Michael Kruger

@_cablethief

Security analyst at . Random code bits at

South Africa
Vrijeme pridruživanja: listopad 2010.

Tweetovi

Blokirali ste korisnika/cu @_cablethief

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @_cablethief

  1. Prikvačeni tweet
    25. srp 2019.

    Published a little write up on the wpa_sycophant tool I created for relaying PEAP last year.

    Poništi
  2. 24. pro 2019.
    Poništi
  3. proslijedio/la je Tweet
    4. pro 2019.

    I’ve been waiting for this for most of the year. Craig Koorn built a BloodHound for AWS IAM & related elements. Which finally just got a public release. Hugely useful for securing your AWS environments. cc

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    4. pro 2019.

    My close personal friend has been working on a tool to more accurately visualise effective access within AWS. We've found awspx to be really useful internally, we hope you do too.

    Poništi
  5. 23. srp 2019.

    Woops, add a "--network host" to that else you try connect to your containers network without a port forward.

    Prikaži ovu nit
    Poništi
  6. 23. srp 2019.

    Colleague needs to build and run a docker container while using capped internet. I suggested he build and run his docker on a jump box to save bandwidth. XD Dockerless docker.

    Prikaži ovu nit
    Poništi
  7. 19. srp 2019.

    Pretty cool episode from , I didn't realise that girl scouts had a cyber security badge :D

    Poništi
  8. 19. lip 2019.

    Made a docker for doing SSH tunneling rather than setting up a new sshd and config every time. "Tried" to make it secure as well so you don't get pwned back if someone tries to log into you.

    Poništi
  9. proslijedio/la je Tweet
    22. svi 2019.
    Prikaži ovu nit
    Poništi
  10. 23. svi 2019.

    For a once off: sudo sysctl net.ipv4.ip_unprivileged_port_start=0 For permanence add to sysctl.d config: sudo vim /etc/sysctl.d/allow_user_lower_ports.conf and add net.ipv4.ip_unprivileged_port_start=0

    Prikaži ovu nit
    Poništi
  11. 23. svi 2019.

    Apparently well known, but in case you don't know, Linux provides a way to disable the privileged nature of sub 1024 ports. This allows you to run listeners, services, etc on sub 1024 ports without root/sudo. For a single user system where I spin up random services its perfect.

    Prikaži ovu nit
    Poništi
  12. 21. svi 2019.

    Most of the hard work is from :D

    Prikaži ovu nit
    Poništi
  13. 21. svi 2019.

    Created a small script to toggle unmanage interfaces (And reloads NetworkManagers config) so that NetworkManager is less annoying when its your turn with the interface.

    Prikaži ovu nit
    Poništi
  14. 20. svi 2019.

    Updated berate_ap with support for wpa_sycophant to make wireless relaying a bit easier. Some other new things are adding the certificate subj in command by , some WPA attack flags, Mana taxonomy, and coloured Mana output. :D

    Poništi
  15. 29. tra 2019.

    Two simple scripts and an explanation for sharing internet with a interface and creating a quick RADIUS server using hostapd-mana. I am torn on whether this should be a gist or a git /:

    Poništi
  16. proslijedio/la je Tweet
    11. tra 2019.

    Yeah! I'm really honoured to be offering our brand new Wi-Fi hacking course at The Excaliber in Vegas on 3-6 Aug 2019. If Wi-Fi isn't your thing, check out the badass courses from the other trainers.

    Poništi
  17. proslijedio/la je Tweet
    26. velj 2019.

    If you want to extract the certificates used in EAP (TLS/PEAP/TTLS etc.) interaction, you can use this Useful for closing them with especially when going after macOS/iOS clients (who will present the cert details & ask the user).

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    25. velj 2019.

    What a difference 20y makes. Old and new HF radio.

    Poništi
  19. proslijedio/la je Tweet
    24. velj 2019.

    PoC for CVE-2019-6340, the 8 REST unauthenticated RCE based on . Caching heavily messes with this one it seems, so the PoC tries to find usable nodes that are not cached. Tested with the drupal:8.6.9 docker container.

    Poništi
  20. proslijedio/la je Tweet
    21. velj 2019.

    Third part of the domain fronting series, this time looking at Cloudflare and ESNI: While it may not technicly be domain fronting, it is close enough for me.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·