Oliver

@bockcay

Infosec, network packets, and sailing

Mediterranean Sea
Vrijeme pridruživanja: ožujak 2011.

Tweetovi

Blokirali ste korisnika/cu @bockcay

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @bockcay

  1. proslijedio/la je Tweet

    Las temperaturas máximas de hoy han sido muy altas para tratarse del primer día de febrero: València: 27.3 Aero València: 26.8 Sagunto/Sagunt: 26.3 València-UPV: 26.0 Vinaròs: 25.8 Jávea/Xàbia: 25.4 Llíria: 25.2 Castelló: 24.7 Alicante/Alacant: 24.3 Elche/Elx: 24.3 Miramar: 24.0

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    28. sij

    Windows Defender got you feeling down? Here is a simple trick to load your meterpreter payloads past Windows Defender

    Poništi
  3. proslijedio/la je Tweet
    28. sij

    1. Windows Defender 2. EDR 3. Automated defanging of documents 4. Disabling macros, OLE, DDE, etc. 5. Disabling Windows Script Hosting 6. Private VLANs 7. Application whitelisting 8. Users not being local admins 9. 2FA on everything 10. Up-to-date patching

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    28. sij

    From the folks that brought you Atomic Red Team, Chain Reactor is a new open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

    Poništi
  5. proslijedio/la je Tweet
    27. sij

    Is LLMNR Poisoining still a thing? 🤔

    Poništi
  6. proslijedio/la je Tweet
    26. sij

    Windows / Linux Local Privilege Escalation Workshop (Materials included !) 🥳

    Poništi
  7. proslijedio/la je Tweet
    27. sij

    👋 operators: Which defensive settings have you encountered that made it *super* painful for you to operate in a Windows AD environment?

    Poništi
  8. proslijedio/la je Tweet
    27. sij

    What issues do people have with a rollout in an enterprise? Log volume? I’ve seen orgs worried about 20GB of daily Sysmon log data, while at the same time spending a 6 figure sum on a license to process 500GB of daily firewall log data. (which is mostly useless)

    Poništi
  9. proslijedio/la je Tweet
    27. sij

    Wrong and New Paradigms in Security Monitoring What are yours?

    Poništi
  10. proslijedio/la je Tweet
    26. sij

    I think this is pretty significant. Think of AV attack surface as a rich vein of gold nobody has bothered to mine yet. A zillion highly privileged parsers. I know some red teamers who’ve used bugs like these but you don’t hear of them being used ITW much.

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    25. sij

    I wrote some automation around gophish, evilginx2, and postfix for faster phishing deployment. Looking for feedback and pull requests :D

    Poništi
  12. proslijedio/la je Tweet
    Odgovor korisniku/ci

    Here's what we've done when I was hired for a similar position (more dev oriented) in 2013/14: - HTTPS + HSTS - "rehash" passwords from SHA-1 to bcrypt, not just on signin, here's how - send reset links for password resets, not new/generated passwords

    Poništi
  13. proslijedio/la je Tweet
    23. sij

    Don’t get lost in an unknown network! is breaking down the problem with Enumeration of Active Domain (AD) in his latest From tester to defender, this is important for all professionals

    Poništi
  14. proslijedio/la je Tweet
    23. sij

    This. In multiple investigations I’ve been handed BitLocker volumes that hadn’t been encrypted at all.

    Poništi
  15. proslijedio/la je Tweet
    23. sij
    Odgovor korisniku/ci
    Poništi
  16. proslijedio/la je Tweet
    23. sij

    JSON web tokens (JWT)

    Poništi
  17. proslijedio/la je Tweet
    20. sij

    I will be speaking at , "AMSI-Instrumentation ML Classification For Preventing Script based Attack"

    Poništi
  18. proslijedio/la je Tweet
    22. sij

    SharpRDP, a .NET console application that can be used to perform authenticated command execution against a remote target for the purposes of lateral movement through RDP without the need of a GUI client or SOCKS proxy. Send Win+R through RDP.

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    23. sij

    Microsoft have released an open source tool to analyze source code for vulnerabilities in almost any modern language:

    Poništi
  20. proslijedio/la je Tweet
    22. sij

    time: I've got a RCE by using this tip: while testing for malicious file uploads, if .php extension is blacklisted you can try .PhP , .php5 and .php3 Sometime this fools the backend and you get shell! RTs & comments are appreciated. Follow

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·