Will Burgess

@joehowwolf

Ex-theoretical physicist, currently terrible hacker and wannabe security researcher. Views are, regrettably, my own. Research + dev + windbg

Vrijeme pridruživanja: rujan 2014.

Tweetovi

Blokirali ste korisnika/cu @joehowwolf

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @joehowwolf

  1. Prikvačeni tweet
    5. srp 2019.

    My talk from WWHF in case you missed me spamming it the first time :p

    Poništi
  2. proslijedio/la je Tweet
    2. velj

    The full set of my 2019 graduate-level computer architecture course lectures at ETH Zurich is online, along with all lecture videos, slides, and course materials: Course schedule: Youtube playlist: First…

    Poništi
  3. proslijedio/la je Tweet
    1. velj

    "You have power over your mind - not outside events. Realize this, and you will find strength. When you arise in the morning, think of what a precious privilege it is to be alive - to breathe, to think, to enjoy, to love" --- Marcus Aurelius

    Poništi
  4. proslijedio/la je Tweet
    31. sij

    Want to see how the red team weaponizes threat intel for R&D and TTP development? Check out some research I did with and . Also includes some new executables that can be used for DLL abuse.

    Poništi
  5. proslijedio/la je Tweet
    31. sij

    Awesome work finding an RCE in SharePoint by which also affected SharePoint Online

    Poništi
  6. proslijedio/la je Tweet
    31. sij

    Yearly reminder that by is awesome sauce 👌

    Poništi
  7. proslijedio/la je Tweet
    30. sij

    Just published a follow-up to my Adobe Reader symbols story on the Project Zero blog. Turns out there's even more debug metadata to be found in some old (and new) builds, including private CoolType symbols. Enjoy!

    Poništi
  8. proslijedio/la je Tweet
    30. sij

    in-memory traces of ppldump, exploiting zam64.sys vulndriver to dump lsass memory, cool stuff. sysmon will show a generic\noisy calltrace so detection chances here are low, if combined with lsass loading dbgcore.dll it may work.

    Poništi
  9. proslijedio/la je Tweet
    30. sij

    Ever wanted to take a peek at the mimikatz sekurlsa::msv internals? New blog post is all about it plus, it also showcases PyKDumper, a tool that dumps LSASS credentials through WinDBG/PyKD.

    Poništi
  10. proslijedio/la je Tweet
    30. sij

    Breaking: German government says it has proof that water is wet, the Pope is Catholic, and video confirmation of where bears shit. News, at 11

    Poništi
  11. proslijedio/la je Tweet
    29. sij

    And now, I present your obligatory closeup view of today’s Falcon 9 launch of 60 Starlink satellites. Flight after flight, these Merlin 1D engines never fail to put on a spectacular show.

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    30. sij

    A quick post on why you shouldn't use SYSTEM Tokens when you sandbox a process. Part 1 of N (where I haven't decided how big N is).

    Poništi
  13. 29. sij
    Poništi
  14. proslijedio/la je Tweet
    29. sij

    discovery of the day: you can apply structure offsets to a selection of code 🤯 select code range, press T, select your structure, be amazed

    Poništi
  15. proslijedio/la je Tweet
    29. sij

    1\ I've written a little compiler to ship ML models as standalone Yara rules, and done proof of concept detectors for Macho-O, RTF files, and powershell scripts. So far I have decision trees, random forests, and logistic regression (LR) working.

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    28. sij
    Poništi
  17. proslijedio/la je Tweet
    28. sij

    PInjectra’s Stack Bombing Process Injection example was only the beginning. I wrote a practical implementation of it that performs process migration using shared Memory, self-loading/linking DLLs, and an RWX ROP chain. Also included: a detection for it

    Poništi
  18. 28. sij

    Venus and the moon tonight:

    Poništi
  19. proslijedio/la je Tweet
    28. sij

    x86-manpages : x86 and amd64 instruction reference manual pages : cc x86 and amd64 instruction reference : (Last updated 2019-05-30)

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·