b33f

@FuzzySec

意志 / Team RedBlue ¯\_(ツ)_/¯ / Ex-TORE ⚔️🦅 / Undocumented / I rewrite pointers and read memory / Tempora mutantur, nos et mutamur in illis

patreon.com/FuzzySec
fuzzysecurity.com
Vrijeme pridruživanja: travanj 2012.
352 fotografije ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @FuzzySec

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @FuzzySec

  1. Prikvačeni tweet
    20. sij

    Myself and are super excited to head out to BHIL to talk about covert injection tradecraft in .NET ☠️⚔️🛡️

    The wait is finally over! Registration & schedule for 2020 are live. Places are limited so register NOW:
    1 reply 19 proslijeđenih tweetova 86 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    prije 10 sati

    The venue is a mind blowing, dystopian take on the state of the world. Easily the best BlueHat of the 8 I’ve now been to zomg 😎

    5 replies 8 proslijeđenih tweetova 47 korisnika označava da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    prije 21 sat

    Custom Signed Kernel Driver's Pretty cool 😃 Without the need to enable TestSigning. Sample Project:

    1 reply 38 proslijeđenih tweetova 91 korisnik označava da mu se sviđa
    Poništi
  4. proslijedio/la je Tweet
    3. velj

    Teamviewer has been storing user passwords encrypted with AES, not hashed, in the registry accessible to low privilege users on the machine. This works for versions dating back from at least as far back as 2012 to the latest version.

    11 replies 151 proslijeđeni tweet 225 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    3. velj

    Our first blog post of 2020 is out! Learn about how we discovered a heap overflow in the F-Secure Internet Gatekeeper, which leads to unauthenticated RCE

    1 reply 45 proslijeđenih tweetova 103 korisnika označavaju da im se sviđa
    Poništi
  6. 4. velj

    Dang it's nice to catch some sunshine ☀️

    1 reply 18 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    2. velj

    Can your EDR detect symbolic link callback rootkits? Because ours sure as heck can't. and I wrote about these!

    161 proslijeđeni tweet 367 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    2. velj

    KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore,

    170 proslijeđenih tweetova 320 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    29. sij

    1\ I've written a little compiler to ship ML models as standalone Yara rules, and done proof of concept detectors for Macho-O, RTF files, and powershell scripts. So far I have decision trees, random forests, and logistic regression (LR) working.

    15 replies 104 proslijeđena tweeta 253 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    1. velj

    [Excellent Read] Was reviewing some of the data in this blog. Solid Write up. by

    65 proslijeđenih tweetova 177 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    31. sij

    The code to execute in JS via "System.Runtime.InteropServices.RegistrationServices" here: You need to expose a static method public static void UnRegisterClass(string key) And of course you need an assembly object :) Cheers

    1 reply 43 proslijeđena tweeta 90 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    31. sij

    Want to see how the red team weaponizes threat intel for R&D and TTP development? Check out some research I did with and . Also includes some new executables that can be used for DLL abuse.

    127 proslijeđenih tweetova 240 korisnika označava da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    30. sij

    I found this article to be excellent. From building Windbg Tooling to working exploits. Its a dense and rich read. Really well done. I thought. Introduction to SpiderMonkey exploitation.

    1 reply 54 proslijeđena tweeta 145 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    30. sij

    A quick post on why you shouldn't use SYSTEM Tokens when you sandbox a process. Part 1 of N (where I haven't decided how big N is).

    78 proslijeđenih tweetova 146 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    29. sij

    An attempt to demystify the process of security research and to shine a light on how close within one's reach it is. A specific example of advice I'd offer myself: 1/3

    6 proslijeđenih tweetova 37 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    29. sij

    Tell me again how hacking is not art

    Qualys Security Advisory: LPE and RCE (CVE-2020-7247) in OpenSMTPD, OpenBSD's mail server. Erroneous logic in smtp_mailaddr() which validates user and domain. More details and PoC at: PS: "Did you ever play tic-tac-toe?"
    10 proslijeđenih tweetova 68 korisnika označava da im se sviđa
    Poništi
  17. 29. sij

    I added a mimikatz MemSSP style hook to Fermion, you can check out the code here => This is based on the great write-ups by &

    48 proslijeđenih tweetova 132 korisnika označavaju da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    27. sij

    We’re doing it again 🤘

    The details for our next Adversary Simulation and Red Team Tactics training with and are now live, featuring new material!
    14 proslijeđenih tweetova 55 korisnika označava da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    26. sij

    Some study notes on LSASS hooking for harvesting interactive logon credentials. Thanks to for his inspiring posts about mimikatz.

    5 replies 175 proslijeđenih tweetova 406 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    27. sij

    Move Faster, Stay Longer blog about extending CS and tools to go with it.

    7 replies 159 proslijeđenih tweetova 254 korisnika označavaju da im se sviđa
    Poništi
  21. 26. sij

    I'm teaching myself some automation with Chef. I wrote my first cookbook today 🎊. I'll add some code as I go on GitHub if people are interested =>

    36 proslijeđenih tweetova 154 korisnika označavaju da im se sviđa
    Poništi

@FuzzySec još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·