Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @jack_halon
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @jack_halon
-
Jack Halon proslijedio/la je Tweet
Custom Signed Kernel Driver's Pretty cool
Without the need to enable TestSigning.
Sample Project:
https://github.com/HyperSine/Windows10-CustomKernelSigners …pic.twitter.com/opyM91m1HI
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
Last year,
@wvuuuuuuuuuuuuu researched and published a command-and-control module for SMB DOUBLEPULSAR. Since then, we've researched and reverse-engineered the RDP version of the implant. Today we're publishing that research and a module for it. Details:https://blog.rapid7.com/2020/02/04/doublepulsar-rce-2-an-rdp-story/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
My colleague
@sz_jynik just released a simple Yocto tutorial for Raspberry Pi's! It's a cool tutorial that shows you how to create custom-tailored embedded Linux "distributions" for your specific needs. Awesome for creating custom dropboxes!https://github.com/jynik/ready-set-yocto/blob/master/ready-set-yocto.md …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
Really glad to finally get a blogpost out about this. Hopefully this is useful and gives Red Teamers ideas on how to use the BYOI concept in their own payloads. If anyone is interested in a few more follow up posts about this will gladly oblige :)https://www.blackhillsinfosec.com/red-teamers-cookbook-byoi-bring-your-own-interpreter/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
As an ex Security Engineer, these are so true it hurts. Take note everyone! Some really good points here.https://twitter.com/jschauma/status/1220902743482814467 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
Wrote a post on how to use GadgetToJScript with Covenant & Donut https://3xpl01tc0d3r.blogspot.com/2020/02/gadgettojscript-covenant-donut.html …
#Covenant#Donut#GadgetToJScript#redteam#processinjection Thanks to@med0x2e for the answering my queries and helping me while exploring#GadgetToJScript tool
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
Want to see how the
@Mandiant red team weaponizes@FireEye threat intel for R&D and TTP development? Check out some research I did with@evan_pena2003 and@FuzzySec. Also includes some new executables that can be used for DLL abuse.https://www.fireeye.com/blog/threat-research/2020/01/abusing-dll-misconfigurations.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alright Twitter! You have spoken and I have listened! Seems people are more interested in a Video Series, so that's what I'll do! To get a better idea of what you'll want to me to focus on in the videos, I'll do a live AMA/Q&A Twitch Stream in a few weeks! So stay tuned

https://twitter.com/jack_halon/status/1221889754775592961 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
Qualys Security Advisory: LPE and RCE (CVE-2020-7247) in OpenSMTPD, OpenBSD's mail server. Erroneous logic in smtp_mailaddr() which validates user and domain. More details and PoC at: https://www.openwall.com/lists/oss-security/2020/01/28/3 … PS: "Did you ever play tic-tac-toe?"
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
[Educational] One of the best blog posts that I ever read about going from 0 to unauth RCE in f**king Mikrotik OS step by step:https://medium.com/@maxi./finding-and-exploiting-cve-2018-7445-f3103f163cc1 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZurehttps://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
A question to my readers and followers! Would you be interested in me starting a weekly stream/video series? Specifically focused around answering your questions, learning basic Red Teaming + Windows AD, coding, short tutorials, etc?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
If
@tiraniddo's DotnetToJScript is blocked on newer versions of Windows or if it gets flagged by AMSI, you can use Excel automation via a COM object as an alternative to execute shellcode from JScript or VBScript w/o touching disk. PoC for x86 & x64 here:https://github.com/outflanknl/Scripts/blob/master/ShellcodeToJScript.js …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
Ladies and gentlemen, I present you a working Remote Code Execution (RCE) exploit for the Remote Desktop Gateway (CVE-2020-0609 & CVE-2020-0610). Accidentally followed a few rabbit holes but got it to work! Time to write a blog post ;) Don't forget to patch!pic.twitter.com/FekupjS6qG
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet

(finally) a macOS implant that support direct in-memory execution of remote payloads!
New blog post: "Lazarus Group Goes 'Fileless'
https://objective-see.com/blog/blog_0x51.html …
H/T @dineshdina04Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
What do you get when you combine Excel, macros, and macOS? A launcher for the Apfell red team framework.
https://www.virustotal.com/gui/file/23d62c4e33d16a2831c93a4e4aeccf2eadfd861e25b5cdb29ec0505512595d70/detection …
https://www.virustotal.com/gui/file/8dee7c45ef514d2306891ec210e5af5cce170b144218b41edb95add48874f750/details …
By @its_a_feature_:
https://github.com/its-a-feature/Apfell …
https://its-a-feature.github.io/posts/2018/07/bare-bones-apfell-server-code-release/ …pic.twitter.com/vEDo8YIZbU
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
New article! Anti-virus Exploitation: Malwarebytes 4.0.4 - Protection Not Found - Hijacking Malwarebytes via COM IPChttps://0x00sec.org/t/anti-virus-exploitation-malwarebytes-4-0-4-protection-not-found-hijacking-malwarebytes-via-com-ipc/18766 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
As promised! New blog post for the
#HolidayHack challenge is out now! Took me a while, but it's done
Enjoy everyone!https://jhalon.github.io/sans-2019-holiday-hack-challenge/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jack Halon proslijedio/la je Tweet
Post-exploitation
#Friday tip: Do you know how to trivially & remotely hijack an#RDP session without prompt nor warning on user's side using#Microsoft signed binary (no patch/multi-session) ? qwinsta+mstsc shadowing is the answer ;) Details: https://github.com/kmkz/Pentesting/blob/master/Post-Exploitation-Cheat-Sheet …#Pentestingpic.twitter.com/wHVIYQo73A
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
As promised! New blog post for the
#HolidayHack challenge is out now! Took me a while, but it's done
Enjoy everyone!https://jhalon.github.io/sans-2019-holiday-hack-challenge/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.



: