Matt Kelly

@breakersall

Red Teamer; threat hunter, boilermakers sports fan.

Chicago
Vrijeme pridruživanja: srpanj 2011.

Tweetovi

Blokirali ste korisnika/cu @breakersall

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @breakersall

  1. Prikvačeni tweet
    21. lis 2018.

    If you are a senior/mentor a general rule I use for JRs: Before touching a tool on a target network, explain to me the protocol / tech this is using in detail, how the attack works, why and how you should leverage the attack, risks indicators, artifacts, and the recommended fix.

    Poništi
  2. prije 5 sati

    GRU really should have just hired this App designer in '16.

    Poništi
  3. proslijedio/la je Tweet
    2. velj

    Remembering Jef Dye, my friend and colleague today. Jef was one of a kind and unfortunately he was taken way too soon. Thank you for the memories and for making me better. RIP.

    Poništi
  4. Poništi
  5. 27. sij

    Gene Kranz had some very wise words after the Apollo 1 launch pad tragedy:

    Poništi
  6. 26. sij

    Starbucks Reserve Roastery is a surprisingly cool experience. Coffee meets a meth lab in a cool willy wonka way.

    Poništi
  7. 20. sij

    TIL the unix epoch year 2038 problem can already manifest itself. Don't know what that is? Think y2k:

    Poništi
  8. 15. sij

    A bagel with cream cheese is just New York style pizza. Too much bread, no sauce, weak cheese on top. Change my mind.

    Poništi
  9. proslijedio/la je Tweet
    15. sij

    TIL Windows cryp32.dll validates ECC crypto the same way I validate PGP keys email signatures.

    Prikaži ovu nit
    Poništi
  10. 15. sij

    TIL Windows cryp32.dll validates ECC crypto the same way I validate PGP keys email signatures.

    Prikaži ovu nit
    Poništi
  11. 15. sij

    So who is naming CVE-2020-0601 since NSA didn't? First contender: 'De'crpyt32.dll

    Prikaži ovu nit
    Poništi
  12. 14. sij

    This is not what I hoped for when they said the 'roaring 20's'.

    Poništi
  13. 9. sij

    "You know, when you wake every day to the same daymare where one person's touting that features like NAC are the next flux capacitor while another compares its utility to that of sandpaper in the toilet roll dispensers in a truck stop restroom?" -

    Poništi
  14. 9. sij

    No adversary calendar this year ?

    Poništi
  15. proslijedio/la je Tweet
    8. sij

    I know threat reporting overlaid on top of ATT&CK is the new SOP, but saying "threat actor uses registry persistence" then pointing me to an ATT&CK page for reg persistence that has 450 varieties is fucking useless. As hunt/DE, TI should bring me to the 5 yard line. Not midway.

    Poništi
  16. 7. sij

    Making this my email signature instead of 'Thanks, Matt Kelly'

    Tweet je nedostupan.
    Poništi
  17. proslijedio/la je Tweet
    5. sij

    Change.exe, Query.exe, and Reset.exe are basically the same tool, reading aliases from registry and launching other EXEs. Adding your own REG_MULTI_SZ to "query" could be an interesting way to fool forensicators for a moment.

    Poništi
  18. proslijedio/la je Tweet
    2. sij
    Odgovor korisnicima

    One of the goals for 2020 for is to partner with anyone in the community willing to release a new adversary technique or toolset and would love to also release a dataset and a . I can help with that for FREE 😉🍻💜

    Poništi
  19. proslijedio/la je Tweet
    3. sij

    Given recent developments, re-upping our statement from the summer. Bottom line: time to brush up on Iranian TTPs and pay close attention to your critical systems, particularly ICS. Make sure you’re also watching third party accesses!

    Prikaži ovu nit
    Poništi
  20. 2. sij

    If you are in Threat Hunting or hope to be, you should absolutely checkout this year's CTF. Zeek, Sysmon, Event hunting, GrayLog, Splunk, and more. An amazing learning experience.

    Poništi
  21. proslijedio/la je Tweet

    Ok, I have to admit this vs. business just doesn’t sit right with me. Let me @ and pretend to have some meaningful engagement regarding Apple’s larger security dilemma.

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·