Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @bp256r1
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @bp256r1
-
Prikvačeni tweet
Today's Twitter threads
• Overview of MITRE ATT&CK + a CTI resource from ThaiCERT which includes information about 164 APTs + 19 (prolific) criminal groups
• Using CVSS 2.x vectors to better understand security vulnerabilitiespic.twitter.com/2yP1RqoHtlPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
———–[]=¤ԅ(ˊᗜˋ* )੭ proslijedio/la je Tweet
It's a Super Bowl victory, not the purge.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
———–[]=¤ԅ(ˊᗜˋ* )੭ proslijedio/la je Tweet
It's the year 2020, and we're still finding buffer overflows in programs written in C. Fortunately, those programs are only esoteric, rarely installed programs like... <checks notes> sudo.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
———–[]=¤ԅ(ˊᗜˋ* )੭ proslijedio/la je Tweet
"Never underestimate the bandwidth of a handcart full of phones redirecting the highway."https://twitter.com/simon_deliver/status/1223569659645112320 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
———–[]=¤ԅ(ˊᗜˋ* )੭ proslijedio/la je Tweet
For anyone wondering, yes it’s written in C# and yes I will be totally adding it as a SILENTTRINITY module if I can get the source code (a few changes need to be made in order for it to run in memory).
#makemalwarefunagainhttps://twitter.com/samnchiet/status/1222647282237169671 …
0:45Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
———–[]=¤ԅ(ˊᗜˋ* )੭ proslijedio/la je Tweet
I made a goose that destroys your computer Download it free here: http://samperson.itch.io/desktop-goose pic.twitter.com/cCGdoOYW1Y
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
———–[]=¤ԅ(ˊᗜˋ* )੭ proslijedio/la je Tweet
That's gotta be obnoxious as hell. Here you are trying to exfil documents for industrial espionage, and someone else just rolls up and encrypts it all for a cash grab. It's like the getaway driver for a bank heist getting carjacked while they're waiting.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
———–[]=¤ԅ(ˊᗜˋ* )੭ proslijedio/la je Tweet
I'm developing a C2 server which allows you to: • Upload/download files; • Execute arbitrary code on Windows, Linux, macOS; and • Lookup related alerts via different EDR solutions. Agents talk to the C2 server via gRPC. Should I use REST, or gRPC for the user-facing API?
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
———–[]=¤ԅ(ˊᗜˋ* )੭ proslijedio/la je Tweet
The biggest struggle I see from people transitioning from highly technical individual contributor roles to management roles is balancing their desire to remain technical while investing in things that are imperative to being a well rounded leader. That struggle is very real.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
———–[]=¤ԅ(ˊᗜˋ* )੭ proslijedio/la je Tweet
Would you like to detect, contain, and eradicate me and my team (and real threat actors) from one of the largest networks in the world across 5 continents?https://twitter.com/bsydad/status/1223342112072261641 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I'm a busy developer, and I'd like to minimize the amount of development that I have to do. I care about stability, maintainability, and ease of development more than performance. The agent and server are both written in Python (the agent may be written in Go in the future).
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I'm developing a C2 server which allows you to: • Upload/download files; • Execute arbitrary code on Windows, Linux, macOS; and • Lookup related alerts via different EDR solutions. Agents talk to the C2 server via gRPC. Should I use REST, or gRPC for the user-facing API?
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Is there a standard recipe for building out control planes for North/South traffic yet, or is everyone building their own? Based on my understanding, HashiCorp Consul was designed for East/West traffic, and Envoy can handle North/South + proxy to Consul, but, what else is there?
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Does anyone know of any good resources surrounding how to build endpoint detection & response (EDR) agents? I've spent the last few years developing EDR, but I'd like to better understand things like: 1) How to collect telemetry; and 2) How to structure data ingestion + C2
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
[asking a question on StackOverflow] Me: "I'd like to do <x>, but I'm having trouble flibbleflobbing my fribblenobbers." [a concerned citizen approaches, and asks with a straight face] Them: "Why? Why would you ever want to do this?" [a mod approaches] Mod: "Resolved."
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
———–[]=¤ԅ(ˊᗜˋ* )੭ proslijedio/la je Tweet
#APT34
has also used tracking pixels. It isn't a novel technique of course, but it is observed in the wild in targeted threat activity. Even beyond email, communication clients are notorious for leaking information. It's not a bad idea to rigorously test how they behave.https://twitter.com/cglyer/status/1222255797880619009 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
———–[]=¤ԅ(ˊᗜˋ* )੭ proslijedio/la je Tweet
Here's the truth -- most of the underperforming analysts I see have the potential to do well, but they are limited by their managers or lack of support from their organization. 1/
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
———–[]=¤ԅ(ˊᗜˋ* )੭ proslijedio/la je Tweet
This is what it looks like when Saudi Arabia uses NSO Group’s tools to target a journalist.https://www.nytimes.com/2020/01/28/reader-center/phone-hacking-saudi-arabia.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
HashiCorp Consul can be used to discover services and all of the hosts that make up a service, but can you: • Route traffic to a subset of all of the hosts in a cluster by tag (e.g. all of the Windows hosts in a cluster of Windows, and Linux systems)
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
On a semi-related note, thanks for your contributions to the red team infrastructure wiki,
@InvokeThreatGuy,@424f424f, and@bluscreenofjeff!

https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki#table-of-contents …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
: