Tweetovi

Blokirali ste korisnika/cu @WBGlIl

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @WBGlIl

  1. proslijedio/la je Tweet
    31. sij

    Wrote a post on how to use GadgetToJScript with Covenant & Donut Thanks to for the answering my queries and helping me while exploring tool 🙏

    Poništi
  2. proslijedio/la je Tweet
    1. velj

    is a C# utility to steal a user's password using a fake Windows logon screen. This password will then be validated and saved to disk. Useful in combination with 's execute-assembly command.

    Poništi
  3. proslijedio/la je Tweet
    31. sij
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    29. sij

    Driver loader for bypassing x64 Driver Signature Enforcement

    Poništi
  5. proslijedio/la je Tweet
    30. sij

    in-memory traces of ppldump, exploiting zam64.sys vulndriver to dump lsass memory, cool stuff. sysmon will show a generic\noisy calltrace so detection chances here are low, if combined with lsass loading dbgcore.dll it may work.

    Poništi
  6. proslijedio/la je Tweet
    30. sij

    Unwinding RTCore - response to recent Unwinder claims and behavior related to vulnerabilities found in his RTCore driver which is a part of MSI Afterburner,

    Poništi
  7. proslijedio/la je Tweet
    30. sij

    A quick post on why you shouldn't use SYSTEM Tokens when you sandbox a process. Part 1 of N (where I haven't decided how big N is).

    Poništi
  8. proslijedio/la je Tweet
    30. sij

    Ever wanted to take a peek at the mimikatz sekurlsa::msv internals? New blog post is all about it plus, it also showcases PyKDumper, a tool that dumps LSASS credentials through WinDBG/PyKD.

    Poništi
  9. proslijedio/la je Tweet
    22. sij

    progressing through the Hacksys Extreme Vulnerable Driver exploits here: . huge thanks to the sourced authors, feels very silly to write my own blogs on the subject compared to their material/experience,but helps me learn. mb helpful for other noobs like me

    Poništi
  10. proslijedio/la je Tweet
    20. sij

    I recently updated Get-PE in PowerShellArsenal to parse out the debug directory so that PDB strings can be extracted programmatically. I did it because needed to confirm the absence of debug strings as one of many post-build OPSEC checks. Dude is master operator. 😍

    Poništi
  11. proslijedio/la je Tweet

    sLoad has recently launched version 2.0, which we're calling "Starslord". The new version has the ability to track the stage of infection on each affected machine and packs a unique anti-analysis trap. Read our continued tracking of this evolving malware.

    Poništi
  12. proslijedio/la je Tweet
    21. sij

    VBS drops + + from lietarion].com barindice.]ru legroaled.]ru 185.153.]196.209 wp.quercus.[palustris.[dk/wp-content/plugins/ultimate-tinymce/includes/ bat.fulldin.]at foo.fulldin.]at ➡️NEW key 🔑: Gwe9HMygngWe8kPK v217111

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    21. sij
    Poništi
  14. proslijedio/la je Tweet
    23. sij

    Happy to announce my partecipation at as speaker. I will talk about vs ISP. See you there! 👍

    Poništi
  15. proslijedio/la je Tweet
    22. sij

    Re-reading 's post on winning the Malware Evasion Comp. Excellent breakdown of potential blindspots in deep learning (MalConv) and tree-based (Ember) classifiers. Also good background on the malware features used in these models.

    Poništi
  16. proslijedio/la je Tweet
    23. sij

    interesting sample, using minimal macro to write to startup folder for persistence & uses IE via COM to download 2 txt files (no noisy ps or abnormal exec).

    Poništi
  17. proslijedio/la je Tweet
    22. sij

    Local Privilege Escalation in many Ricoh Printer Drivers for Windows (CVE-2019-19363) + Exploit

    Poništi
  18. proslijedio/la je Tweet
    21. sij

    Hey Defender friends. Turns out that removing those services with Unicode/non-printable characters is pretty hard, so I wrote you a tool to help with that. I'll be releasing the offensive PoC later this week or early next week.

    Poništi
  19. proslijedio/la je Tweet
    20. sij
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·