Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @brucedang
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @brucedang
-
Bruce Dang proslijedio/la je Tweet
So I can honestly say that the
@brucedang and@standa_t Hypervisor training is worth every penny. Seriously - It is awesome. If you have a chance to go, absolutely do it.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Motivated by a question from a friend and his coworker, I wrote a blog about HyperV and exit dispatching. See https://gracefulbits.com/2019/03/25/some-notes-on-identifying-exit-and-hypercall-handlers-in-hyperv/ … cc
@AmarSaar@gerhart_x@d_olex Also,@standa_t and I are offering a course on hypervisor development! Seehttps://gracefulbits.regfox.com/designing-and-implementing-a-hypervisor-for-security-analysis …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
@brucedang has a really great rootkits training!Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
@brucedang’s course is one of the best I’ve had the chance to attend.https://twitter.com/jayendra363/status/1088955799496519680 …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
If you want to venture into kernel development
@brucedang ‘s course is the the best out there..Don’t think twice, enroll..Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
When rest of the Twitter world was engulfed in drama about what is/was wrong with
#infosec in terms of gender,race etc etc, I was learning some serious shit from the expert himself@brucedang ..It was a humbling experience in terms of what I learned but also how humble he was..Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
There are many reasons to read Windows Internals end-to-end, but the most exciting one is attending
@brucedang's Windows Kernel Rootkits training in@offensive_con, one month from today. And I even get to be in the con with@dana_baril
Thank you @Blackhoodie_RE so much!pic.twitter.com/SyWcHmKzdf
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
My new blogpost: WoW64 internals - from the kernel initialization, through turbo thunks, "WoW64 functions", xtajit, CHPE, ... all the way to "Heaven's Gate" on ARM. https://wbenny.github.io/2018/11/04/wow64-internals.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
Day 2 took a little longer than expected. I hope you enjoy the article. Thanks for sticking with me.https://revers.engineering/day-2-entering-vmx-operation/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
[BLOG] Playing with the Windows Notification Facility (WNF) https://blog.quarkslab.com/playing-with-the-windows-notification-facility-wnf.html … cc
@pwissenlit@aionescu@brucedangHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
Windows Kernel Rootkits: Techniques and Analysis by
@brucedang https://www.offensivecon.org/trainings/2019/windows-kernel-rootkits-techniques-and-analysis.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
I've now open sourced my latest hypervisor written in C. https://github.com/gamozolabs/falkervisor_grilled_cheese … . See it in action https://www.youtube.com/watch?v=AqFMSI8e9Qo … ! This is what I demoed to
@brucedang way back at Recon 2016 and he thought it was pretty cool, so it must be.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
tbh, I didn't want to publish it, but since someone is pushing me out of my comfort zone (meh! :P), you will probably have some news from me in the following days. :-^ Meanwhile,
@barbieauglend and I wrote a massive "thank you" post for@brucedang here: https://www.blackhoodie.re/Recon_mtl/ https://twitter.com/aionescu/status/1034739533626187776 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I am offering a public session of my Windows Kernel Rootkits class in January 2019 in Laurel, Maryland (JHU-APL campus). Last year we analyzed and implemented some of Equation Group's kernel implants; maybe we will do another group this year. More info athttps://gracefulbits.regfox.com/windows-kernel-rootkits-training …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
If you ever wanted to diff any structure or list of functions from NTDLL/NTOSKRNL/HAL across any Windows version (XP - 19H1), now you can: https://ntdiff.github.io/ Note keywords "ALL", "ALL_SORTED" and "ALL_FUNCTIONS", but prepare for one huge browser hiccup.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
Blog Post: Arbitrary, Unsigned Code Execution Vector in Microsoft.Workflow.Compiler.exe https://posts.specterops.io/arbitrary-unsigned-code-execution-vector-in-microsoft-workflow-compiler-exe-3d9294bc5efb … Bypasses all forms of whitelisting, circumvents Win 10S, and is unlikely to ever be used in your environment, hence, it should be trivial to detect.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
I hope I'm not too late to the party, but here's my take at hypervisors - meet hvpp, the simple x64/VT-x hypervisor for Windows. https://github.com/wbenny/hvpp Repo includes example which shows CPUID interception and hiding of user-mode hooks via EPT.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
Just published a new article detailing a method allowing circumvention of integrity checks and the ability to supersede driver altitude limits in the kernel:https://revers.engineering/superseding-driver-altitude-checks-on-windows/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Bruce Dang proslijedio/la je Tweet
Was just talking to
@subTee about our mutual respect for@brucedang's teaching style of only teaching enough to empower students to discover solutions on their own. A good instructor teaches methodology. A good student takes good notes and doesn't expect to be spoon-fed knowledgeHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ever wonder what process is using your microphone? I just wrote short entry on how to do this with WNF from a kernel-mode driver. https://gracefulbits.com/2018/08/13/find-which-process-is-using-the-microphone-from-a-kernel-mode-driver/ …. cc
@real_redp@aionescu@pwissenlitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.