Gabriel

@_theVIVI

Gamer. Pentester.

Nairobi, Kenya
thevivi.net
Vrijeme pridruživanja: travanj 2013.
18 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @_theVIVI

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @_theVIVI

  1. proslijedio/la je Tweet
    5. velj

    Coming soon to Sysmon: clipboard logging for malicious RDP session DFIR, and shredded file recovery for capturing hacking tools

    17 replies 255 proslijeđenih tweetova 791 korisnik označava da mu se sviđa
    Poništi
  2. proslijedio/la je Tweet
    5. velj

    Also coming soon: Process Explorer dark mode

    55 replies 169 proslijeđenih tweetova 1.474 korisnika označavaju da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    3. velj

    Teamviewer has been storing user passwords encrypted with AES, not hashed, in the registry accessible to low privilege users on the machine. This works for versions dating back from at least as far back as 2012 to the latest version.

    11 replies 152 proslijeđena tweeta 227 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    3. velj

    We are announcing our new blog with a post about Teamviewer and storing user passwords encrypted and not hashed allow for easy plaintext retrieval from the Windows registry.

    13 replies 120 proslijeđenih tweetova 260 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    3. velj

    Really glad to finally get a blogpost out about this. Hopefully this is useful and gives Red Teamers ideas on how to use the BYOI concept in their own payloads. If anyone is interested in a few more follow up posts about this will gladly oblige :)

    179 proslijeđenih tweetova 326 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    31. sij

    Join me and on Tuesday, February 11th as we unveil 3.0! We will demo new attack primitives, performance improvements, and changes in the GUI. Register for the webinar here (recording available afterwards):

    6 replies 158 proslijeđenih tweetova 376 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    30. sij

    Red Teaming with Covenant and Donut

    123 proslijeđena tweeta 286 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    29. sij

    I made a goose that destroys your computer Download it free here:

    3.975 replies 111.960 proslijeđenih tweetova 299.379 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    29. sij

    Wireguard is now in the mainline Linux kernel.

    1 reply 86 proslijeđenih tweetova 239 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    28. sij

    1. Windows Defender 2. EDR 3. Automated defanging of documents 4. Disabling macros, OLE, DDE, etc. 5. Disabling Windows Script Hosting 6. Private VLANs 7. Application whitelisting 8. Users not being local admins 9. 2FA on everything 10. Up-to-date patching

    👋 operators: Which defensive settings have you encountered that made it *super* painful for you to operate in a Windows AD environment?
    14 replies 307 proslijeđenih tweetova 1.086 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    28. sij

    New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZure

    12 replies 388 proslijeđenih tweetova 799 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    28. sij

    tip: use logman.exe with -b, -rf, -s, and -rc to create highly-privileged local, and remote scheduled tasks. They are deeply hidden in the Task Scheduler GUI, especially as the actions are masked under "Custom Handler". And no one looks for attackers in Perfmon/DCS.

    150 proslijeđenih tweetova 359 korisnika označava da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    27. sij

    Just pushed a somewhat big update to SILENTTRINITY with a lot of forward compatibility fixes for Python 3.8 and made the PowerShell "stageless" stager public. Plus more modules and bug fixes

    6 replies 145 proslijeđenih tweetova 330 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    27. sij

    If 's DotnetToJScript is blocked on newer versions of Windows or if it gets flagged by AMSI, you can use Excel automation via a COM object as an alternative to execute shellcode from JScript or VBScript w/o touching disk. PoC for x86 & x64 here:

    145 proslijeđenih tweetova 292 korisnika označavaju da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    26. sij

    Some study notes on LSASS hooking for harvesting interactive logon credentials. Thanks to for his inspiring posts about mimikatz.

    5 replies 176 proslijeđenih tweetova 406 korisnika označava da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    25. sij

    I don't think and get enough credit for really driving a massive change in the way infosec views active directory. Novel attacks and C2 are great, but Bloodhound has cultivated a whole new school of thought in infosec. Its a whole different level of awesome.

    5 replies 20 proslijeđenih tweetova 148 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    23. sij

    10 days left to get your code into the Arctic Code Vault! On 02/02/2020, we will make a copy of every active public repository on GitHub to preserve them in a decommissioned coal mine for over 1,000 years.

    89 replies 844 proslijeđena tweeta 1.716 korisnika označava da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    22. sij

    Here is the link to the SpecterOps Adversary Tactics: PowerShell course material: Enjoy! For information about our current training offerings, information can be found here: (4/4)

    20 replies 533 proslijeđena tweeta 953 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    22. sij

    Despite its incredible security enhancements, PowerShell continues to be abused by adversaries. A strong knowledge of PowerShell enables defenders to effectively manage and respond to its abuse. (1/4)

    9 replies 183 proslijeđena tweeta 491 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    22. sij

    Revisiting RDP lateral movement and releasing a project that will be part of a bigger tool coming next week

    25 replies 486 proslijeđenih tweetova 883 korisnika označavaju da im se sviđa
    Poništi

@_theVIVI još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·