Vylegzhanin Daniel

@jfmeee

Vrijeme pridruživanja: lipanj 2016.
2 fotografije ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @jfmeee

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @jfmeee

  1. proslijedio/la je Tweet
    2. velj

    Now this, people, is what an actual damn LoLBin looks like. A trusted application that can be used to download and/or kick off execution of code of an attacker's choosing **in a way that is undocumented or nearly unknown.** Not just new or unpopular-ish. Good job. 👏

    SettingSyncHost.exe as a LolBin cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foo
    14 proslijeđenih tweetova 35 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    31. sij

    Wrote a post on how to use GadgetToJScript with Covenant & Donut Thanks to for the answering my queries and helping me while exploring tool 🙏

    47 proslijeđenih tweetova 82 korisnika označavaju da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    31. sij

    ’s first post is a writeup for an RCE in SharePoint

    1 reply 51 proslijeđeni tweet 76 korisnika označava da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    30. sij

    And now with have with some knowledge on popping Firefox

    2 proslijeđena tweeta 4 korisnika označavaju da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    26. sij

    Some study notes on LSASS hooking for harvesting interactive logon credentials. Thanks to for his inspiring posts about mimikatz.

    5 replies 175 proslijeđenih tweetova 406 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    23. sij

    v2 is out 🔥 🔸Dump credentials on multiple hosts 🔸New dumping method using () thanks to 🤗 🔸Can be used as a in other python project 🔸Fully documented wiki ! Needs some testing, open issues if need be 🙃

    110 proslijeđenih tweetova 251 korisnik označava da mu se sviđa
    Poništi
  7. proslijedio/la je Tweet
    22. sij

    New from - Revisiting Remote Desktop Lateral Movement This post discusses RDP lateral movement by leveraging mstscax.dll. Steven also is releasing SharpRDP with corresponding detection guidance for this attack technique. Post:

    98 proslijeđenih tweetova 220 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    20. sij

    Suggest you to take a look at this attempt to put several infosec projects together: WebDav, .NET injection, Obfuscation, C&C.. Direct shout-out to for your awesome work, w/ many others rocking 🔥

    90 proslijeđenih tweetova 220 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    16. sij

    Updated PoC to include the root trusted CA "Microsoft ECC Product Root Certificate Authority 2018" Also included a signed and unsigned 7z.exe for you to test out. Please only use for research and education.

    138 proslijeđenih tweetova 284 korisnika označavaju da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    13. sij

    Released a little tool to perform lateral movement that hide the command you are executing by registering a protocol handler. The protocol handler is executed over WMI by simply running start customhandler:// ❤

    1 reply 236 proslijeđenih tweetova 533 korisnika označavaju da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    10. sij

    Just published a new blogpost with more details about the Citrix ADC Remote Command Execution.

    Deep Dive to Citrix ADC Remote Code Execution, CVE-2019-19781, new blog post By
    29 proslijeđenih tweetova 59 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    9. sij

    Spray-AD, a new Kerberos password spraying tool for Cobalt Strike that might come in handy when assessing Active Directory environments for weak passwords (generates event IDs 4771 instead of 4625).

    248 proslijeđenih tweetova 469 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    8. sij

    Maybe will be useful to someone at some point: Pulling Web Application Password by Hooking HTML Input Field

    31 proslijeđeni tweet 91 korisnik označava da mu se sviđa
    Poništi
  14. proslijedio/la je Tweet
    5. sij

    Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware - by

    9 proslijeđenih tweetova 9 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    4. sij

    I've recently been fuzzing the PHP interpreter, and took a UaF bug all the way from crashing-sample to weaponized code execution. Here is the first of several blog posts I plan to write about the process.

    8 replies 200 proslijeđenih tweetova 538 korisnika označava da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    17. pro 2019.

    New blog post outlining how to use my .NET RPC Client tooling from PowerShell and C# to test and exploit local RPC security vulnerabilities. Also an early xmas present for those who enjoy long standing design flaws in UAC :-)

    1 reply 230 proslijeđenih tweetova 395 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    13. pro 2019.

    My Black Hat USA talk with “Attacking & Defending the Microsoft Cloud (Azure AD & Office 365)” is now on YouTube: Slides here:

    i
    170 proslijeđenih tweetova 319 korisnika označava da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    11. pro 2019.

    Attackers sharpen the saw too. See this post on how phishers 🎣are returning tailored AAD login pages for victims🎭, tricking defenders with custom 404 pages👀, and abusing Google's "I'm feeling lucky" feature with SEO techniques 💉

    85 proslijeđenih tweetova 182 korisnika označavaju da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    10. pro 2019.

    Introducing SysWhispers, a tool that helps with AV/EDR evasion by using direct system calls to bypass user-mode API hooks. It works by generating header/ASM pairs supporting all core syscalls from Windows XP to 10. Check it out here with examples:

    10 replies 397 proslijeđenih tweetova 755 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    9. pro 2019.

    I decided to create a tutorial called "Reversing Windows Internals" and explain about Windows Internals. The first part describes about Handles, Callbacks and Hidden Callbacks and ObjectTypes in Windows Thanks to for answering my questions.

    18 replies 530 proslijeđenih tweetova 1.150 korisnika označava da im se sviđa
    Poništi

@jfmeee još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·