every one of them has cautionary tales about the human costs of those tradeoffs When you get to where they are, they'll tell you. But by then you'll already know.

    59 proslijeđenih tweetova 193 korisnika označavaju da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    31. sij

    Fuck it, I can't focus at all today. It's a mess, sorry.. I've also uploaded the discussed bug to github. Maybe someone can make sense of it. It's a junction bug that's a little more complicated then a simple "bait and switch". Hope it's useful to someone.

    6 replies 66 proslijeđenih tweetova 236 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    30. sij

    This is a great effort to get more people into RE :

    49 proslijeđenih tweetova 163 korisnika označavaju da im se sviđa
    Poništi
  13. 30. sij

    ... skid who cries about not being able to bypass Defender. On that note, I believe Defender is sufficient (for my needs).

    1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  14. 30. sij

    ... being mindful of the dangers on the internet, not plugging in random USBs, etc. The threat model is also important - if a malicious user were to target a high profile target, an AV wouldn't be as helpful. If they targeted a random like me, it would most likely be some...

    1 reply
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  15. 30. sij

    Thinking about it in absolutes isn't useful. Despite hunting bugs in AV, I would still recommend it to the general public. Yes, AVs aren't perfect BUT they serve as a layer of defence - maybe not the *first* line of defence. It should complement safe practices like...

    Antivirus is a scam and it pisses me off that people still fall for it.
    3 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    30. sij

    A quick post on why you shouldn't use SYSTEM Tokens when you sandbox a process. Part 1 of N (where I haven't decided how big N is).

    78 proslijeđenih tweetova 146 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    17. sij

    My blog post about CVE-2020-0601 is online! I hope you guys enjoy it, I didn't sleep for 2 days now, pardon me if I made some mistakes :) Feel free to point out any mistakes!

    6 replies 85 proslijeđenih tweetova 191 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    28. sij

    New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZure

    12 replies 385 proslijeđenih tweetova 794 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    27. sij

    If you're asking yourself "is this the first time an AV was targeted by someone to own someone", you need to check this Github repository by

    1 reply 26 proslijeđenih tweetova 66 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    26. sij

    Our simple and effective use of IDAPython to solve a ctf challenge:

    16 proslijeđenih tweetova 43 korisnika označavaju da im se sviđa
    Poništi
  21. proslijedio/la je Tweet
    26. sij

    After examining and rereading , MS solution to most Elevation of Privilege (Symbolic\Hard Link) attacks is: Either keeping an open handle to the exploited resource or doing local impersonation correctly. Like in Or in

    1 reply 13 proslijeđenih tweetova 38 korisnika označava da im se sviđa
    Poništi

@0x00dtm još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·