Brian R

@brian_psu

Penn State alumnus, beer drinker, runner

Joined May 2008
146 Photos and videos Photos and videos

Tweets

You blocked @brian_psu

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @brian_psu

  1. Pinned Tweet
    Jul 10

    I'm very excited to be a part of the team.

    2 replies 6 retweets 25 likes
  2. Retweeted
    23 hours ago

    How sure are you that "(Verified) Microsoft Windows" refers to a program that actually originates from Microsoft? Code Signing Certificate Cloning Attacks and Defenses

    2 replies 194 retweets 330 likes
  3. Retweeted
    Dec 19

    We've open sourced our framework for developing alerting and detection strategies for incident response. We have also included several internal strategies as examples to spur greater sharing and collaboration with defenders.

    10 replies 245 retweets 456 likes
  4. Retweeted
    Dec 15

    Are you really ready for ? What does your data look like? Data Availability != Data Quality

    3 replies 122 retweets 197 likes
  6. Retweeted
    Nov 16

    Blog Post - Application Whitelisting Bypass: regsvr32.exe - Credits and thanks to

    22 retweets 33 likes
  7. Nov 16

    I had a great time at tonight. What an awesome community event.

    SecDSM is tonight 6pm @ The Forge. We have 3 talks - "Intro to Pineapple-ing", "Cisco ICND1/Security Skill: Configuring VLANs & Port Security" and "PWN'ing SDR CTFs". Come learn something new, network with peers and enjoy free food and drinks!
    4 likes
  8. Retweeted
    Nov 16

    [Blog] Lateral Movement Using Outlook’s CreateObject Method and DotNetToJScript

    7 replies 422 retweets 570 likes
  9. Nov 16

    Found my journal from ten years ago this summer and can confirm this is true.

    oh no
    1 reply 1 like
  10. Retweeted
    Nov 13

    We're releasing a blog post on how we've deployed at Palantir and have open sourced our configuration files and query packs! Blog: Github Repo:

    2 replies 209 retweets 295 likes
  11. Retweeted
    Nov 13

    Happy to welcome Roberto Rodriguez () to our Adversary Detection team! Check out some of his GitHub and blog !

    19 replies 56 retweets 166 likes
  12. Nov 8

    Today I confirmed once again that is a wizard. 🧙‍♂️

    8 likes
  13. Oct 25

    A step-by-step guide to beat the defenders in the training class...

    Modern Defenses and YOU!
    1 reply 3 retweets 18 likes
  14. Retweeted
    Oct 18

    I find Get-CSBitlockerKeyProtector in CIMSweep to be handy for remotely recovering Bitlocker key material w/ WMI:

    1 reply 54 retweets 126 likes
  15. Retweeted
    Oct 14

    Discover any "ACL Hidden" objects used for persistency cc

    2 replies 101 retweets 130 likes
  16. Retweeted
    Oct 14

    Another training wrapped up, thanks to all the students for letting us geek out about AD and red teaming :)

    2 replies 4 retweets 41 likes
  17. Retweeted
    Oct 12

    Empire v2.2 is out! Short blog post from on some of the changes in versions 2.1 and 2.2

    2 replies 186 retweets 233 likes
  18. Retweeted
    Oct 10

    Announcing 1.4 - The Object Properties Update, including several improvements and new features:

    9 replies 121 retweets 166 likes
  19. Retweeted
    Oct 6

    Just wrote a blog post discussing my thoughts on Host-based Detection Techniques/Categories

    4 replies 145 retweets 227 likes
  20. Retweeted
    Oct 4

    Sometimes it helps to write the code to gain a better understanding (even if the code has already been written)

    2 retweets 4 likes
  21. Oct 4

    The worm that piqued my journey into infosec!

    2005: The Samy worm, the first self-propagating cross-site scripting worm, was released onto the-then-mega-popular MySpace by Samy Kamkar.
    1 like

@brian_psu hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·