Borja Merino

@BorjaMerino

Security Researcher

shelliscoming.com
Vrijeme pridruživanja: lipanj 2010.
48 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @BorjaMerino

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @BorjaMerino

  1. Prikvačeni tweet
    1. stu 2019.

    Retro shellcoding for current threats: rebinding sockets in Windows

    1 reply 42 proslijeđena tweeta 59 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    1. velj

    Load encrypted PE from XML Attribute. MSBuild is still the best.😅 MSBuild sets Property then calls Execute. Use this example to decouple payloads & prove that all security products have a "Single File Bias". Decouple payloads to subvert detection.

    5 replies 149 proslijeđenih tweetova 309 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    26. sij

    Some study notes on LSASS hooking for harvesting interactive logon credentials. Thanks to for his inspiring posts about mimikatz.

    5 replies 175 proslijeđenih tweetova 406 korisnika označava da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    24. sij

    modexp is one of my fav. researchers; while I often skim on details he is killing it with posts that combine an extensive and comprehensive research on interesting and often nuanced topics and a very well written narrative top quality right there

    49 proslijeđenih tweetova 182 korisnika označavaju da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    22. sij

    ppldump : Injects MiniDumpWriteDump() Shellcode into PPL procs (lsass demo) to dump memory. Got better tools, so useless to me now. Note sometimes the threads lock after the APC is queued, causing MiniDumpWriteDump to fail. Just resume the thread(s)

    62 proslijeđena tweeta 124 korisnika označavaju da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    17. sij

    My blog post about CVE-2020-0601 is online! I hope you guys enjoy it, I didn't sleep for 2 days now, pardon me if I made some mistakes :) Feel free to point out any mistakes!

    6 replies 85 proslijeđenih tweetova 191 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  7. 18. sij

    Windows kernel explorer: A free powerful Windows kernel research tool

    203 proslijeđena tweeta 417 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    15. sij

    Ghidra Script that sets the names for missing function names by looking for relevant patterns in the binary! Hope that will help you too :)
    1 reply 36 proslijeđenih tweetova 146 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    14. sij

    No fancy EDR required to capture CVE-2020-0601 attempts (after patching). Just ensure you're forwarding Application log events. Currently, CVE-2020-0601 is the only Microsoft code (AFAIK) that calls the CveEventWrite API so event noise is not a concern.

    8 replies 201 proslijeđeni tweet 463 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    12. sij

    C++ for Hackers: How C++ can be a vital tool for infosec developers

    7 proslijeđenih tweetova 39 korisnika označava da im se sviđa
    Poništi
  11. 11. sij

    Windows Process Injection in 2019 . Nice compilation with functional examples.

    121 proslijeđeni tweet 296 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    6. sij

    Dear users, if you're a fan of the tool and are keen to throw a few dollarydoos at it, please head over here: All proceeds received before the end of Jan (including the current balance of USD $271) will be donated to the Rural Fire Service here in Australia.

    1 reply 30 proslijeđenih tweetova 58 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    5. sij

    I've developed a new technique for bypassing firewalls/NATs and producing full TCP/UDP session to targeted user. Anyone have RCE for a service that's typically only run behind NATs (eg desktop software like Sonos, Spotify, Dropbox, etc which bind to *) and want to merge projects?

    98 replies 489 proslijeđenih tweetova 2.035 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    5. sij

    One-Way Shellcode for firewall evasion using Out Of Band data

    15 proslijeđenih tweetova 11 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    3. sij

    APT34 partial tools leak (repost as this got taken down very quickly)

    8 replies 302 proslijeđena tweeta 584 korisnika označavaju da im se sviđa
    Poništi
  16. 1. sij

    Nice post of describing how to detect Module Stomping: <--

    1 reply 44 proslijeđena tweeta 92 korisnika označavaju da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    30. pro 2019.

    I'm going to donate a bunch of funds I've received from live streams to this cause, I'll match it personally, and my company will be matching it dollar for dollar. If you can give, please consider it!

    Odgovor korisnicima @Nic_Asher @abcmelbourne
    Donate $$$ to the rural fire services
    10 proslijeđenih tweetova 28 korisnika označava da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    30. pro 2019.

    The last () and () this year! (v0.2.4) - some improvements & many important fixes, so please don't miss it.

    5 replies 103 proslijeđena tweeta 257 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    26. pro 2019.

    Link to the repo: The gap between source and binary fuzzing is now smaller :)

    14 proslijeđenih tweetova 28 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    23. pro 2019.

    Empire 3.0 is officially here ...and just in time for Christmas! Blog: GitHub:

    16 replies 549 proslijeđenih tweetova 980 korisnika označava da im se sviđa
    Poništi
  21. 26. pro 2019.

    Remote Code Execution in restricted Windows environments

    1 reply 19 proslijeđenih tweetova 59 korisnika označava da im se sviđa
    Poništi

@BorjaMerino još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·