hasherezade

@hasherezade

Programmer, analyst. Author of , , . Private account. All opinions expressed here are mine only (not of my employer etc)

Poland
hasherezade.net
Joined July 2013
707 Photos and videos Photos and videos

Tweets

You blocked @hasherezade

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @hasherezade

  1. Pinned Tweet
    Jul 30

    ⚡️ news, updates about development of the tool ()

    2 replies 79 retweets 152 likes
    Undo
  2. Retweeted
    14 hours ago

    hacker history - a thread!

    OK, folks, I hear that John McAfee claims to have invented cyber security. (I don't know; he has blocked me.) Gather 'round the fire, kids, for a short story, because I was around at the time.
    Show this thread
    2 replies 9 retweets 31 likes
    Undo
  3. Retweeted
    Sep 2

    9-2-2018: [Updated] "loader.dll": version | Internal Control Functions | Debug Check Template Note: Groups behind are one of the more sophisticated out of there continuously improving code and innovate since the ISFB code leak😉 Source:

    22 retweets 41 likes
    Undo
  4. Retweeted
    16 hours ago

    If you work in infosec and don't feel overwhelmed at times, you probably don't really understand what you're doing...

    31 replies 164 retweets 678 likes
    Undo
  5. Retweeted
    18 hours ago

    Here’s the video from my BlackHat talk on reversing WeddingCake: an Android anti-analysis native library. We go through the author’s anti-analysis techniques, my process to reverse it, and lessons learned.

    VIDEO: presents “Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library” Briefing recording from 2018
    3 replies 80 retweets 193 likes
    Undo
  6. Retweeted
    16 hours ago

    We are not Check Point's Malware Hunter Team. Or, with other words: We are not employees of Check Point. Or, with other words: We have nothing to do with Check Point. Everyone understood? 😂

    4 replies 21 retweets 65 likes
    Undo
  7. Retweeted
    Sep 3

    RAT campaign in Poland. Using RTF exploit. Mail Subject "Wezwanie do zapłaty" Document SHA1: 20F57F4EB6CF358AF82CBC4BB18433063B6F263E C&C: test200[.]dynu[.]net cc:

    28 retweets 50 likes
    Undo
  8. Retweeted
    Sep 1

    Beyond good ol’ Run key, Part 86

    1 reply 43 retweets 54 likes
    Undo
  9. Retweeted
    Sep 2

    Weekend project: a custom IDA loader module for the Hidden Bee malware family cc

    5 replies 82 retweets 133 likes
    Undo
  10. Retweeted
    Sep 2

    "Injecting .Net Assemblies Into Unmanaged Processes" This is pretty amazing!

    6 replies 93 retweets 196 likes
    Undo
  11. Retweeted
    Aug 14

    Slides from my talk at DEFCON 26: RING 0/-2 ROOKITS : COMPROMISING DEFENSES -- Thank you for everything! I had an outstanding week.

    4 replies 124 retweets 236 likes
    Undo
  12. Retweeted
    Aug 31

    "But how do you know?" I've written hundreds (maybe over 1000) protocol-parsers (like in Wireshark) and file-format parsers (like in AV). I mean, look at the X.509 and SMB parsers I casually toss into masscan.

    4 replies 5 retweets 43 likes
    Show this thread
    Show this thread
    Undo
  13. Retweeted
    Aug 31

    Wireshark has the largest attack surface of any known application. It's trivial to find 0days in it. Using it not in a VM is extraordinarily dangerous.

    Wireshark can be crashed via malicious packet trace files via
    24 replies 226 retweets 490 likes
    Show this thread
    Show this thread
    Undo
  14. Retweeted
    Sep 1

    Cool post. Another interesting thing about this API (to me) is that it lets you write to kernel (Owner Bit Clear) pages :)

    My 1st blogpost for this year :) About WriteProcessMemory behaviour.
    1 reply 10 retweets 51 likes
    Undo
  15. Retweeted
    Sep 1

    Bug Bounties and Mental Health. Let me know if you find this useful -- I don't often write blog posts.

    41 replies 274 retweets 659 likes
    Undo
  16. Retweeted
    Sep 1

    Can't decide that scammers faking as McAfee or this is more laughable... 🤔 😂

    8 replies 75 retweets 170 likes
    Show this thread
    Show this thread
    Undo
  17. Retweeted
    Sep 1

    Guys from the Zero Day Initiative wrote a blog post about the simpler kind of bugs in Oracle VirtualBox, including those discovered by myself (hey, thanks for sparing me a write-up! 😜). Most importantly, they dropped a working PoC. Go ahead, it’s easy ->

    2 replies 92 retweets 196 likes
    Undo
  18. Aug 31

    Nightwish - "Nemo":

    4 replies 3 retweets 34 likes
    Undo
  19. Retweeted
    Aug 30

    Go install `bat` right now. $ brew install bat It is like `cat`, but with wings.

    , , and 2 others
    64 replies 1,502 retweets 3,884 likes
    Undo
  20. Retweeted
    Aug 30

    Being pressured to give someone your number? Give them my latest creation. +44 7479 276673 (or "+44 7479 27 NOPE") If someone texts it they'll get a message asking them to call. If they call, they get a text message explaining the situation, and suitable music plays. Try it!

    17 replies 148 retweets 309 likes
    Show this thread
    Show this thread
    Undo
  21. Retweeted
    Aug 31

    Wild story. Lawsuits against NSO based on leaked emails and documents provided to a Qatari journalist. I got this gut feeling might have had something to do with it.

    35 retweets 47 likes
    Show this thread
    Show this thread
    Undo

@hasherezade hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·