Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @TheRealWover
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @TheRealWover
-
Prikvačeni tweet
Introducing Donut, an x86 / x64 position-independent shellcode generation framework for loading .NET Assemblies from memory: https://thewover.github.io/Introducing-Donut/ …pic.twitter.com/9QEK5HUJnu
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
Also coming soon: Process Explorer dark mode
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
SettingSyncHost.exe as a LolBin http://www.hexacorn.com/blog/2020/02/02/settingsynchost-exe-as-a-lolbin/ …
#LOLBIN cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foopic.twitter.com/dOM4EHq4ZuHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
I'm glad someone finally took a chance on me and got me a job. After 5 years of getting nowhere in this industry (guess people didnt think my work had value for their company). Now I can finally learn new things and step up my game.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
Wrote a post on how to use GadgetToJScript with Covenant & Donut https://3xpl01tc0d3r.blogspot.com/2020/02/gadgettojscript-covenant-donut.html …
#Covenant#Donut#GadgetToJScript#redteam#processinjection Thanks to@med0x2e for the answering my queries and helping me while exploring#GadgetToJScript tool
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
The code to execute in JS via "System.Runtime.InteropServices.RegistrationServices" here: https://ghostbin.co/paste/krdqe You need to expose a static method public static void UnRegisterClass(string key) And of course you need an assembly object :) Cheers
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
PInjectra’s Stack Bombing Process Injection example was only the beginning. I wrote a practical implementation of it that performs process migration using shared Memory, self-loading/linking DLLs, and an RWX ROP chain. Https://github.com/Crypt0s/Ampulex Also included: a detection for it
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
Move Faster, Stay Longer https://posts.specterops.io/move-faster-stay-longer-6b4efab9c644 … blog about extending CS and tools to go with it.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
If
@tiraniddo's DotnetToJScript is blocked on newer versions of Windows or if it gets flagged by AMSI, you can use Excel automation via a COM object as an alternative to execute shellcode from JScript or VBScript w/o touching disk. PoC for x86 & x64 here:https://github.com/outflanknl/Scripts/blob/master/ShellcodeToJScript.js …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
Just finished the writeup for my learning process to replicate the CVE-2019-19470, I also public the source code for exploit and a Masquerade-PEB C#. Hope you enjoy! https://plaintext.do/CVE-2019-19470_learning_journey/ …https://twitter.com/JulioUrena/status/1219460407653470208 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
A thread about my ego and how we can better serve in our industry. Story time... 1/9
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
modexp is one of my fav. researchers; while I often skim on details he is killing it with posts that combine an extensive and comprehensive research on interesting and often nuanced topics and a very well written narrative top quality right therehttps://modexp.wordpress.com/2019/12/08/shellcode-compression/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
Friends, We've added a new paper: Analyzing Modern Malware Techniques Part 1 by
@danusminimus This paper dives into the abyss of fileless malware, more specifically, Kovter. It is an incredibly well written paper. Check it out. 11/10 https://vxug.fakedoma.in/papers/2/Analyzing%20Modern%20Malware%20Techniques%20-%20Part%201.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
The malware repurposing lab was my favorite one from the
@SpecterOps PowerShell course. It was designed to tie all the reflection concepts together where the students build a script to interact with a subversive .NET binary that an analyst might overlook. https://github.com/specterops/at-ps/tree/master/Labs/Day%203/Reflection …pic.twitter.com/gBCBhA37m1
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Dark mode should be default mode.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
We released a Red Teaming book! Red Team Development and Operations. It's been a crazy project that has existed in many forms. It started as simple notes, came together as a SANS class, and will now live as a book. Read about it here. http://threatexpress.com/blogs/2020/red-team-development-and-operations/ … https://twitter.com/minis_io/status/1219710714790567936 …pic.twitter.com/DvdRa4mGWw
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
When I was 8 learning to program alone in my room on my Commodore64, I dreamed of the day my friends would want to play the games I made. At the time, they just wanted to play Barbies. Around 1989 I dialed into a local BBS, & found lifelong friends. The Internet was our place.pic.twitter.com/eqMw2QP5RS
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
Added 2 more PoC scripts to the OffensiveDLR repo. One of which embeds the SSharp Compiler within a Posh script (Can be easily embedded from within any .NET language.) SSharp code compilation does not call csc.exe :)https://github.com/byt3bl33d3r/OffensiveDLR …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
Fellow hackers, you asked, we listened! Coming soon a lab to practice Active Directory attacks from Linux. Latest servers, interesting flags, dedicated lab for everyone, video walk-through and browser based access. cc
@SecurityTube#LinuxADHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
Myself and
@TheRealWover are super excited to head out to BHIL to talk about covert injection tradecraft in .NET

https://twitter.com/BlueHatIL/status/1219306208554889216 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The Wover proslijedio/la je Tweet
It's here!!! Tell your colleagues, tell your friends, tell your grandma. https://www.zeropointsecurity.co.uk/red-team-ops
#RedTeamOpsPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.