joe vest

@joevest

part of the SpecterOps team, hacker, family man, Onewheel rider

specterops.io
Joined June 2009
21 Photos and videos Photos and videos

Tweets

You blocked @joevest

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @joevest

  1. Pinned Tweet
    Oct 9

    MetaTwin - Borrowing Microsoft Metadata and Digital Signatures to 'Hide' Binaries Thanks for SigThief

    2 replies 38 retweets 59 likes
  2. 16 hours ago

    Wow. That’s crazy.

    My little collection :) Hope to get bigger next year. Happy Holidays to all !!
    1 reply 2 likes
  3. Retweeted
    23 hours ago

    How sure are you that "(Verified) Microsoft Windows" refers to a program that actually originates from Microsoft? Code Signing Certificate Cloning Attacks and Defenses

    2 replies 193 retweets 330 likes
  4. Retweeted
    20 hours ago

    Another instance where encourages us to rethink our views on digital signature validation.

    93 retweets 157 likes
  5. Retweeted
    Dec 20

    Ars Technica's is one of the most technically knowledgeable reporters I know. Now he's being sued by Keeper Security for writing up a report of Keeper's software vulnerabilities made by a Google researcher. This is gross, litigious bullying.

    31 replies 628 retweets 830 likes
  6. Dec 19

    Very cool. Congrats.

    A bit speechless at the moment...
    3 likes
  7. Dec 19

    Finding references can be difficult. Thanks for the great resource !!

    That moment you are taking a course and discover work you wrote in the course. Extremely honored to be included! Also just a great course sec564 is!
    1 like
  8. Dec 18

    I couldn’t agree more. I’m teaching the SANS SEC 564 Red Team course right now. Perfect timing to emphasize a teaching point. Thanks!!!

    The most pragmatic security managers don't resort to fear and blame when new attack research comes out. They view it simply as a task item to improve their posture. They manage security. They acknowledge that security is not a problem to be solved.
    Show this thread
    2 likes
  9. Dec 16

    This still surprises me. But remains on my short list to check...

    GPP The gift that still keeps on giving.
    3 likes
  10. Retweeted
    Dec 16

    Facebook Security is proud to announce that we are offering a free twelve-week hands-on course for veterans who desire to get into cybersecurity. Please make sure to apply by January 16th!

    98 replies 2,428 retweets 3,127 likes
    Show this thread
    Show this thread
  11. Retweeted
    Dec 15

    Are you really ready for ? What does your data look like? Data Availability != Data Quality

    3 replies 122 retweets 197 likes
  12. Dec 14

    Sad day

    Well said :(
  13. Retweeted
    Dec 14

    Our CEO, , will be on a panel today discussing this year’s big lessons learned and recommendations for breach prevention in the new year with , , Ashton Mozano, and Jon Green . Tune in at 1pm Eastern

    4 retweets 11 likes
  14. Dec 11

    Nice !!

    Little wiki page on how to get saved domain credentials from the Credential Manager with ... without admin 🙃
    1 retweet 1 like
  15. Retweeted
    Dec 11

    Dump *domain* (& generic 🙃) Windows credentials from the Credential Manager without admin! *needs domain user rights (or user password, of course!) Something makes me think that a little howto would interest you ...

    7 replies 445 retweets 714 likes
  16. Dec 11

    Very nice!! Keep up the great work!!

    Replying to @armitagehacker
    need to download demo version please
  17. Retweeted
    Dec 11

    Cobalt Strike 3.10 – Хакер vs. 肉雞

    6 replies 98 retweets 154 likes
  18. Retweeted
    Dec 8

    I'll write up a blog this weekend. Long story short, there be file extension dragons here. Rename cmd.exe to js.exe or txt.exe and persist "js" or "txt".

    Curious why the latest Autoruns (v13.80) Services view can't find "cmd" 🤔 This service syntax only seems to work on Win10 and not on Win7 and Win8. ebd270e3dddedefd5767715c135904c6 (Autoruns.exe) 326987363cfc1c3262a18c215b51e7e2 (Autorunsc.exe)
    3 replies 20 retweets 54 likes
  19. Retweeted
    Dec 5

    If you're attending , don't miss the Arsenal demos of our Automated Collection & Enrichment (ACE) platform at with and tomorrow (12/6) from 10:00 - 11.35 at Station 1

    3 replies 8 retweets 14 likes
  20. Retweeted
    Dec 5

    Check out the new post from our on building covert red team attack infrastructures

    117 retweets 145 likes
  21. Dec 5

    Awesome in-depth look at building and designing an effective C2 infrastructure nice work !!!

    [blog] Designing Effective Covert Red Team Attack Infrastructure
    1 reply 4 likes

@joevest hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·