Ashish Gahlot

@Volatile_Life

Developing Endpoint Deception, Reverse Engineer

Vrijeme pridruživanja: veljača 2017.

Tweetovi

Blokirali ste korisnika/cu @Volatile_Life

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @Volatile_Life

  1. 3. velj

    I'm creating a very detailed course on Reverse Engineering with on . If you would like to learn about RE and want to get started with learning Malware Analysis, make sure to check it out. cc:

    Poništi
  2. proslijedio/la je Tweet
    31. sij

    New OSSEM updates are coming soon and some of the work being tested is the following: 1. Events from all manifest-based and mof-based ETW providers from several Windows 10 versions (Ref: ) as JSON: YAML:

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    28. sij

    [Educational] One of the best blog posts that I ever read about going from 0 to unauth RCE in f**king Mikrotik OS step by step:

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    23. sij

    Sharing a new demo + an article on BlueKeep dissection (CVE-2019-0708) using REVEN. See how data Tainting, Memory History, and its Python API streamline the RE process to quickly and accurately analyze the root-cause and behavior at the system level.

    Poništi
  5. proslijedio/la je Tweet
    21. sij

    Hey Defender friends. Turns out that removing those services with Unicode/non-printable characters is pretty hard, so I wrote you a tool to help with that. I'll be releasing the offensive PoC later this week or early next week.

    Poništi
  6. proslijedio/la je Tweet
    18. sij

    ": a Stealthy Lateral Movement Strategy" is now available to read Read if interested to see a new practical lateral movement Demo (TDS (MS SQL) & FTP): Prototype will be released soon

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    13. sij

    I've been poking around the Windows kernel a lot lately and one of my favorite samples I've referenced is Mimikatz's driver, Mimidrv. I took some time and documented all of its functions and included some write-ups on important kernel structures. Post: 1/3

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    7. sij

    Hi all, dropping another tool today. This one is very simple, it does reverse DNS lookups as fast as possible. It's a great way of discovering domains and subdomains owned by a company when you know their IP address range(s). Check it out:

    Poništi
  9. proslijedio/la je Tweet
    5. sij

    I've developed a new technique for bypassing firewalls/NATs and producing full TCP/UDP session to targeted user. Anyone have RCE for a service that's typically only run behind NATs (eg desktop software like Sonos, Spotify, Dropbox, etc which bind to *) and want to merge projects?

    Poništi
  10. proslijedio/la je Tweet
    28. pro 2019.

    For my reverse engineering friends, patching a binary might be easy. But, if you are starting it can be challenging, here is a post I wrote on how to patch a binary using radare2. Also shows the same task using vim and xxd.

    Poništi
  11. proslijedio/la je Tweet
    10. pro 2019.

    Introducing SysWhispers, a tool that helps with AV/EDR evasion by using direct system calls to bypass user-mode API hooks. It works by generating header/ASM pairs supporting all core syscalls from Windows XP to 10. Check it out here with examples:

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    9. pro 2019.

    ⚙️Account Logon Flow / Process () v0.1 📕[PDF]: 🔗[DIRECT]: ...for self understanding logon flow / process in windows system. Special thanks to Andrei Miroshnikov💪 "Find Evil – Know Normal"

    Poništi
  13. proslijedio/la je Tweet
    3. pro 2019.

    The Red Square - Mapping The Connections Inside Russia's APT Ecosystem - Ari Eitan and Itay Cohen

    Poništi
  14. proslijedio/la je Tweet
    1. pro 2019.

    Custom Malware Development (Establishing A Shell Through the Target’s Browser) - Repurposing & AutoIt

    Poništi
  15. proslijedio/la je Tweet

    "Why would so many women lie about one person?" In the next few tweets, I will tackle all the malicious insinuations and abject falsehoods put forth on me either by or the media frenzy that followed. Stay tuned.

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    12. stu 2019.

    NTLM reflection is back to haunt windows. Read about Ghost Potato here (this time with a fixed link):

    Poništi
  17. proslijedio/la je Tweet
    8. stu 2019.

    Here are the winners of Scada/ICS CTF. Congratulations 🎊🎊 See you again at conference with 3rd edition of ICS CTF 🔥🔥 1st 2nd 3rd Team UFORCE

    Poništi
  18. proslijedio/la je Tweet
    8. stu 2019.

    What I found interesting 1/3: Deep Analysis of Exploitable Linux Kernel Vulnerabilities 2017-2019 With some overview and deep dive into several real exploits. Including , SMAP, exploiting races. 1/3

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    30. lis 2019.

    Collect all URL's, sub-domains, emails, phone numbers and fuzz all parameters for XSS/SQLi/RCE/Traversal flaws with BlackWidow

    Poništi
  20. proslijedio/la je Tweet
    30. lis 2019.

    A very short blog post for all of you that cannot let go of Task Scheduler as a persistence technique:

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·