Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @bockcay
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @bockcay
-
Oliver proslijedio/la je Tweet
Las temperaturas máximas de hoy han sido muy altas para tratarse del primer día de febrero: València: 27.3 Aero València: 26.8 Sagunto/Sagunt: 26.3 València-UPV: 26.0 Vinaròs: 25.8 Jávea/Xàbia: 25.4 Llíria: 25.2 Castelló: 24.7 Alicante/Alacant: 24.3 Elche/Elx: 24.3 Miramar: 24.0
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
Windows Defender got you feeling down? Here is a simple trick to load your meterpreter payloads past Windows Defender https://hacker.house/lab/windows-defender-bypassing-for-meterpreter/ …pic.twitter.com/dxBieW2ZQv
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
1. Windows Defender 2. EDR 3. Automated defanging of documents 4. Disabling macros, OLE, DDE, etc. 5. Disabling Windows Script Hosting 6. Private VLANs 7. Application whitelisting 8. Users not being local admins 9. 2FA on everything 10. Up-to-date patchinghttps://twitter.com/jhencinski/status/1221819451617705984 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
From the folks that brought you Atomic Red Team, Chain Reactor is a new open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints. https://redcanary.com/blog/chain-reactor-framework-for-linux/ …pic.twitter.com/fkOISDk9YK
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
Is LLMNR Poisoining still a thing?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
Windows / Linux Local Privilege Escalation Workshop (Materials included !)
https://github.com/sagishahar/lpeworkshop …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
#Redteam operators: Which defensive settings have you encountered that made it *super* painful for you to operate in a Windows AD environment?Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
What issues do people have with a
#Sysmon rollout in an enterprise? Log volume? I’ve seen orgs worried about 20GB of daily Sysmon log data, while at the same time spending a 6 figure sum on a license to process 500GB of daily firewall log data. (which is mostly useless)Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
Wrong and New Paradigms in Security Monitoring
#SecurityMonitoring#SIEM What are yours?pic.twitter.com/zKMfQmQRFP
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
I think this is pretty significant. Think of AV attack surface as a rich vein of gold nobody has bothered to mine yet. A zillion highly privileged parsers. I know some red teamers who’ve used bugs like these but you don’t hear of them being used ITW much.https://www.zdnet.com/article/trend-micro-antivirus-zero-day-used-in-mitsubishi-electric-hack/ …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
I wrote some automation around gophish, evilginx2, and postfix for faster phishing deployment. Looking for feedback and pull requests :D https://lockboxx.blogspot.com/2020/01/gophish-evilginx2-auto-deployment-w.html …https://github.com/ahhh/phish_composer …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
Here's what we've done when I was hired for a similar position (more dev oriented) in 2013/14: - HTTPS + HSTS - "rehash" passwords from SHA-1 to bcrypt, not just on signin, here's how https://www.michalspacek.com/upgrading-existing-password-hashes … - send reset links for password resets, not new/generated passwords
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
Don’t get lost in an unknown network!
@Carlos_Perez is breaking down the problem with Enumeration of Active Domain (AD) in his latest#blog From tester to defender, this is important for all#security professionalshttps://hubs.ly/H0mJf3D0Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
This. In multiple investigations I’ve been handed BitLocker volumes that hadn’t been encrypted at all.https://twitter.com/SwiftOnSecurity/status/1220144886109933568 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Oliver proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Oliver proslijedio/la je Tweet
I will be speaking at
@WEareTROOPERS, "AMSI-Instrumentation ML Classification For Preventing Script based Attack"Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
SharpRDP, a .NET console application that can be used to perform authenticated command execution against a remote target for the purposes of lateral movement through RDP without the need of a GUI client or SOCKS proxy. Send Win+R through RDP.https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
Microsoft have released an open source tool to analyze source code for vulnerabilities in almost any modern language:https://github.com/Microsoft/ApplicationInspector/wiki …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Oliver proslijedio/la je Tweet
#BugBountyTip time: I've got a RCE by using this tip: while testing for malicious file uploads, if .php extension is blacklisted you can try .PhP , .php5 and .php3 Sometime this fools the backend and you get shell! RTs & comments are appreciated. Follow#bugbountytips#pentestHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.