Tweets

You blocked @gentilkiwi

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @gentilkiwi

  1. Dec 20

    A... LUA VM... using JWT... inside of a IUM Trustlet/VSM Enclave... using COM... to talk to a broker... that sends IOCTLs... to get undocumented kernel data structure offsets... by string. The day has come. I truly have seen it all. I can't take anymore.

  2. Dec 20

    Congrats to for making it into the Octagon LUA Hall of Fame.

  3. Dec 20

    The picture of on website is just hillarious. Everyone: "Weeee!!! Buddy, life is goood. *smile*" Benjamin: "I am the one who knocks!!"

  4. Dec 20

    Believe it or not, but back in the 90s, we had to fiddle with all kinds of different connectors to hook up peripherals to our machines... PS/2, Centronics, RS232C, oh my! Of course today, thanks to the wonders of standardization, it's a thing of the past.

  5. other time, other tools! I really liked 2000-2010🙃

    Show this thread
  6. Did you know can patch RDP server to allow multiple simultaneous sessions, workstations or servers? 🙃 (because some people do not like the command line 😉)

  7. Dec 20

    If you ❤️ (who doesn't? ) & Active Directory security, you will ❤️'s talk next month. With his special guest, , they are going to expose a new attack feature in , dubbed "DCShadow"

  8. Dec 20

    Ars Technica's is one of the most technically knowledgeable reporters I know. Now he's being sued by Keeper Security for writing up a report of Keeper's software vulnerabilities made by a Google researcher. This is gross, litigious bullying.

  9. Dec 20

    The wait is over! Registration for 2018 is now open. Places are limited so register today!

  10. Dec 20

    It's official, I'll present with as guest the new DCShadow attack (how to transform a workstation into a DC) at Wednesday, Jan 24 | 12:45-13:30 PM, Tel Aviv

  11. event log patch is not new (2011): Not related with recent NSA tools, or *Zap with event id "hidding",etc. It's a patch preventing new events in the EventLog service. This version add 10 1709 support

    Show this thread
  12. What if you can avoid all events ? Even the one saying you cleared all events ? 🙃

  13. Dec 18

    Useful languages for hackers: 🇷🇺 Russian: for APT attribution 🇨🇳 Chinese: see above, also Chinese hacker forums are next level 🇫🇷 French: so you can be the first to read 's blog posts and know the latest about mimikatz before your anglophone peers

  14. Despite the good architecture behind VBS, all of that is possible because : - users don't type their passwords in secure world (!); - firsts LSA operations start in LSASS context (normal world), not LSAISO (secure world). (it was in slides from a long time, just before the Blob)

    Show this thread
  15. Show this thread
  16. Do you know how to get cleartext passwords of users, at logon, in a Windows 10? Especially with Credential Guard enabled? - It's easy as an Authentication Package (mimilib) or a piece of code injected...

    Show this thread
  17. Just uploaded a new update featuring mimidrv for Windows 10 version 1709, x64 included.

  18. Dec 14

    We've hidden golden Kerberos tickets in five randomly selected chocolate bars and shipped them throughout the world. The lucky winners are invited to visit our candy factory's IT department as domain admins.

  19. Dec 14

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·