Chris Nickerson

@indi303

Lares is a vendor agnostic firm providing penetration testing, app security & adversarial simulation services

Denver, CO
lares.com
Joined December 2008
401 Photos and videos Photos and videos

Tweets

You blocked @indi303

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @indi303

  1. Pinned Tweet
    Jul 27

    Lares is investing in this industry in ways I never could have imagined. As we brought full scope testing & high cadence adversarial simulation forward in the industry. Now its time to take AppSec to the next level!

    3 replies 20 retweets 51 likes
    Undo
  3. Aug 31

    Pro tip: if you don't want the red team to get in and help collaboratively fix detection / protection ... Go back to measuring your security effectiveness through vuln scanning. There is a big difference in being ready to DEFEND your network vs just protect it.

    4 replies 26 retweets 60 likes
    Undo
  4. Retweeted
    Aug 31

    PCredz. tool that extracts NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23) etc from a pcap file or from a live interface.

    76 retweets 158 likes
    Undo
  5. Retweeted
    Aug 30

    Not sure if a particular website/service allows 2FA? Quickly check on 👍

    2 replies 72 retweets 124 likes
    Undo
  6. Retweeted
    Aug 30

    Google’s in-house security key is now available to anyone who wants one - The Verge

    4 replies 21 retweets 32 likes
    Undo
  7. Retweeted
    Aug 25

    PRE-RELEASE of [ Tools] at (contains ATT&CK View + Relational data model for ATT&CK & STIX). Next milestone: the "integration" module for auto-detection of rules triggering ATT&CK Techniques under testing/emulation + decent documentation

    1 reply 211 retweets 391 likes
    Undo
  8. Retweeted
    Aug 30

    Set multiple registry values to all users HKCU profiles using PowerShell & Active Setup

    3 replies 14 retweets 21 likes
    Undo
  9. Retweeted
    Aug 29

    I wrote a quick guide on how to use NTLM hashes with 's Pwned Passwords. It also includes a solution for fast comparisons -

    5 replies 63 retweets 143 likes
    Undo
  10. Retweeted
    Aug 30

    (good slides): The Advanced Exploitation of 64-bit Edge Browser Use-After-Free Vulnerability on Windows 10:

    96 retweets 148 likes
    Undo
  11. Retweeted
    Aug 30

    Detailed information on domain fronting technique as used by APT29 when this hack was largely unknown.

    74 retweets 93 likes
    Undo
  12. Retweeted
    Aug 28

    [BLOG] Get-AzurePasswords: A Tool for Dumping Credentials from Azure Subscriptions Thanks , super handy!

    85 retweets 126 likes
    Undo
  13. Retweeted
    Aug 30

    Technical Advisory: Bypassing Workflows Protection Mechanisms - Remote Code Execution on SharePoint Written by:

    1 reply 248 retweets 384 likes
    Undo
  14. Retweeted
    Aug 29

    Invoke-TheHash updated: Invoke-SMBEnum added for User, Group, Share, and NetSession enumeration. SMB functions prepped for upcoming Inveigh Relay session integration. SMB signing checks. Improved Defender compatibility.

    1 reply 166 retweets 254 likes
    Undo
  15. Aug 28

    Late night twitter thought. I know powershell is all the coolness, but don't forget xcopy is badass, doesn't spike proc, supports resume and error checking, and works from pc-dos to modern windows.

    4 replies 6 retweets 63 likes
    Undo
  16. Retweeted
    Aug 27

    We’ve got a great lineup of webinar speakers this Fall. Register now for our Fall eLearning webinars with experts: , , and . Register today:

    3 retweets 1 like
    Undo
  17. Retweeted
    Aug 26

    SharpShooter - Payload Generation Framework

    47 retweets 79 likes
    Undo
  18. Retweeted
    Aug 26

    {blog} Stealing Certificates with Apostille by -

    2 replies 43 retweets 70 likes
    Undo
  19. Retweeted
    Aug 26

    Windows oneliners to download remote payload and execute arbitrary code

    78 retweets 176 likes
    Undo
  20. Retweeted
    Aug 26

    Invoke-WMILM. PoC script for various methods to acheive authenticated remote code execution via WMI, without (at least directly) using the Win32_Process class

    49 retweets 89 likes
    Undo
  21. Retweeted
    Aug 26

    15 Ways to Bypass the PowerShell Execution Policy

    1 reply 65 retweets 117 likes
    Undo

@indi303 hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·