Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @br0k3ns0und
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @br0k3ns0und
-
Justin proslijedio/la je Tweet
Here is the link to the SpecterOps Adversary Tactics: PowerShell course material: https://github.com/specterops/at-ps … Enjoy! For information about our current training offerings, information can be found here: https://specterops.io/how-we-help/training-offerings … (4/4)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Justin proslijedio/la je Tweet
God forbid the Audit-CVE event fires for CVE-2020-0601 but if it does and the "para" field starts with 30, it's a good chance you have a cert with custom ECC curve params. Here's how you can parse them to make sense of them. https://gist.github.com/mattifestation/a64846c1c523d3aaedaeb1fb0f4989ce … https://twitter.com/mattifestation/status/1217179698008068096 …pic.twitter.com/4dgB8swWDV
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
#Opensource attack frameworks and tools continue to be leveraged by criminal groups and nation state actors. Find new ways to build behavioral detections against post-exploitation frameworks such as#Koadic using Event Query Language (EQL) in this post → https://go.es.io/3a2KfS5 pic.twitter.com/FARUi2lYbX
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
Wew okay, so there's some REALLY bizarre internet-wide scan traffic happening right now in
@GreyNoiseIO . it started two/three hours ago, quieted down for a few minutes, then just started up again. I'm going to do my best to stream of conscious what's going on while we dig in:pic.twitter.com/ZrhoV4b88x
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
This year I learned about Event Query Language (EQL) from
@rw_access (Ross Wolf). It has quickly become an indispensable tool for analyzing Windows Event Logs. It has a bit of a learning curve, so I wrote an article to help people get started: https://pen-testing.sans.org/blog/2019/12/10/eql-threat-hunting/ …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
Learn how Elastic Endpoint Security's behavior-based protections prevented a targeted
#ransomware attack on multiple endpoints and how Event Query Language (EQL) can be used to detect and prevent unwanted behaviors → https://go.es.io/34PToL1 pic.twitter.com/BZQwIShi8p
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
Awesome time at
#BSidesDFW today! Here are the slides from my talk on "ATT&CKing#Koadic with EQL".https://docs.google.com/presentation/d/1Wq76DqLzrF2-qxnhWTSXzmuHjBdXoND2tzMw2zeopfs/edit?usp=sharing …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
If you're attending
@BSidesDFW this weekend, check out@elastic's@DanielStepanic talk on "ATT&CKing#Koadic with EQL." He'll break down the capabilities of a post-exploitation framework and share his process for building behavioral detections using EQL. http://bsidesdfw.com/2019spkr#t31530Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
We’re pleased to introduce Elastic Endpoint Security, a new solution which, combined with Elastic
#SIEM, provides a single experience for real-time threat prevention, detection, and response. Plus, say goodbye to endpoint-based pricing → https://go.es.io/2J7mDQH pic.twitter.com/tZ3RWfMjOT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
If you want to learn about
@eventquerylang and preparing your telemetry for effective threat hunting, I’m hosting a lunchtime session at the SANS THIR summit on Tuesday, 10/1#THIR#ThreatHuntingSummit https://www.sans.org/event/threat-hunting-and-incident-response-summit-2019/bonus-sessions/19295/#bonus-box …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
We are proud to launch our brand new interactive XSS cheatsheet featuring novel vectors from
@garethheyeshttps://portswigger.net/research/one-xss-cheatsheet-to-rule-them-all …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
Happy to release the API-To-Event project

A repo focused primarily on documenting the relationships between API functions and security events. Mapped to @MITREattack#ThreatHunting#PurpleTeam
API-To-Event List: https://docs.google.com/spreadsheets/d/1Y3MHsgDWj_xH4qrqIMs4kYJq1FSuqv4LqIrcX24L10A/edit?usp=sharing …
GitHub:https://github.com/hunters-forge/API-To-Event …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
"Adversaries might be leveraging WMI Win32_Process class and method Create to execute code remotely across my environment"
#ThreatHuntingSeason#ThreatHunting
Datasets: https://github.com/Cyb3rWard0g/mordor/tree/master/small_datasets/windows/execution/windows_management_instrumentation_T1047#windows-management-instrumentation-wmi …
Notebook: https://nbviewer.jupyter.org/github/Cyb3rWard0g/ThreatHunter-Playbook/blob/master/playbooks/windows/08_lateral_movement/T1047_windows_management_instrumentation/wmi_win32_process_create_remote.ipynb …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
Thank you everyone for attending my
#DerbyCon talk: "How do I detect technique X in Windows?" Applied Methodology to Definitively Answer this Question Reverse Engineers can have fun building detections too! :D Slides: https://drive.google.com/file/d/19AhMG0ZCOt0IVsPZgn4JalkdcUOGq4DK/view?usp=sharing … Code:https://gist.github.com/mattifestation/9f029ff65ddbed15500808bca0d3daab …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
Bluetooth is broken: A third party can force a one byte encryption key on any Bluetooth connection in range, even between already paired devices. It's bad.https://knobattack.com/
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
I'm publishing some
research today, a major design flaw in Windows that's existed for almost *two decades*. I wrote a blog post on the story of the discovery all the way through to exploitation.
https://googleprojectzero.blogspot.com/2019/08/down-rabbit-hole.html …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Justin proslijedio/la je Tweet
At
#BSidesLV? Come by our table and chat with SJ, Justin and Jesse about military-grade protection that’s as simple as AV.pic.twitter.com/nBU5TX6kKp
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Justin proslijedio/la je Tweet
BTW, I would recommend NOT using the self-checkin kiosks at
@defcon. I'm not saying they actually so this, but their privacy policy allows them to use your ID scans to enroll you in their facial recognition systems. (Sections 3 and 15 of https://www.caesars.com/corporate/corporate-social-responsibility/play/privacy …)Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.