Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @MAn0kS
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @MAn0kS
-
MaN0ks proslijedio/la je Tweet
Learn Reversing/Bin Exploitation: https://www.youtube.com/watch?v=iyAyN3GFM7A&list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN … Practice: https://2019game.picoctf.com/ https://247ctf.com/ Great content about it: https://www.youtube.com/user/GynvaelEN Learn x64 Assembly(MASM): https://www.youtube.com/playlist?list=PLKK11Ligqitg9MOX3-0tFT1Rmh3uJp7kA … Thanks guys <3
@LiveOverflow@gynvael@WhatsACreelPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
If you’re tired of hearing about crypto32, elliptic curves, and other CVE-2020-0601 shenanigans, have a read over our new blog post on Windows’ Intel CET implementation in the face of SetThreadContext and NtContinue. Come for the exploit mitigation, stay for the XState Internals. https://twitter.com/yarden_shafir/status/1217728223355817986 …pic.twitter.com/rfFlA1aZXR
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
Learn how to exploit Symantec Endpoint Protection on all versions of Windows (CVE-2019-12750). Part 2 of this series by
@kyREcon delves into a more advanced method of exploitation!https://labs.nettitude.com/blog/cve-2019-12750-symantec-endpoint-protection-local-privilege-escalation-part-2/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
Some notes after exploring the Interrupt Descriptor Table in Windows Kernelhttps://ired.team/miscellaneous-reversing-forensics/windows-kernel/interrupt-descriptor-table-idt …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
If you missed my Windows Security Internals talk (or just want to relive the memories) it's available online!https://myignite.techcommunity.microsoft.com/sessions/81692?source=sessions …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
Second part of my kernel hacking mini-series: "Bypassing kernel function pointer integrity checks" https://vmcall.blog/nt/2019/11/06/kernel-code-alignment.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
GET EXCITED: MSVC + AddressSanitizer exists now!https://devblogs.microsoft.com/cppblog/addresssanitizer-asan-for-windows-with-msvc/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
Just published my latest project "ByePg", exposing an entirely new attack surface to PatchGuard/NT and bringing
@nickeverdox's InfinityHook back:https://blog.can.ac/2019/10/19/byepg-defeating-patchguard-using-exception-hooking/ …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
Assessing the Effectiveness of a New Security Data Source: Windows Defender Exploit Guard https://medium.com/palantir/assessing-the-effectiveness-of-a-new-security-data-source-windows-defender-exploit-guard-860b69db2ad2 …
@duff22b and@cryps1s were wizards at assessing and deploying this in the@PalantirTech env! Event fields thoroughly documented here:https://github.com/palantir/exploitguard …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
If you're able to ingest ETW events, Microsoft-Windows-Kernel-Audit-API-Calls Event ID 5 captures _all_ requested process handles (including PsOpenProcess return code). Sysmon event ID 10 only captures process handles that were actually granted.https://twitter.com/mattifestation/status/1140655593318993920 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
Security Descriptor Auditing Methodology: Investigating Event Log Security https://posts.specterops.io/security-descriptor-auditing-methodology-investigating-event-log-security-d64f4289965d … In this post, I establish my process for identifying access rights, determining default security, consideration of abuse implications, audit automation, and SACL research. Enjoy!
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
Recently I have been working on mapping Window API calls to event IDs within Sysmon. Today I am releasing this project and a blog to talk about this more!
#DetectionEngineering Project: https://github.com/jsecurity101/Windows-API-To-Sysmon-Events … Blog:https://posts.specterops.io/uncovering-the-unknowns-a47c93bb6971 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
It’s about time... first device ships with the Microsoft hypervisor on by default! And on ARM64!https://techcommunity.microsoft.com/t5/Virtualization/Virtualization-Based-Security-Enabled-by-Default/ba-p/890167 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
Understanding and Defending Against Access Token Theft: Finding Alternatives to winlogon.exe https://nzzl.us/iQvUZFS via
@nuzzelHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
Releasing a new tool to aide in Sysmon evasion, Shhmon (https://github.com/matterpreter/Shhmon …) with an associated blog post including defensive recommendationshttps://posts.specterops.io/shhmon-silencing-sysmon-via-driver-unload-682b5be57650 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
Happy to release the Threat Hunting with ETW events and
@THE_HELK series! Part I:
Installing SilkETW to consume events via the event log locally is out! Next, Shipping events to @THE_HELK
Thank you @FuzzySec
#ThreatHuntinghttps://medium.com/threat-hunters-forge/threat-hunting-with-etw-events-and-helk-part-1-installing-silketw-6eb74815e4a0 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
The Linux Security Summit North America 2019 videos are published! https://www.youtube.com/playlist?list=PLbzoR-pLrL6owE2_U94_g0gmuiq4iePVr …
#linuxsecuritysummitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
In June members of the
@McAfee_Labs team introduced a new attack called: Process Reimaging. Today I am releasing a blog on how to detect this behavior inside of an environment! Thank you to@djhohnstein for his POC code. https://posts.specterops.io/you-can-run-but-you-cant-hide-detecting-process-reimaging-behavior-e6bb9a10c40b …#Detection#ThreatHuntiungHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
SysmonX Open source drop-in compatible version of Sysmon by
@marcosd4h Repo https://github.com/marcosd4h/sysmonx … Slides https://github.com/marcosd4h/sysmonx/blob/master/docs/slides/SysmonX_Blackhat_2019.pdf …pic.twitter.com/YP7XBHYMBK
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MaN0ks proslijedio/la je Tweet
Common Systems Programming Optimizations & Tricks - https://paulcavallaro.com/blog/common-systems-programming-optimizations-tricks/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.