Chris Nickerson

@indi303

Lares is a vendor agnostic firm providing penetration testing, app security & adversarial simulation services

Joined December 2008

Tweets

You blocked @indi303

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @indi303

  1. Pinned Tweet
    Jul 27

    Lares is investing in this industry in ways I never could have imagined. As we brought full scope testing & high cadence adversarial simulation forward in the industry. Now its time to take AppSec to the next level!

    Undo
  2. Aug 31

    Pro tip: if you don't want the red team to get in and help collaboratively fix detection / protection ... Go back to measuring your security effectiveness through vuln scanning. There is a big difference in being ready to DEFEND your network vs just protect it.

    Undo
  3. Retweeted
    Aug 31

    PCredz. tool that extracts NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23) etc from a pcap file or from a live interface.

    Undo
  4. Retweeted
    Aug 30

    Not sure if a particular website/service allows 2FA? Quickly check on 👍

    Undo
  5. Retweeted

    Google’s in-house security key is now available to anyone who wants one - The Verge

    Undo
  6. Retweeted
    Aug 25

    PRE-RELEASE of [ Tools] at (contains ATT&CK View + Relational data model for ATT&CK & STIX). Next milestone: the "integration" module for auto-detection of rules triggering ATT&CK Techniques under testing/emulation + decent documentation

    Undo
  7. Retweeted
    Aug 30

    Set multiple registry values to all users HKCU profiles using PowerShell & Active Setup

    Undo
  8. Retweeted
    Aug 29

    I wrote a quick guide on how to use NTLM hashes with 's Pwned Passwords. It also includes a solution for fast comparisons -

    Undo
  9. Retweeted
    Aug 30
    Undo
  10. Retweeted
    Aug 30

    Detailed information on domain fronting technique as used by APT29 when this hack was largely unknown.

    Undo
  11. Retweeted
    Aug 28

    [BLOG] Get-AzurePasswords: A Tool for Dumping Credentials from Azure Subscriptions Thanks , super handy!

    Undo
  12. Retweeted

    Technical Advisory: Bypassing Workflows Protection Mechanisms - Remote Code Execution on SharePoint Written by:

    Undo
  13. Retweeted
    Aug 29

    Invoke-TheHash updated: Invoke-SMBEnum added for User, Group, Share, and NetSession enumeration. SMB functions prepped for upcoming Inveigh Relay session integration. SMB signing checks. Improved Defender compatibility.

    Undo
  14. Aug 28

    Late night twitter thought. I know powershell is all the coolness, but don't forget xcopy is badass, doesn't spike proc, supports resume and error checking, and works from pc-dos to modern windows.

    Undo
  15. Retweeted
    Aug 27

    We’ve got a great lineup of webinar speakers this Fall. Register now for our Fall eLearning webinars with experts: , , and . Register today:

    Undo
  16. Retweeted
    Aug 26
    Undo
  17. Retweeted
    Aug 26
    Undo
  18. Retweeted
    Aug 26
    Undo
  19. Retweeted
    Aug 26

    Invoke-WMILM. PoC script for various methods to acheive authenticated remote code execution via WMI, without (at least directly) using the Win32_Process class

    Undo
  20. Retweeted
    Aug 26
    Undo

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·