Paul Laîné

@am0nsec

Security consultant at - cum lux abest, tenebrae vincunt

France & London
amonsec.net
Vrijeme pridruživanja: rujan 2016.
Rođen/a 1997.
43 fotografije ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @am0nsec

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @am0nsec

  1. Prikvačeni tweet
    9. stu 2019.

    Plan. Execute. Vanish. cc: @capabilitiesgrp

    1 proslijeđeni tweet 4 korisnika označavaju da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    prije 18 sati

    Stay positive Lolbins... not! rundll32 advpack.dll, RegisterOCX calc.exe rundll32 advpack.dll, #12 calc.exe rundll32 advpack.dll, #+12 calc.exe rundll32 advpack.dll, #-4294967284 calc.exe

    5 replies 94 proslijeđena tweeta 275 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    3. velj

    A very insightful breakdown on violent non-state actors (VNSA) and their ability to adopt the latest technology.

    1 reply 12 proslijeđenih tweetova 19 korisnika označava da im se sviđa
    Poništi
  4. 4. velj

    Turns out this is a massive pain to install Visual Studio w/ Ansible.

    1 proslijeđeni tweet 3 korisnika označavaju da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    2. velj

    Can your EDR detect symbolic link callback rootkits? Because ours sure as heck can't. and I wrote about these!

    161 proslijeđeni tweet 367 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    2. velj

    Chapter 6 has been published!

    39 proslijeđenih tweetova 159 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    2. velj

    SettingSyncHost.exe as a LolBin cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foo

    167 proslijeđenih tweetova 363 korisnika označavaju da im se sviđa
    Poništi
  8. 2. velj

    Such a brilliant book for anyone interested by privacy. Even if this is extreme, there is things that can be implemented in order to stay under the radar. cc:

    4 proslijeđena tweeta 14 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    31. sij

    Want to see how the red team weaponizes threat intel for R&D and TTP development? Check out some research I did with and . Also includes some new executables that can be used for DLL abuse.

    127 proslijeđenih tweetova 240 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    30. sij

    New writeup by me and of a new Iranian campaign we discovered! Special thanks to for assisting as well!

    41 proslijeđeni tweet 73 korisnika označavaju da im se sviđa
    Poništi
  11. 30. sij

    Pretty bad OPSEC and a good blog post.

    Really excited to share this with everyone. Read about how I got access to a huge botnet and what happened after!
    Prikaži ovu nit
    1 proslijeđeni tweet 2 korisnika označavaju da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    30. sij

    A quick post on why you shouldn't use SYSTEM Tokens when you sandbox a process. Part 1 of N (where I haven't decided how big N is).

    78 proslijeđenih tweetova 146 korisnika označava da im se sviđa
    Poništi
  13. 28. sij

    Every time I'm writing a new Cobalt Strike aggressor script my eyes are bleeding - but that's always worth it 🤔

    1 proslijeđeni tweet 5 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    28. sij

    It’s a pricing trick. In handwriting analysis margins & letter size matter. This writer chose to place the “original” price on the left of the tag, leaving a big enough space on the right. Had it been a true discount, the price in blue would have been located in the center.. 🧵

    Let‘s do some ! Is this 🔹an actual discount or 🔹a pricing trick? Explain your thoughts/observations in the comments!
    1 reply 4 proslijeđena tweeta 9 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    27. sij

    Move Faster, Stay Longer blog about extending CS and tools to go with it.

    7 replies 159 proslijeđenih tweetova 254 korisnika označavaju da im se sviđa
    Poništi
  16. 25. sij

    If anyone is interested by an example of the Windows Next Generation Cryptography API (bcrypt.lib) - especially after CVE-2020-0601 - I wrote a simple C++ program that encrypt and decrypt a string. Link:

    1 reply 71 proslijeđeni tweet 171 korisnik označava da mu se sviđa
    Poništi
  17. proslijedio/la je Tweet
    24. sij

    Join our Webinar: AVIVORE TTPs and Indicators of Compromise – Learn how your organisation can develop its capability to detect and respond to this new cyber threat group.

    2 proslijeđena tweeta 1 korisnik označava da mu se sviđa
    Poništi
  18. proslijedio/la je Tweet
    24. sij

    Interesting recent change (at least 1903) to SeTokenCanImpersonate which determines if you can impersonate an access token. The Session ID is now checked so that you can't impersonate same user session 0 tokens outside of session 0.

    18 proslijeđenih tweetova 80 korisnika označava da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    24. sij

    SOE: Subversion and Propaganda: The Fourth Arm

    14 proslijeđenih tweetova 20 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    21. sij

    New webinar! Our Threat Intel Tech Lead Oliver Fay will demonstrate how a new state-sponsored threat group "AVIVORE" use legitimate remote connectivity to hack into businesses. Register here:

    1 proslijeđeni tweet 1 korisnik označava da mu se sviđa
    Poništi
  21. proslijedio/la je Tweet
    15. sij

    Hainan Xiandun Technology Company is APT40. They recruited Hainan based Cambodian linguists three months before APT40 conducted their Cambodia campaign.

    5 replies 110 proslijeđenih tweetova 185 korisnika označava da im se sviđa
    Poništi

@am0nsec još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·