Walter.Legowski

@SadProcessor

Purple PowerShell & Hazy Windows

You Are Here
Vrijeme pridruživanja: veljača 2016.
670 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @SadProcessor

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @SadProcessor

  1. Prikvačeni tweet
    19. stu 2018.

    Had a blast delivering this BloodHound Workshop at 's Active Directory Security Summit. Thanks to trainees for attending (BloodHound stickers on the way...). Really happy to share training material with Community...

    10 replies 197 proslijeđenih tweetova 305 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    14. sij

    Phenomenal work from here! If you run Citrix and haven't patched this should light a fire under you & grease any change control/approval meetings your org mandates.

    [Thread] Spent my morning learning about 's implications on shared accounts (think domain-admin for LDAP/AD queries), and how to extract them. Findings are below 1/x
    Prikaži ovu nit
    7 proslijeđenih tweetova 16 korisnika označava da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    15. sij

    exploit landed in ! With a useful 'check' command to check if you have vulnerable assets. And a meterpreter session if you need to demo something :) CVE-2019-19781

    142 proslijeđena tweeta 280 korisnika označava da im se sviđa
    Poništi
  4. 15. sij

    7 proslijeđenih tweetova 30 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    14. sij

    This you are strongly encouraged to implement the recently released CVE-2020-0601 patch immediately.

    2.471 proslijeđeni tweet 2.870 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    14. sij

    Empire is easily in the top ten of exploit frameworks found in the wild. Blue teamers would be wise to educate themselves on the new capabilities.

    Empire 3.0 post-exploitation toolkit with new PowerShell modules and AMSI bypasses has been released. ( )
    1 reply 15 proslijeđenih tweetova 48 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    14. sij

    Wrote a small post about embedding external DLLs into a Task in Covenant. Shout out to for Covenant and his willingness to help in the BloodHound slack channel!

    1 reply 62 proslijeđena tweeta 131 korisnik označava da mu se sviđa
    Poništi
  8. proslijedio/la je Tweet
    14. sij

    Hey, new upload to Windows-Insight - the Windows Telemetry ETW Monitor framework: The framework monitors and reports on ETW (Event Tracing for Windows) activities for providing data to Windows Telemetry. Works on Windows 10, version 1909. [Thread: 1/4]

    65 proslijeđenih tweetova 146 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    13. sij

    I've been poking around the Windows kernel a lot lately and one of my favorite samples I've referenced is Mimikatz's driver, Mimidrv. I took some time and documented all of its functions and included some write-ups on important kernel structures. Post: 1/3

    265 proslijeđenih tweetova 516 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    13. sij

    Despite listing over 60 hashes of EXEs and DLLs in their Iran cyber briefings, threat intel organizations that recommend disabling PowerShell are hard to take seriously. That advice is simply not actionable. This is.

    Defending Against PowerShell Attacks: Building the ultimate attacker honeypot.
    15 replies 79 proslijeđenih tweetova 206 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    13. sij

    Request for ransomware makers: When using as the exploit for your payload, could you name your ransomware campaign...

    26 replies 65 proslijeđenih tweetova 417 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    13. sij

    New blog post on the Microsoft Cloud: What is Azure Active Directory? Post covers what Azure AD is, how it compares to on-prem Active Directory, connecting via PowerShell, and password spraying attacks, mitigation, & detection.

    5 replies 175 proslijeđenih tweetova 351 korisnik označava da mu se sviđa
    Poništi
  13. 13. sij

    🤪Yay! Monday morning dance! Will be speaking Defenses and 2020 Post-Exploitation fashion trends at in June... See you there...

    1 reply 6 proslijeđenih tweetova 31 korisnik označava da mu se sviđa
    Poništi
  14. proslijedio/la je Tweet
    8. sij

    For the first time at we are offering a "Mastering Mimikatz" training by ! You will learn - Credential & secret extraction with DPAPI/DPAPI-NG; - Kerberos Security and abuse; - Use of tools for Research; - and more!

    1 reply 27 proslijeđenih tweetova 49 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    3. sij

    Looking to up your game on using ATT&CK for ? and recently recorded the ATT&CK for CTI training that they created and taught to multiple audiences over the past year. Exercises and links to the videos are now up at .

    79 proslijeđenih tweetova 137 korisnika označava da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    3. sij

    The offensive security community means a lot to me. Following 's great thread that injected some much needed infosec positivity, I wanted to highlight a few (offensive-ish) posts/talks that my team and myself enjoyed over the last year or so.

    231 proslijeđeni tweet 541 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    3. sij

    Here is the blog post that explains how I came up with . Remote lsass dump, remote parsing to extract credentials, optimizations to make it faster, and BloodHound integration. I learned a ton on the way! 🙃

    54 proslijeđena tweeta 112 korisnika označava da im se sviđa
    Poništi
  18. 31. pro 2019.

    Was so bored for Xmas I wrote a full module for Covenant C2 Automation... And I so dislike NYE that tonight I will just get high and add Tab-Completion everywhere... 🤓 Happy New Tool!!

    7 replies 27 proslijeđenih tweetova 124 korisnika označavaju da im se sviđa
    Poništi
  19. 31. pro 2019.

    Not gonna lie... 2019 was rough. Learning how to be a single dad. Learning how to forgive... Alice & Bob EasyJohn Thanks for being there when I needed a word, a shoulder or a couch... See you all in 2020...

    11 replies 1 proslijeđeni tweet 60 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    15. pro 2019.

    __A Christmas Break-In__ A physical penetration test live tweeted. “I should have been home with my boys, decorating the tree and singing carols, but here I was at night, trying to break into a corporate office complex.”

    60 replies 479 proslijeđenih tweetova 1.256 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  21. proslijedio/la je Tweet
    12. pro 2019.

    The video for my, and ’s talk from 2019 is now available to watch here:

    1 reply 65 proslijeđenih tweetova 128 korisnika označava da im se sviđa
    Poništi

@SadProcessor još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·