Cody Thomas

@its_a_feature_

red | blue | purple | tool development | oscp | generally curious security researcher | Apfell Developer (…) |

Vrijeme pridruživanja: srpanj 2016.

Tweetovi

Blokirali ste korisnika/cu @its_a_feature_

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @its_a_feature_

  1. Prikvačeni tweet
    14. stu 2019.

    Stealing Tickets from MacOS: How Kirby traverses Heimdal's Bifrost to cross from Darwin to Windows Kerberos Authentication. Blog: Tool:

    Poništi
  2. proslijedio/la je Tweet
    31. sij

    Pushed a new Rubeus release after getting some additional feedback from our most recent AT:RTO students. The full changes are detailed here . To highlight a few new features- "/nowrap" globally prevents base64 blobs from line-wrapping, (1/4)

    Prikaži ovu nit
    Poništi
  3. 29. sij

    Super stoked to have the opportunity to present here again! This is live streamed, I will be releasing the slides afterwards, and there will be a tool update to accommodate the new capabilities. I can’t wait!

    Poništi
  4. proslijedio/la je Tweet
    27. sij

    Move Faster, Stay Longer blog about extending CS and tools to go with it.

    Poništi
  5. proslijedio/la je Tweet
    22. sij

    Revisiting RDP lateral movement and releasing a project that will be part of a bigger tool coming next week

    Poništi
  6. 4. sij

    Will is amazingly smart and more humble than I could ever imagine. I know I bug him with questions ALL the time and he somehow still tolerates me 😂. This is a great way to start the new year and decade - be the positivity and change you want to see

    Poništi
  7. proslijedio/la je Tweet
    9. pro 2019.

    “The value of an idea not communicated cannot be measured. The value of an idea communicated is always non-zero.” - Pursue that idea/project you've been holding off and write about it! I'm sure someone besides you will find it useful.

    Poništi
  8. proslijedio/la je Tweet
    3. pro 2019.

    🔥👾 (finally) a macOS implant that support direct in-memory execution of remote payloads! New blog post: "Lazarus Group Goes 'Fileless' H/T

    Poništi
  9. 29. stu 2019.

    When you vacation, do it right. About to see in Dallas for my first ever musical. Definitely a better way to spend Black Friday than stuck in a cold line at 5am

    Poništi
  10. proslijedio/la je Tweet
    25. stu 2019.

    Today I was able to release the first post of a series of blog posts about attacking FreeIPA, an open source alternative to Windows Active Directory inside of unix environments. This post covers authentication, and situational awareness.

    Poništi
  11. proslijedio/la je Tweet
    14. stu 2019.

    "When Kirbi walks the Bifrost" In this post, talks about Active Directory attacks leveraging a MacOS AD joined endpoint. Check it out:

    Poništi
  12. 5. stu 2019.

    So this poll ended about how I expected, but still very interesting to see how often people are actually encountering AD joined macOS endpoints.

    Poništi
  13. 30. lis 2019.

    What’s the percentage of red teaming or pen testing environments you’ve been in that have AD joined Mac machines? If you have a specific number you can call out, even better!

    Poništi
  14. proslijedio/la je Tweet
    18. lis 2019.

    Actual footage before passing a .kirbi ticket

    Poništi
  15. 10. lis 2019.

    Heads up for the people at Texas Cyber Summit planning on going to the or ( ) workshops - you have to register first with a QR code or via the website or they won’t let you through the door.

    Poništi
  16. proslijedio/la je Tweet
    20. ruj 2019.

    Myself and will be holding a pair of “Alternative C2 Framework” workshops (Texas Cyber Summit) focusing on power usage of Apfell and Covenant! Come learn about Apfell on Oct 11th: Covenant on Oct 12th:

    Poništi
  17. proslijedio/la je Tweet
    5. ruj 2019.

    Can we, the offensive security industry, agree to standardize on certain terms for their various frameworks? It's gets a bit unnecessarily convoluted when "transports", "channels", and "interfaces", all refer to the exact same thing across frameworks.

    Poništi
  18. proslijedio/la je Tweet
    27. kol 2019.

    A straight forward, no-nonsense blog from on creating signed and notarized payloads for Mac using 's Apfell:

    Poništi
  19. 14. kol 2019.

    For all you open source developers out there, I wanted to share something that showed me. has a really cool open source program to empower developers with active projects by giving licensed versions of their software Check it out!

    Poništi
  20. proslijedio/la je Tweet
    14. kol 2019.

    Want to use Win32 API calls to get around some pesky command line logging? Not sure how to start or how this fits into some C# tooling? I've released a blog post today on interoperability and marshaling as an introduction

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·