Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @bohops
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @bohops
-
Prikvačeni tweet
[Blog] At my
@BSidesCharm talk last week, I disclosed a relatively interesting WDAC/Device Guard bypass technique that took advantage of a "Catalog Hygiene" issue within Windows. Here is a short blog post on the subject -https://wp.me/p7MIao-qOHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
SettingSyncHost.exe as a LolBin http://www.hexacorn.com/blog/2020/02/02/settingsynchost-exe-as-a-lolbin/ …
#LOLBIN cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foopic.twitter.com/dOM4EHq4ZuHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I've reported a few bugs to
@avast_antivirus this past year and have been impressed with their handling of each issue. Here is their write-up about a recent symlink priv esc bug in the Avast Secure Browser (ASB) Updater:https://www.avast.com/bug-bounty-credits/en/a-tribute-to-our-security-research-community …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
Running unexpected things via manage-bde.wsf and COMSPEC
https://www.virustotal.com/gui/file/7493b93fbb8125b28e5d2b7b2984b4e3ff9cd90a083286e7b15a06ee1a0612ae …

https://twitter.com/bohops/status/980659399495741441 … @bohopspic.twitter.com/SOTsepgDCI
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
Couple of rough notes on .NET stuff. Avoiding defender + manually patching AMSI to retain Assembly.Load() functionality =)https://operat-or.gitbook.io/notes/fixing-some-.net-tradecraft …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZurehttps://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
Move Faster, Stay Longer https://posts.specterops.io/move-faster-stay-longer-6b4efab9c644 … blog about extending CS and tools to go with it.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I had the privilege of taking one of
@joevest's fantastic Red Team Management courses through SANS. I'm really looking forward to his new book, which I'm sure will be a very a valuable resource. Consider picking up a copy and giving Joe a follow#FFhttps://twitter.com/joevest/status/1220693894087823361 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
Post-exploitation
#Friday tip: Do you know how to trivially & remotely hijack an#RDP session without prompt nor warning on user's side using#Microsoft signed binary (no patch/multi-session) ? qwinsta+mstsc shadowing is the answer ;) Details: https://github.com/kmkz/Pentesting/blob/master/Post-Exploitation-Cheat-Sheet …#Pentestingpic.twitter.com/wHVIYQo73A
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
In the
@SpecterOps PowerShell course, blue and red teamers alike were pleased to discover that through abusing an undocumented WMI class (Root\Microsoft\Windows\Powershellv3:PS_ModuleFile), file contents can be retrieved remotely using only WMI.pic.twitter.com/crXKWFyeeG
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
how to be a bad ctor http://www.hexacorn.com/blog/2020/01/24/how-to-be-a-bad-ctor/ … ctor.dll, LaunchSetup <filename>
#LOLBINHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
I was just looking over the training courses offered by
@SpecterOps and saw that their "Adversary Tactics: PowerShell" course has been discontinued. But, I discovered that they have released it on their GitHub!https://github.com/specterops/at-ps …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
Revisiting RDP lateral movement https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3 … and releasing a project that will be part of a bigger tool coming next week
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
Despite its incredible security enhancements, PowerShell continues to be abused by adversaries. A strong knowledge of PowerShell enables defenders to effectively manage and respond to its abuse. (1/4)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
Senior Security Consultant
@Oddvarmoe describes the discovery of a privilege escalation in the Intel Trusted Connect Service Client and how to complete the#exploit in order to obtain local admin accesshttps://hubs.ly/H0mG7VY0Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
#BlueTeam command-line MSBuild.exe detection's got your#RedTeam down? How about MSBuild without MSBuild.exe? https://s5.gifyu.com/images/msbuild_api.gif …https://github.com/rvrsh3ll/MSBuildAPICaller …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
Check out the Progressive House session ‘CVE-0117-2020’ by GrooveMaster on
#SoundCloud?#nphttps://soundcloud.com/lenculb007/cve-0117-2020 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
bohops proslijedio/la je Tweet
"
#ShadowMove: a Stealthy Lateral Movement Strategy" is now available to read Read if interested to see a new practical lateral movement https://usenix.org/conference/usenixsecurity20/presentation/niakanlahiji … Demo (TDS (MS SQL) & FTP): https://uofi.app.box.com/folder/93023403411 … Prototype will be released soon@MITREattack@USENIXSecurityPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
If you have AppLocker deployed, be aware that most times when Windows 10 is updated/upgraded, it creates a TASKS_MIGRATED folder under C:\windows\system32 that has the CREATOR OWNER, meaning that users can create and execute files from the folder and bypassing AppLocker
pic.twitter.com/YLUxRxDyxr
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
bohops proslijedio/la je Tweet
Hello
#infosec and#threatintel Twitter! We are looking for a CIRT analyst@thomsonreuters! Help us keep our IP, data, and importantly our@Reuters JOURNALISTS safe from digital threats. High tempo ops + learning & growth opportunities + great culture. Check it out!Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.