⨈Һ𝘢ʈ ╤ћᘓ 𝔽ᵁʗꗪ 

@cynic_xer

Mimetically-programmed death machine. Quod gratis asseritur, gratis negatur.

404
Vrijeme pridruživanja: veljača 2016.

Tweetovi

Blokirali ste korisnika/cu @cynic_xer

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @cynic_xer

  1. Prikvačeni tweet
    Poništi
  2. proslijedio/la je Tweet
    5. velj

    Pass the Hash - from 12/2019: very well explained and worth to read to really understand this aspect!

    Poništi
  3. proslijedio/la je Tweet
    5. velj

    Just posted my talk "Keeping Windows Secure" touching on security assurance process and vuln research in Windows from 2019:

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    5. velj

    I had some fun exploiting LDAP this week. I'm far from an LDAP expert, so please, bear with me as I try to make some sense of how I went to went from what seemed to be near complete lockdown to owning the domain.

    Poništi
  5. proslijedio/la je Tweet
    5. velj

    Stay positive Lolbins... not! rundll32 advpack.dll, RegisterOCX calc.exe rundll32 advpack.dll, #12 calc.exe rundll32 advpack.dll, #+12 calc.exe rundll32 advpack.dll, #-4294967284 calc.exe

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    4. velj

    I don't think I ever would have found myself in the security world were it not for Doom and Quake – playing those games got me curious about computers and what they could be used for.

    Poništi
  7. proslijedio/la je Tweet
    4. velj

    Slides to my talk w/ ⁦⁩ are now available - incl links to references & resources (and my fav: “Puppy in - Muffin out” slide)

    Poništi
  8. proslijedio/la je Tweet
    5. velj
    Odgovor korisniku/ci

    LLMNR/NBTNS and IPv6 DHCP poisoning, MS17-010, Cisco Smart Install, default creds, GPP Passwords, Kerberoasting, open shares... Check out

    Poništi
  9. proslijedio/la je Tweet

    To the person who figured out my honeypot is a honeypot could you please stop putting the picture of Pooh bear with a jar of honey on it? Its like this person's life mission, I've blocked him on: - Client - IPs (now on Tor ffs) - The image (he just edits 1 pixel every time...)

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    3. velj

    Really glad to finally get a blogpost out about this. Hopefully this is useful and gives Red Teamers ideas on how to use the BYOI concept in their own payloads. If anyone is interested in a few more follow up posts about this will gladly oblige :)

    Poništi
  11. proslijedio/la je Tweet
    2. velj

    Fun fact: That job screening company that scans Twitter accounts for bad words has developers that commit plaintext passwords on GitHub. ... Maybe they're scanning the wrong website.

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    2. velj

    Finally released part 2 of my »Reversing with « series! In this video we reverse engineer some of the integrated decryption methods and see how we can easily analyze C++ code in Ghidra.

    Poništi
  13. proslijedio/la je Tweet
    2. velj
    Poništi
  14. proslijedio/la je Tweet
    1. velj

    For anyone wondering, yes it’s written in C# and yes I will be totally adding it as a SILENTTRINITY module if I can get the source code (a few changes need to be made in order for it to run in memory).

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    1. velj

    I just got a fancy idea to create strings in without using dangerous characters 😃 Inspired by challenge from .

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    1. velj

    Load encrypted PE from XML Attribute. MSBuild is still the best.😅 MSBuild sets Property then calls Execute. Use this example to decouple payloads & prove that all security products have a "Single File Bias". Decouple payloads to subvert detection.

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    1. velj

    is a C# utility to steal a user's password using a fake Windows logon screen. This password will then be validated and saved to disk. Useful in combination with 's execute-assembly command.

    Poništi
  18. proslijedio/la je Tweet
    1. velj
    Poništi
  19. proslijedio/la je Tweet
    1. velj

    For those of you using a NV GPU with Volta or Turing chipset, listen up! We hacked our way into the post-48k GPU shared memory region. This improved bcrypt cracking performance by an average of 25%. For instance a GTX2080Ti improved from 42116 H/s to 54770 H/s

    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    1. velj

    RE just retired from . As the creator of the box, I tried to bring phishing/macro obfuscation concepts to the initial access. The intended privescs were the WinRar ACE file exploit, and XXE in Ghidra. I'll show two unintended privescs too.

    Poništi
  21. proslijedio/la je Tweet
    31. sij
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·