Benjamin DelpyVerified account

@gentilkiwi

A kiwi coding mimikatz & kekeo github: Security Research & Development Tweets are my own and not the views of my employer

France
blog.gentilkiwi.com
Joined June 2011
1,487 Photos and videos Photos and videos

Tweets

You blocked @gentilkiwi

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @gentilkiwi

  1. Retweeted
    Apr 14

    Please remember: Port 445 is just ONE of the ports that may reach (CVE-2022-26809) on Windows. does Port 135 (and high port) or in some cases HTTP as well. Don't "close some ports" but "only open ports you need open".

    4 replies . 81 retweets 199 likes
    Undo
  2. Retweeted
    Apr 12

    That's one hell of a way of using the phrase "secure by default."

    7 replies . 8 retweets 37 likes
    Undo
  3. Apr 5

    A new attack is coming?

    10 replies . 7 retweets 67 likes
    Undo
  4. Mar 31

    Not naming , but not the first time I saw Windows Passwords passed to an user process... you know, "for Single Sign On"... despite Credential Guard 1/, all of $vendors are Microsoft Partners 2/, no need to be admin to have our own - malwares welcome!

    3 replies . 5 retweets 59 likes
    Undo
  5. Mar 28

    Your best security measure is to block Bing search. Or I missed something?

    New documents for the Okta breach: I have obtained copies of the Mandiant report detailing the embarrassing Sitel/SYKES breach timeline and the methodology of the LAPSUS$ group. 1/N
    Show this thread
    7 replies . 10 retweets 88 likes
    Undo
  6. Retweeted
    Mar 24

    the real hard problems in crypto are 1) key management and 2) endianness

    5 replies . 11 retweets 94 likes
    Undo
  7. Mar 21

    Video quality:

    2 retweets 5 likes
    Show this thread
    Show this thread
    Undo
  8. Mar 21

    Be careful on what servers your libssl clients/blackbox appliances are connecting to... Patch your appliances now against CVE-2022-0778, clients or servers ones.

    2 replies . 14 retweets 41 likes
    Show this thread
    Show this thread
    Undo
  9. Mar 20

    And as usual, video quality: - -

    1 reply . 2 retweets 16 likes
    Show this thread
    Show this thread
    Undo
  10. Mar 20

    With explicit TLS 1.2 to be able to see certificate on the network...

    1 reply . 1 retweet 19 likes
    Show this thread
    Show this thread
    Undo
  11. Mar 20

    Thanks to & , just played with CVE-2022-0778 against vulnerable (web) servers Just few tweaks, and ready to scan servers accepting certificates... 🫤 If it is not done yet: patch...

    5 replies . 113 retweets 349 likes
    Show this thread
    Show this thread
    Undo
  12. Mar 16

    Technically, they still stop 🥝

    *renames file to memekatz.exe* nice just bypassed EDR
    1 reply . 6 retweets 54 likes
    Undo
  13. Retweeted
    Mar 12

    ... not just files.. It will do files, spiffs files, emulator mem and if I get the mood, also a magic gen1 dump .. (cview)

    9 replies . 12 retweets 60 likes
    Show this thread
    Show this thread
    Undo
  14. Retweeted
    Mar 1

    Just learn that my GIDS smart card applet is distributed on Serbian Taxpayer card. It’s an app running on smart card to handle certificates (sc logon) Open source, native driver on Windows, supported by opensc, even available virtually on android phone.

    1 reply . 7 retweets 26 likes
    Undo
  15. Retweeted
    Feb 26

    If someone have a MIFARE Plus EV1 card. And a proxmark or phone w taginfo, can I get the UID and the signature data, please?

    1 reply . 4 retweets 4 likes
    Undo
  16. Retweeted
    Feb 24
    Replying to

    You probably enjoying fresh Windows 10 builds on your fancy brand new laptop but real networks built on the legacy shit

    2 replies . 2 retweets 29 likes
    Undo
  17. Feb 22

    *Not* thank you Device Manager :(

    2 replies . 6 retweets 44 likes
    Undo
  18. Retweeted
    Feb 15

    New version and related blog post (with multicolor arrows) out now! "Stealing and faking Azure AD device identities": Credits to /!

    13 replies . 194 retweets 430 likes
    Undo
  19. Feb 17

    I don't understand... Hotpatching is 2004, introduced with 2003 SP1, isn't it ? >

    Hotpatching is now GA via Azure Automanage for Windows Server - i.e for Windows Server 2022 Azure Edition. This means not rebooting your server every month for security updates, giving you a better uptime, quicker patching, & lowered attack timelines /1
    Show this thread
    3 replies . 1 retweet 18 likes
    Undo
  20. Retweeted
    Feb 16

    It's easy to backdoor a Windows box to log all passwords in plaintext when someone logs in. Great article on this by here with implementations from both and

    I wrote an article about an alternative way to get windows credentials: Thank you for your work, ! 😍
    1 reply . 11 retweets 50 likes
    Show this thread
    Show this thread
    Undo

@gentilkiwi hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·