Big5

@Big5_sec

another guy trying to bring a little to infosec community. Part of LeHack wargame organizers.

github.com/Big5-sec
Vrijeme pridruživanja: svibanj 2017.
2 fotografije ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @Big5_sec

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @Big5_sec

  1. Prikvačeni tweet
    17. lip 2019.

    Given the feedback on the tweet from about SourceFu (like ), i launched a little blog with a first post on how to contribute to SourceFu : If there are any questions, don't hesitate to DM :)

    3 proslijeđena tweeta 3 korisnika označavaju da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    30. sij

    Hello dear followers, nous recherchons un•e vacataire pour des cours sur la sécurité des services web à contact en MP ✌️ Le retweet serait merveilleux 🙂

    1 reply 30 proslijeđenih tweetova 7 korisnika označava da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    13. sij

    [New Post] Backdoor Schneider M340 PLC using -like attack based on DLL-Reflective. Deep dive from Grafcet/Ladder processing to assembly. Inject your own C payload into PLC to perform funny things like TCP port scanner, lateral movement...

    36 proslijeđenih tweetova 38 korisnika označava da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    20. pro 2019.

    We just updated the executive callback repo with a research on the callback used by PatchGuard

    1 reply 45 proslijeđenih tweetova 101 korisnik označava da mu se sviđa
    Poništi
  5. proslijedio/la je Tweet
    13. pro 2019.

    As I've recently gotten into browser exploitation, I thought I'd solve and do a writeup for a CTF challenge from earlier this year that really doesn't have any detailed writeups. Hope someone finds my writeup for *CTF 2019 oob-v8 useful! DMs are open.

    73 proslijeđena tweeta 197 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    13. pro 2019.

    I wrote a thing about JSC exploitation (including how to leak StructureID) and Safari sandbox escape.

    161 proslijeđeni tweet 365 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    14. pro 2019.

    Finally took the time to implement Base Relocation in my VBA RunPE. Damn! That was challenging! 🤯 Big thanks to for sharing great content on Process Hollowing! 🙂

    78 proslijeđenih tweetova 145 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    4. pro 2019.

    live

    49 proslijeđenih tweetova 44 korisnika označavaju da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    4. pro 2019.

    We analyzed a scenario where a malicious user can exploit a vulnerable web app using the following methods: Simple Network Management Protocol (SNMP) > Cross-site scripting (XSS) > Remote Code Execution (RCE).

    164 proslijeđena tweeta 367 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    3. pro 2019.

    0.55 is finally out, just in time for ! Main changes: olevba += SLK file parser and XLM macro extraction, VBA stomping detection More info: How to install/update: pip install -U oletools

    80 proslijeđenih tweetova 158 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    3. pro 2019.

    Today marks the release of the debugging and tracing library I have intermittently worked on over the years. The name is a tribute to the interface that has so generously provided us with local privilege escalation for several decades. May it be of use.

    126 proslijeđenih tweetova 275 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    3. pro 2019.

    I just released "lsassy" ! Tool to remotely parse lsass dumps using and Automate the whole process using my CME module 🔹lsassy : 🔸CME Module : French article about this technique : 🙃

    142 proslijeđena tweeta 292 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    28. stu 2019.

    Here's a quick script to check if an OpenXML file (docx/xlsx/pptx) contains any unusual URL/IP/executable filename: It's a simple way to extract links for template injection used in some maldocs like the Donot campaign:

    1 reply 41 proslijeđeni tweet 69 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    28. stu 2019.

    Thread on an interesting patch diffing session (CVE-2019-1429). Not too many modified matched functions between last vulnerable and first patched jscript.dll on Windows 10 v1809, and at closer inspection, only two types of changes deployed at ~10 locations each.

    Today we issued a micropatch for CVE-2019-1429, a use-after-free vulnerability in Microsoft Scripting Engine that is being exploited in the wild. While it isn't a 0day (November Windows Updates include a fix), we decided to micropatch it for users who can't apply MS update (yet).
    Prikaži ovu nit
    1 reply 13 proslijeđenih tweetova 28 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    28. stu 2019.

    If you’re into firmware exploitation the blog posts by are a goldmine:

    25 proslijeđenih tweetova 88 korisnika označava da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    26. stu 2019.

    (1/2) Here is my analysis of Tencent's Legu: Most of the analysis was done thanks to open source tools: - Frida (devkit) for hooking - QBDI (AArch64) for memory traces and instruction traces - Kaitai struct for reverse engineering the custom formats

    5 replies 69 proslijeđenih tweetova 145 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    26. stu 2019.

    You gotta be kidding Mi - We just published the Xiaomi Pwn2Own 2018 advisories, which were patched just before Pwn2Own 2019, for silent APK install in the Browser and WiFi categories by and

    43 proslijeđena tweeta 90 korisnika označava da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    26. stu 2019.

    Correction: Take a deep dive into a winning bug as breaks down an entry used by (Amat Cama and Richard Zhu) at this year’s Pwn2Own in Vancouver.

    1 reply 50 proslijeđenih tweetova 110 korisnika označava da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    25. stu 2019.

    Today I was able to release the first post of a series of blog posts about attacking FreeIPA, an open source alternative to Windows Active Directory inside of unix environments. This post covers authentication, and situational awareness.

    7 replies 227 proslijeđenih tweetova 413 korisnika označava da im se sviđa
    Poništi
  20. 25. stu 2019.

    If some people are already using pcode2code, don't hesitate to update it. throw-back has been really useful to find out some uncompiled cases.

    2 proslijeđena tweeta 1 korisnik označava da mu se sviđa
    Poništi
  21. proslijedio/la je Tweet
    24. stu 2019.

    Abusing Exported Functions and Exposed DCOM Interfaces for Pass-Thru Command Execution and Lateral Movement

    39 proslijeđenih tweetova 86 korisnika označava da im se sviđa
    Poništi

@Big5_sec još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·