Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @enigma0x3
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @enigma0x3
-
Pinned Tweet
[Blog] Lateral Movement using Excel.Application and DCOMhttps://posts.specterops.io/lateral-movement-using-excel-application-and-dcom-enigma0x3-on-wordpress-com-d11d56e504dc …
Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
Another instance where
@mattifestation encourages us to rethink our views on digital signature validation.https://posts.specterops.io/code-signing-certificate-cloning-attacks-and-defenses-6f98657fc6ec …Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
How sure are you that "(Verified) Microsoft Windows" refers to a program that actually originates from Microsoft? Code Signing Certificate Cloning Attacks and Defenseshttps://posts.specterops.io/code-signing-certificate-cloning-attacks-and-defenses-6f98657fc6ec …
Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
UPDATE: If you clean install RS4+ and have compatible hardware VBS/HVCI is now automatically enabled!! This means the Windows kernel now enforces by default: Kernel code integrity, runtime ACG, and control flow integrity via VBS. Huge for Windows security. Checkout WIP builds!https://twitter.com/dwizzzleMSFT/status/935657242413510656 …
Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
[Get-Doppelgangers] - Powershell script to detect process and dll doppelganging https://gist.github.com/dezhub/6d2a3ced01aaf081da841f4761455c5f … thx
@hasherezade for the poc!Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
Did you know
#mimikatz can patch RDP server to allow multiple simultaneous sessions, workstations or servers?
https://github.com/gentilkiwi/mimikatz/releases …
(because some people do not like the command line
)pic.twitter.com/XmqMthOXc1Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
Easy. Try to become an expert at something and blog about your experience and demonstrate how what you learned has real-world applicability. But mainly what I look for in junior people is drive, passion, and proof of attempts to tackle challenges.
Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
I often get asked, "How do I get started in malware RE?" Quite a while ago I was working on some tutorials until I saw these by
@malwareunicorn https://securedorg.github.io/RE101/ https://securedorg.github.io/RE102/ Just read those for a solid start.Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
We've open sourced our framework for developing alerting and detection strategies for incident response. We have also included several internal strategies as examples to spur greater sharing and collaboration with defenders.https://medium.com/@palantir/alerting-and-detection-strategy-framework-52dc33722df2 …
Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
Do you know how to get cleartext passwords of users, at logon, in a Windows 10? Especially with Credential Guard enabled?
#mimikatz - https://github.com/gentilkiwi/mimikatz/releases … It's easy as an Authentication Package (mimilib) or a piece of code injected...pic.twitter.com/JvVpATgUpqShow this threadThanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
Project Zero blog: "aPAColypse now: Exploiting Windows 10 in a Local Network with WPAD/PAC and JScript" by
@ifsecure,@halvarflake,@tiraniddo and@bool101 - https://googleprojectzero.blogspot.com/2017/12/apacolypse-now-exploiting-windows-10-in_18.html …Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
How to reverse engineer without knowing how to reverse engineer: http://1.Open IDA pro 2. Hit shift+f12 for the strings view 3. Choose an interesting string 4. Hit x and go over the xrefs 5. You are now earning at least $140K a year. Bonus: say that you can code html
Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
Facebook Security is proud to announce that we are offering a free twelve-week hands-on course for veterans who desire to get into cybersecurity. Please make sure to apply by January 16th! http://fbcodepath.splashthat.com
Show this threadThanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson RetweetedThanks. Twitter will use this to make your timeline better. Undo
-
Matt Nelson Retweeted
Are you really ready for
#ThreatHunting? What does your data look like? Data Availability != Data Quality@SpecterOps@MITREattackhttps://posts.specterops.io/ready-to-hunt-first-show-me-your-data-a642c6b170d6 …Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson Retweeted
Everybody needs to read
@HaifeiLi's presentation on OLE: https://www.blackhat.com/docs/us-15/materials/us-15-Li-Attacking-Interoperability-An-OLE-Edition.pdf … The attack surface of MS Office is a factor of EVERY (COM-installing) application installed on your PC! It's like the early days of IE6 ActiveX all over again...Thanks. Twitter will use this to make your timeline better. Undo -
Thanks. Twitter will use this to make your timeline better. Undo
-
Matt Nelson Retweeted
A Word DDE defense in depth change for you - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV170021 …. Disables auto-update for any linked fields, including DDE.
Thanks. Twitter will use this to make your timeline better. Undo -
Matt Nelson RetweetedThanks. Twitter will use this to make your timeline better. Undo
-
Sure enough, "aaResources.dll" (and aaLoader.dll) are signed by "Amazon Services LLC" on 10/4/2017. Weirdest use of an HTA I have seen. ¯\_(ツ)_/¯¯
Show this threadThanks. Twitter will use this to make your timeline better. Undo -
Thanks. Twitter will use this to make your timeline better. Undo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.