0xdf

@0xdf_

CTF Addict | Thoughts are my own

0xdf.gitlab.io
Vrijeme pridruživanja: siječanj 2015.
18 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @0xdf_

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @0xdf_

  1. proslijedio/la je Tweet
    4. velj

    If you study maldocs you know the Shell() function. Did you know about Interaction$.Shell@()? This malware does: 🔗 Interesting to see how just calling Interaction$.Shell drops the detection rate: 1⃣ 2⃣

    6 replies 63 proslijeđena tweeta 144 korisnika označavaju da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    1. velj

    This machine murdered my soul, in the best way.

    RE just retired from . As the creator of the box, I tried to bring phishing/macro obfuscation concepts to the initial access. The intended privescs were the WinRar ACE file exploit, and XXE in Ghidra. I'll show two unintended privescs too.
    1 proslijeđeni tweet 2 korisnika označavaju da im se sviđa
    Poništi
  3. 1. velj

    RE just retired from . As the creator of the box, I tried to bring phishing/macro obfuscation concepts to the initial access. The intended privescs were the WinRar ACE file exploit, and XXE in Ghidra. I'll show two unintended privescs too.

    11 replies 115 proslijeđenih tweetova 461 korisnik označava da mu se sviđa
    Poništi
  4. 29. sij

    This is crazy cool.

    1\ I've written a little compiler to ship ML models as standalone Yara rules, and done proof of concept detectors for Macho-O, RTF files, and powershell scripts. So far I have decision trees, random forests, and logistic regression (LR) working.
    Prikaži ovu nit
    1 proslijeđeni tweet 11 korisnika označava da im se sviđa
    Poništi
  5. 25. sij

    AI just retired from HTB. It was a neat theme exploiting an AI / smart home like device using audio to perform an SQL injection. Then I'll use Java Debug to escalate to root.

    11 proslijeđenih tweetova 66 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    22. sij
    Odgovor korisniku/ci

    I heard 7Zip ate 9Zip

    1 reply 1 proslijeđeni tweet 15 korisnika označava da im se sviđa
    Poništi
  7. 23. sij

    Planning to spend some time with this.

    Despite its incredible security enhancements, PowerShell continues to be abused by adversaries. A strong knowledge of PowerShell enables defenders to effectively manage and respond to its abuse. (1/4)
    Prikaži ovu nit
    7 korisnika označava da im se sviđa
    Poništi
  8. 22. sij

    Haven't had a chance to play with this, but does good stuff, so I'm looking forward to it.

    Tweet je nedostupan.
    4 korisnika označavaju da im se sviđa
    Poništi
  9. 21. sij

    I just added the challenge binaries where I could for anyone interesting in playing around with these challenges on their own.

    3 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    21. sij

    made an RSS feed of the comics I post on Twitter here:

    7 replies 57 proslijeđenih tweetova 354 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    17. pro 2017.

    Learned this a while ago in 's dojo. Write .LOG in the first line of a file. Inserts a timestamp each time the file is opened. I just leave this here...

    12 replies 150 proslijeđenih tweetova 398 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    13. sij

    Every manager should be doing weekly or biweekly 1-1s with their team. Make sure the space is used to check in with your employees and *explicitly* ask them for feedback and radical candor. You’ll surface and address problems while they’re still small.

    25 proslijeđenih tweetova 133 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    18. sij

    Super helpful presentation for people looking at possible uses: from

    1 reply 11 proslijeđenih tweetova 27 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  14. 18. sij

    Player from required enumeration and several interesting exploits to slowly build a full shell. Root was a good chance to play with PHP deserialization. There were several alternative paths as well.

    5 replies 19 proslijeđenih tweetova 80 korisnika označava da im se sviđa
    Poništi
  15. 14. sij

    Just posted my writeup for . I got a late start this year, but was glad I caught up, as it was a lot of fun. Thanks to and the entire Counterhack team for another great challenge.

    8 proslijeđenih tweetova 34 korisnika označavaju da im se sviđa
    Poništi
  16. 11. sij

    Bitlab from was an opportunity to play with CICD, and to do some simple windows RE / debugging. In Beyond Root, I'll show an alternative path from www-data to root, and look at how the exe mis-calls `GetUsernameW`.

    18 proslijeđenih tweetova 49 korisnika označava da im se sviđa
    Poništi
  17. 9. sij

    Everytime someone tells me they found some value in something I've written, it absolutely makes my day. I'm not a new years resolution person, but I am resolving to try to tell people when I find something they did useful. 30 seconds can really make someone else feel great.

    17 replies 11 proslijeđenih tweetova 191 korisnik označava da mu se sviđa
    Poništi
  18. proslijedio/la je Tweet
    4. sij

    OSCP Review, Resources, and Tips Hy Guys, I have got lots DMs relates review and preparation. So now I'll try to cover important points in this short OSCP review. P.S: I'm noob and this review is based on my experience and methodology in OSCP. (1/18)

    13 replies 105 proslijeđenih tweetova 296 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. 4. sij

    Craft from was a super fun, medium level box that involved pulling together information from various containers at each step. In Beyond Root, I'll look at my failed attempts to crack the JWT.

    1 reply 19 proslijeđenih tweetova 77 korisnika označava da im se sviđa
    Poništi
  20. 1. sij

    leet:

    1 reply 1 proslijeđeni tweet 5 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi

@0xdf_ još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·