Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @drshellface
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @drshellface
-
Prikvačeni tweet
Check out the “Orca” network recon tool that we released at
@defcon@ReconVillage: https://github.com/digitalshadows/orca … it’s a targeted OSINT tool for performing asset discovery against an organization. Example walkthrough on the Github wiki! Blog post here:https://www.digitalshadows.com/blog-and-research/recon-village-panning-for-gold/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Lots of good resources in the comments here for the aspiring exploit dev. My favourites are:
@sambowne's Sam's Class https://exploit.education/ which has Phoenix (the new version of Protostar) https://ropemporium.com/ for purely ROP-focused exploitation All for free too! :-)https://twitter.com/sylv3on_/status/1224096649347321857 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
Want to see how the
@Mandiant red team weaponizes@FireEye threat intel for R&D and TTP development? Check out some research I did with@evan_pena2003 and@FuzzySec. Also includes some new executables that can be used for DLL abuse.https://www.fireeye.com/blog/threat-research/2020/01/abusing-dll-misconfigurations.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
@FireEye stat: 80% of enterprise tools run in the default configuration.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Secure defaults is one of the very few ways that security actually gets better.https://twitter.com/haroonmeer/status/1223296697561993217 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
@irsdl’s first post is a writeup for an RCE in SharePoint https://www.mdsec.co.uk/2020/01/code-injection-in-workflows-leading-to-sharepoint-rce-cve-2020-0646/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
To delve more into the attack and potential lessons learned,
@TechRepublic chatted with@drshellface.https://www.techrepublic.com/article/how-to-avoid-the-mistakes-made-in-the-un-data-breach/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
Good news — since China stole the IP of F-35 for their J-31 it means their software is crap too. NSA can just patch diff between the current builds and the stolen builds and they’ll have hundreds of 1day exploits! China’s industrial espionage is a vulnerability!!
https://twitter.com/bentaub91/status/1222892098891980800 …Tweet je nedostupan.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
I took my 8-year-old to the office on Take Your Child to Work Day. As we were walking around, she starting crying & getting very cranky, so I asked her what was wrong. As my coworkers gathered round, she sobbed, 'Daddy, where are all the clowns that you said you worked with?'
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
Google loves security keys, and today announced an open source implementation to help spur further innovation from the security research community 1/ https://security.googleblog.com/2020/01/say-hello-to-opensk-fully-open-source.html ….
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This makes me worried as a Red Teamer and delighted as a Blue Teamer! :)https://twitter.com/SpecterOps/status/1222957690873425923 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Richard Gold proslijedio/la je Tweet
VECTR update was just released version 5.4 is out! Thank you
@secrisk SANS#SEC564 has a lab for APT33 and this version makes it even easier to map already tested TTPs to adveraries!https://github.com/SecurityRiskAdvisors/VECTR/blob/master/media/VECTR%20v5_4%20Feature%20Breakdown.pdf …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
Great, now skidz and APT alike are going to be able to freeload off of more OffSec tooling to create amazing documentation and report-outs.https://twitter.com/cmaddalena/status/1222631120593965058 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
Couple of rough notes on .NET stuff. Avoiding defender + manually patching AMSI to retain Assembly.Load() functionality =)https://operat-or.gitbook.io/notes/fixing-some-.net-tradecraft …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
Vladimir Metnew (@vladimir_metnew) of@Grammarly will be presenting, "File Quarantine Handling in macOS Apps" ...after exploring `file quarantine` internals he'll discuss remote exploitation of popular 3rd-party apps that fail to leverage this security mechanism!

#OBTSPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
For the past few months, I've been diving into Apple's Endpoint Security Framework. This post shares how I use the framework for detection engineering purposes. https://posts.specterops.io/detection-engineering-using-apples-endpoint-security-framework-affdbcb18b02 …pic.twitter.com/PEpNy4v7jV
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
My coworker just shared the best thing: Oh Shit, Git!?! https://ohshitgit.com/
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
This is indeed interesting and worthwhile, but note these are all static *technical and tool defenses*. It’s important to develop and implement tactical, operational, and strategic *programs*, all of which require people and process, because the adversary is smart and adaptive.https://twitter.com/eric_capuano/status/1222539899271893002 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
Breaking: German gov't says it is in possession of intelligence that proves that Huawei cooperates with Chinese state security organshttps://app.handelsblatt.com/politik/deutschland/5g-debatte-smoking-gun-bundesregierung-hat-beweise-gegen-huawei/25484764.html?share=twitter …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Richard Gold proslijedio/la je Tweet
The STATE vs NATION-STATE distinction is not a quirk of style, which seems to have been lost on a lot of folks…https://twitter.com/pinboard/status/1032660083413417990?s=21 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

- Studying x86 Assembly(It has been a bit tedious not gonna lie)
Sometimes I feel stupid lol
- Reading more about Reverse Engineering. It's a topic I always liked but was scared to get more into.
Does anyone have any Binary Exploitation exercises?