Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @ThorEckels
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @ThorEckels
-
Steve Eckels proslijedio/la je Tweet
Hex-Rays just launched its new website design and it looks great!
Finally! Congratulations @ilfak! https://www.hex-rays.com/ Announcement blog: https://www.hex-rays.com/blog/a-refreshed-web-site-for-hex-rays/ …pic.twitter.com/KqMtFuN6MT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
1\ I've written a little compiler to ship ML models as standalone Yara rules, and done proof of concept detectors for Macho-O, RTF files, and powershell scripts. So far I have decision trees, random forests, and logistic regression (LR) working. https://github.com/inv-ds-research/yaraml_rules …pic.twitter.com/sfuXEkHeNO
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
Another
#Google#Search parameter packed with data is gs_l.#DailyDFIR 23: The gs_l parameter can provide context around how a user performed a search
and (very!) detailed timing
.

@phillmoore's GSERPent tool
: https://github.com/randomaccess3/googleURLParser/blob/master/GSERPent.pl …
https://dfir.blog/unfurl/?url=https://www.google.com/search?sxsrf=ACYBGNR4uX9HaJeaaFfoxh_ecxlaxIXksg%3A1574636670619&ei=fgzbXbnoIZjf-gS87bK4CQ&q=dfir.blog+unfurl&oq=dfir.blog+unfurl&gs_l=psy-ab.3..35i39.6411.9036..9208...0.0..0.212.683.6j0j1......0....1..gws-wiz.......0i30j0i8i30.dDviH4hTVpM&ved=0ahUKEwi5n5jb-oPmAhWYr54KHby2DJcQ4dUDCAs&uact=5 …
#DFIRpic.twitter.com/OJ79ugf36G
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
This is a cool trick. https://twitter.com/0gtweet/status/1220275790757158914 … This works because a custom service trigger is defined. https://docs.microsoft.com/en-us/windows/win32/api/winsvc/ns-winsvc-service_trigger … Action: 1 (SC_ACTION_RESTART) Guid: Microsoft-Windows-Feedback-Service-TriggerProvider ETW Provider Type: 0x14 (SERVICE_TRIGGER_TYPE_CUSTOM)pic.twitter.com/MeIqz81Poy
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
Google Search URLs can be
for #DFIR because of timestamps
.
#DailyDFIR 22:#Google Search URLs
have 3 parameters (sxsrf, ei, & ved) with embedded timestamps
that show (approx) when a search took place.

@phillmoore's https://twitter.com/phillmoore/status/1169846359509233664 …
https://dfir.blog/unfurl/?url=https://www.google.com/search?sxsrf=ACYBGNR4uX9HaJeaaFfoxh_ecxlaxIXksg%3A1574636670619&ei=fgzbXbnoIZjf-gS87bK4CQ&q=dfir.blog+unfurl&oq=dfir.blog+unfurl&gs_l=psy-ab.3..35i39.6411.9036..9208...0.0..0.212.683.6j0j1......0....1..gws-wiz.......0i30j0i8i30.dDviH4hTVpM&ved=0ahUKEwi5n5jb-oPmAhWYr54KHby2DJcQ4dUDCAs&uact=5 …pic.twitter.com/35rvVZexU9
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
For those of you interested in hacking / reversing Nintendo Switch Games, I created an IDA script to help rename the stub functions that jump to the imported library functions. IDA doesn't always get them all. Check it out here: https://github.com/Kc57/switch_import_renamer …pic.twitter.com/dG0iasZexD
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
Developer accused of unreadable code refuses to comment
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
Every time I'm talking to someone not in security: Me: I'm an elite hacker. Work on contract. Know all that stuff you hear about with the Russians and Chinese and banks and power grids and stuff? All that. Them: Seriously? Them: Do you know why I can't print in color?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
Ok can we officially replace the Kardashians and obsess over people who deserve ithttps://twitter.com/barstoolsports/status/1214241468333744129 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
You Matter. Unless you multiply yourself by the speed of light squared. Then you Energy.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
UUIDv1 has a timestamp & node ID, which can be the MAC address of the machine it was generated on (or random; it depends
).
#DailyDFIR 8: Unfurl can extract the timestamp & node ID from a UUIDv1 and look up the vendor if it's a real MAC address. https://dfir.blog/unfurl/?url=a28cad70-0d73-11ea-aaef-0800200c9a66 …#DFIRpic.twitter.com/KarLXl0mmy
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
only cmdline wizards know this black magic. i only knew half of thesehttps://twitter.com/xxByte/status/1210921646367875072 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
“We believe that Powershell and Empire framework will remain a major threat vector employed by APTs, malware authors, and Red Teams.” SO WHY ARE YOU UPDATING IT? You are improving capabilities you explicitly say are *used by bad guys.* Scottie, beam me up from this bizarro world.https://twitter.com/BCSecurity1/status/1209126652300709888 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
Instead of spending $1.8 trillion annually on weapons of destruction, I will bring global leaders together to confront our shared enemy: climate change.
#DemDebateHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
The U.S. should not be locking up people for being poor. Cash bail is a disgrace and should be abolished.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
Amazon CenturyLink Chevron Deere Delta Air Lines Eli Lilly FedEx Gannett General Motors Goodyear Honeywell JetBlue MGM Resorts Netflix Prudential Financial Starbucks Whirlpool Total federal income tax paid by these companies last year: $0
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
Here's the blog post on my new tool: https://dfir.blog/introducing-unfurl/ … Unfurl takes a URL
and expands ("unfurls") it to show all the data it contains. It's amazing how much can be hidden inside URLs!
Take it for a spin and tell me what interesting stuff you find

#DFIR#Pythonpic.twitter.com/446t1vcIeVHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
https://nullprogram.com/blog/2019/12/09/ … Nice and short blog post on when it's useful to use C "restrict" keyword to limit effects of pointer aliasing in order to aid compiler optimizations.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
holy fucking shit its a crab bubble sorthttps://twitter.com/geekandahalf/status/1200440963753283584 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Steve Eckels proslijedio/la je Tweet
Wake up cow, the Matrix has you...https://twitter.com/jonnytickle/status/1199038272871239681 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.