Roi Abutbul

@RoiAbutbul

Co-founder and CEO | Redefines AD Security from the endpoint (acquired by Symantec)

Mountain View, CA
Vrijeme pridruživanja: studeni 2013.

Tweetovi

Blokirali ste korisnika/cu @RoiAbutbul

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @RoiAbutbul

  1. proslijedio/la je Tweet
    5. velj
    Poništi
  2. proslijedio/la je Tweet
    31. sij

    Pushed a new Rubeus release after getting some additional feedback from our most recent AT:RTO students. The full changes are detailed here . To highlight a few new features- "/nowrap" globally prevents base64 blobs from line-wrapping, (1/4)

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet

    I just published Unloading the Sysmon Minifilter Driver

    Poništi
  4. proslijedio/la je Tweet
    22. sij

    2020-01-22:🆕🔥 "Active Directory" (AD) Dumper Module Released | Build:🔩"ADll build Oct 17 2019 17:48:25 started" ntds.dit & ntds.jfm | ntdsutil & reg save 🔦Module In Development Since 2019 💬Reinforces Focus on AD Harvesting for Net Exploitation cc /

    Poništi
  5. proslijedio/la je Tweet
    22. sij

    Revisiting RDP lateral movement and releasing a project that will be part of a bigger tool coming next week

    Poništi
  6. proslijedio/la je Tweet
    20. sij

    Apparently Windows network pentesting is now called red teaming. How good is your red team: - If there is no AD? - Against a multi-client env with no apparent central management? - No way to move laterally?

    Poništi
  7. proslijedio/la je Tweet
    18. sij

    I just published a blog post "Attacking Active Directory for fun and profit" with a reference to the talk of

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    17. sij

    Critical Cisco Flaws Now Have PoC Exploit

    Poništi
  9. proslijedio/la je Tweet
    11. sij

    For my fellow Active Directory defenders out there: Admin Account Schema Extensions for AD

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    9. sij

    Spray-AD, a new Kerberos password spraying tool for Cobalt Strike that might come in handy when assessing Active Directory environments for weak passwords (generates event IDs 4771 instead of 4625).

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    9. sij

    Do you struggle to understand in environment ? This new article may help clarify things by simply explaining how Kerberos works. It is the first of a serie of posts about attacking Active Directory. Stay tuned 🙃

    Poništi
  12. proslijedio/la je Tweet
    3. sij
    Poništi
  13. proslijedio/la je Tweet
    29. pro 2019.

    An attacker logged into the RDP Honeypot a few weeks ago and was able to dump credentials and move laterally in 36 minutes. They used Advanced Scanner + ProcDump + PsExec to move laterally to a Domain Controller.

    Poništi
  14. proslijedio/la je Tweet
    28. pro 2019.

    New article about "Pass the hash" This technique is used in a lot of engagements, and yet it is not always fully understood. This is a little review of one of the most popular lateral movement techniques 🙃

    Poništi
  15. proslijedio/la je Tweet
    27. pro 2019.

    Attacking and Defending Active Directory: Domain Enumeration BloodHound

    Poništi
  16. proslijedio/la je Tweet
    21. pro 2019.

    Recent tactics from the front lines : - .HTA for entry - BEACON for remote access - Domain front in Azure & Cloudfront - C#/.NET tradecraft ➡️Covenant - PowerUp to elevate - ProcDump, MIMIKATZ to grab creds - Bloodhound to enum - WMI, WinRm, RDP, SMB to move

    Poništi
  17. proslijedio/la je Tweet
    18. pro 2019.

    NotPetya infected 1000 machines in <2 min at a single company. explores how you can prevent pargeted malware attacks 👊

    Picture of fragile china
    Poništi
  18. proslijedio/la je Tweet

    New blog post: Microsoft Threat Protection - unified hunting. is here! Combining @WindowsATP, , , and , it can be used to correlate data in the new security portal. Read what you can do with unified hunting.

    Poništi
  19. proslijedio/la je Tweet
    12. pro 2019.

    Here's the blog post on my new tool: Unfurl takes a URL🔗 and expands ("unfurls") it to show all the data it contains. It's amazing how much can be hidden inside URLs! Take it for a spin and tell me what interesting stuff you find🔗🌿

    Poništi
  20. proslijedio/la je Tweet
    12. pro 2019.

    Many of you are going to love this: Public preview of support for Windows VM's in Azure is live. Greatly simplifies securing your IaaS deployments!

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·