Petit Sio

@EmericNasi

I have a passion for all infosec subjects especially redteam. My tweets are my own and do not engage or have any relation to past or current employers.

France
blog.sevagas.com
Vrijeme pridruživanja: svibanj 2010.
91 fotografija ili videozapis Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @EmericNasi

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @EmericNasi

  1. Prikvačeni tweet
    1. pro 2019.

    How to disable Dynamic Code Mitigation Policy (ACG) to be able to inject code and deploy hooks into Microsoft Edge and others

    59 proslijeđenih tweetova 116 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    1. velj

    I was tired of outdated XSS cheat sheets that don't touch on frameworks, html5, filter bypasses and other important stuff, so I made my own. I hope you find it as useful as I do. :)

    6 replies 374 proslijeđena tweeta 826 korisnika označava da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    6. sij

    My first blog post! Bypassing AV via in-memory PE execution. I've created a tool to go along with the post and help automate creating undetected PEs, links inside the post 😉

    8 replies 179 proslijeđenih tweetova 396 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. 6. sij

    To people who write to my protonmail address from gmail or corporate account... Thats not how it works!

    2 korisnika označavaju da im se sviđa
    Poništi
  5. 12. pro 2019.

    I just released the slides I presented at I still plan to write one or two posts on code injection.

    30 proslijeđenih tweetova 51 korisnik označava da mu se sviđa
    Poništi
  6. 1. pro 2019.

    How to apply WNF code injection technique to any process: Here is an example with code injection into Firefox

    13 proslijeđenih tweetova 27 korisnika označava da im se sviđa
    Poništi
  7. 1. pro 2019.

    was a great event! Many thanks to the staff. I enjoyed giving a talk on code injection and meeting everyone :)

    1 reply 2 proslijeđena tweeta 15 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    30. stu 2019.

    Et voilà même avec les protections d’, à montre comment il a réussi en contournant l’interdiction d’injection de code dynamique par un drapeau caché de déboggage... 👏🏻 RTFM

    7 proslijeđenih tweetova 11 korisnika označava da im se sviđa
    Poništi
  9. 30. stu 2019.

    Begining of conf. Happy to be here. N'hésitez pas à dm si vous voulez discuter :)

    1 korisnik označava da mu se sviđa
    Poništi
  10. proslijedio/la je Tweet
    25. stu 2019.

    "... cloud communication was encrypted using XOR cipher with the key embedded in the products." 🤦‍♂️

    18 proslijeđenih tweetova 31 korisnik označava da mu se sviđa
    Poništi
  11. proslijedio/la je Tweet
    12. stu 2019.

    Everyone knows Driver Signature Enforcement.... 🙃 The problem is: Attackers can load any signed driver and abuse its functionality. For example, the process hacker driver can be abused to dump the memory of lsass.exe. Read about it in my blog😋

    5 replies 151 proslijeđeni tweet 333 korisnika označavaju da im se sviđa
    Poništi
  12. 4. stu 2019.

    Honored to be speaking at SIGSEGv 2. About weaponizing process injection on Windows.

    hello hello ! Pour rappel, il reste 63 places pour la V2, la billetterie étant toujours présente à l'adresse : Ha ! et voici le planning :D
    Prikaži ovu nit
    1 proslijeđeni tweet 7 korisnika označava da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    30. lis 2019.

    Our new blog post on abusing the SYLK file format. This 1980s file type can host macros in modern versions of MS Office / Excel without hitting protected mode. Post includes recommendations for mitigation (note: active abuse in the wild).

    6 replies 123 proslijeđena tweeta 207 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    5. ruj 2019.

    Just release part 2 of code injection series. How to bypass mechanisms protecting against invalid remote start address. As an example, I inject and deploy hooks in Firefox.

    30 proslijeđenih tweetova 62 korisnika označavaju da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    23. lis 2019.

    I hear you like lolbins... odbcconf.exe /a {REGSVR c:\test\test.dll" it loads the DLL and calls DllRegisterServer :)

    141 proslijeđeni tweet 350 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    22. lis 2019.

    Did you know that Windows smart screen ignores .BAT files that contain _only_ certain keywords like 'calc' despite coming from the internet? Did you also know that in CMD if you execute 'calc' it will first look for an executable in the same dir with the name 'calc'? Result:

    12 replies 257 proslijeđenih tweetova 695 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    1. lis 2019.

    Just got done researching how access token manipulation can be leveraged to impersonate SYSTEM from local admin! I dig into alternatives to winlogon.exe that can also be leveraged to impersonate SYSTEM. Detections for access token manipulation included 💜

    12 replies 301 proslijeđeni tweet 589 korisnika označava da im se sviđa
    Poništi
  18. 8. ruj 2019.

    Just released macro_pack 1.7 with new support of IQY, UAC bypass, and MS Access macro. Thank you for the pull request :)

    8 proslijeđenih tweetova 13 korisnika označava da im se sviđa
    Poništi
  19. 6. ruj 2019.

    Just bought my ticket for ! It was great last year. This time I dont think submitting a talk. I want to enjoy as simple attendee :)

    5 korisnika označava da im se sviđa
    Poništi
  20. 5. ruj 2019.

    Just release part 2 of code injection series. How to bypass mechanisms protecting against invalid remote start address. As an example, I inject and deploy hooks in Firefox.

    30 proslijeđenih tweetova 62 korisnika označavaju da im se sviđa
    Poništi

@EmericNasi još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·