Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
Blokirali ste korisnika/cu @WBGlIl
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @WBGlIl
-
WBG proslijedio/la je Tweet
Wrote a post on how to use GadgetToJScript with Covenant & Donut https://3xpl01tc0d3r.blogspot.com/2020/02/gadgettojscript-covenant-donut.html …
#Covenant#Donut#GadgetToJScript#redteam#processinjection Thanks to@med0x2e for the answering my queries and helping me while exploring#GadgetToJScript tool
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
#FakeLogonScreen is a C# utility to steal a user's password using a fake Windows logon screen. This password will then be validated and saved to disk. Useful in combination with#CobaltStrike's execute-assembly command. https://github.com/bitsadmin/fakelogonscreen …pic.twitter.com/2pAOk9InLMHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
#RedTeam#attack 中文版 ATT&CK手册 v1.0 欢迎提出宝贵意见 https://github.com/Dm2333/ATTCK-PenTester-Book …pic.twitter.com/sBHF0zEy76
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
Driver loader for bypassing
#Windows x64 Driver Signature Enforcementhttps://github.com/hfiref0x/TDLHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
in-memory traces of ppldump, exploiting zam64.sys vulndriver to dump lsass memory, cool stuff. sysmon will show a generic\noisy calltrace so detection chances here are low, if combined with lsass loading dbgcore.dll it may work. https://github.com/realoriginal/ppldump … https://github.com/SouhailHammou/Exploits …pic.twitter.com/rbXCtivW3M
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
Unwinding RTCore - response to recent Unwinder claims and behavior related to vulnerabilities found in his RTCore driver which is a part of MSI Afterburner, https://swapcontext.blogspot.com/2020/01/unwinding-rtcore.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
A quick post on why you shouldn't use SYSTEM Tokens when you sandbox a process. Part 1 of N (where I haven't decided how big N is). https://www.tiraniddo.dev/2020/01/dont-use-system-tokens-for-sandboxing.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
Ever wanted to take a peek at the mimikatz sekurlsa::msv internals? New blog post is all about it plus, it also showcases PyKDumper, a tool that dumps LSASS credentials through WinDBG/PyKD.https://www.matteomalvica.com/blog/2020/01/20/mimikatz-lsass-dump-windg-pykd/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
progressing through the Hacksys Extreme Vulnerable Driver exploits here: https://h0mbre.github.io/ . huge thanks to the sourced authors, feels very silly to write my own blogs on the subject compared to their material/experience,but helps me learn. mb helpful for other noobs like me
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
I recently updated Get-PE in PowerShellArsenal to parse out the debug directory so that PDB strings can be extracted programmatically. I did it because
@harmj0y needed to confirm the absence of debug strings as one of many post-build OPSEC checks. Dude is master operator.
pic.twitter.com/Ni738eczqk
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
sLoad has recently launched version 2.0, which we're calling "Starslord". The new version has the ability to track the stage of infection on each affected machine and packs a unique anti-analysis trap. Read our continued tracking of this evolving malware.https://msft.it/6012Tktcy
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
VBS drops
#Ursnif +#hancitor +#cobaltstrike#Malware from#opendir lietarion].com barindice.]ru legroaled.]ru 185.153.]196.209 wp.quercus.[palustris.[dk/wp-content/plugins/ultimate-tinymce/includes/ bat.fulldin.]at foo.fulldin.]at
NEW #ursnif key
: Gwe9HMygngWe8kPK
v217111pic.twitter.com/KfoNIqcM35
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
#Apt#kimsuky New sample with the same C2 https://twitter.com/_re_fox/status/1219637424176934913 … Ref to the detection of samples of the apt group https://twitter.com/cyberwar_15/status/1218816055843278848 … Thanks to@_re_fox cc@Rmy_Reserve@cyberwar_15
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
Happy to announce my partecipation at
@TheMalConf as speaker. I will talk about#APT#malware vs ISP. See you there!
https://www.malwareanalystconference.com/eng/talk.html#t1 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
Re-reading
@willcfleshman's post on winning the Malware Evasion Comp. Excellent breakdown of potential blindspots in deep learning (MalConv) and tree-based (Ember) classifiers. Also good background on the malware features used in these models.https://towardsdatascience.com/evading-machine-learning-malware-classifiers-ce52dabdb713 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
interesting sample, using minimal macro to write to startup folder for persistence & uses IE via COM to download 2 txt files (no noisy ps or abnormal exec). https://app.any.run/tasks/866b7e6a-4657-4a1f-bba9-44bfb42b7390/ …pic.twitter.com/NPlTC35ZeH
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
Local Privilege Escalation in many Ricoh Printer Drivers for Windows (CVE-2019-19363) + Exploithttps://www.pentagrid.ch/en/blog/local-privilege-escalation-in-ricoh-printer-drivers-for-windows-cve-2019-19363/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
Hey Defender friends. Turns out that removing those services with Unicode/non-printable characters is pretty hard, so I wrote you a tool to help with that. I'll be releasing the offensive PoC later this week or early next week. https://github.com/matterpreter/OffensiveCSharp/commit/089c1db4909ab365b45fb69e45abb1adcac2861e#diff-e8991566df61818c826e7964e3078579 …pic.twitter.com/SCEV9WtpnF
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
WBG proslijedio/la je Tweet
Dustman APT: Art of Copy-Paste, https://swapcontext.blogspot.com/2020/01/dustman-apt-art-of-copy-paste.html …pic.twitter.com/8cz3JV2XMG
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.