aojald

@aojald

-- Head of the Pentest & Audit Team - Pentesting since 2009 & Red Teaming since 2013 - Alumni , Paris FR --

France
Vrijeme pridruživanja: ožujak 2012.

Tweetovi

Blokirali ste korisnika/cu @aojald

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @aojald

  1. proslijedio/la je Tweet
    3. velj
    Poništi
  2. proslijedio/la je Tweet
    3. velj

    Fabriquez votre propre clé de sécurité compatible U2F et FIDO2. 100% Open Source (hardware et software). Écrit en Rust. Mais ça n'est pas un projet de l' 😉

    Poništi
  3. proslijedio/la je Tweet
    2. velj
    Poništi
  4. proslijedio/la je Tweet
    2. velj
    Poništi
  5. proslijedio/la je Tweet
    31. sij

    S3Enum - Fast Amazon S3 Bucket Enumeration Tool For Pentesters

    Poništi
  6. proslijedio/la je Tweet
    31. sij

    Microsoft SharePoint contains a Remote Code Execution vulnerability known as CVE-2019-0604 (), which is currently being exploited. We informed organisations in Luxembourg about 16 vulnerable machines. Please verify your infrastructure is up to date.

    Poništi
  7. proslijedio/la je Tweet
    2. velj
    Poništi
  8. proslijedio/la je Tweet
    2. velj

    SettingSyncHost.exe as a LolBin cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foo

    Poništi
  9. proslijedio/la je Tweet
    31. sij

    Join me and on Tuesday, February 11th as we unveil 3.0! We will demo new attack primitives, performance improvements, and changes in the GUI. Register for the webinar here (recording available afterwards):

    Poništi
  10. 31. sij
    Poništi
  11. proslijedio/la je Tweet
    30. sij
    Poništi
  12. proslijedio/la je Tweet
    30. sij
    Poništi
  13. proslijedio/la je Tweet
    28. sij

    Some Lateral Movement Methods: -Pass the Hash/Relay ((Net-)NTLM) -Pass the Ticket (Silver/Golden) -RDP (Legit creds) -Remote Services (VNC/SSH) -(D)COM (Remote sched tasks, Services, WMI) -Remote Service Vuln (EB) -Admin Shares (PSExec) -Webshell (Chopper) -WinRM (PS Remoting)

    Poništi
  14. proslijedio/la je Tweet
    28. sij

    New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZure

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    28. sij

    1. Windows Defender 2. EDR 3. Automated defanging of documents 4. Disabling macros, OLE, DDE, etc. 5. Disabling Windows Script Hosting 6. Private VLANs 7. Application whitelisting 8. Users not being local admins 9. 2FA on everything 10. Up-to-date patching

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    27. sij

    Given a Pcap File, plot a network diagram displaying hosts in the network, network traffic, highlight important traffic

    Poništi
  17. proslijedio/la je Tweet
    26. sij

    Log Sources - ordered by priority - with ratings in different categories - personal and highly subjective assessment - from my most recent slide deck on low hanging fruits in security monitoring

    Poništi
  18. proslijedio/la je Tweet
    26. sij

    LogonTracer. Investigate malicious Windows logon by visualizing and analyzing Windows event log, by

    Poništi
  19. proslijedio/la je Tweet
    24. sij
    Poništi
  20. proslijedio/la je Tweet
    24. sij

    If you have ATP enable the NO-DEFAULT protections: 1)block office apps from creating child process and inject code to other process2)Block JS &VBS from launching downloaded executable content 3)Block credential stealing from lsass.exe and much more

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·