Jonny Johnson

@jsecurity101

Detection Engineering through Data Driven Hunting |

Vrijeme pridruživanja: lipanj 2016.

Tweetovi

Blokirali ste korisnika/cu @jsecurity101

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @jsecurity101

  1. prije 16 sati

    This post shows how to utilize abstraction to peel back technical layers to create different types of detections!

    Poništi
  2. 5. velj
    Poništi
  3. proslijedio/la je Tweet

    Coming soon to Sysmon: clipboard logging for malicious RDP session DFIR, and shredded file recovery for capturing hacking tools

    Poništi
  4. proslijedio/la je Tweet
    4. velj
    Poništi
  5. proslijedio/la je Tweet
    4. velj

    As promised, here is the follow up defensive blog to last weeks post on Attacking Azure.

    Poništi
  6. proslijedio/la je Tweet
    3. velj

    I made a PowerShell script when researching COM objects that has like 30 foreach and if loops and will search every COM object method for a keyword, e.g. finding COM objects with a method containing 'ExecuteShell'. Maybe someone else will find it useful.

    Poništi
  7. proslijedio/la je Tweet
    31. sij

    Pushed a new Rubeus release after getting some additional feedback from our most recent AT:RTO students. The full changes are detailed here . To highlight a few new features- "/nowrap" globally prevents base64 blobs from line-wrapping, (1/4)

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    31. sij

    Join me and on Tuesday, February 11th as we unveil 3.0! We will demo new attack primitives, performance improvements, and changes in the GUI. Register for the webinar here (recording available afterwards):

    Poništi
  9. proslijedio/la je Tweet
    29. sij

    We have just pushed some *big* updates to Ghostwriter's master branch that I think you'll like. We've got WYSIWIG editors, autocomplete, new reports, and more! Check it out:

    Poništi
  10. 29. sij

    If you get the chance, I highly suggest going to this talk! has been uncovering some really neat stuff!

    Poništi
  11. 29. sij

    Got my book from . Thanks for the signature man!

    Poništi
  12. proslijedio/la je Tweet
    28. sij

    Day 2 of Red Team training. It was great to finally meet this morning.

    Poništi
  13. proslijedio/la je Tweet
    28. sij

    SpecterOps is bringing its Adversary Tactics: Red Team Operations course to Denver, CO. on April 14th - 17th, 2020. Sign-up here:

    Poništi
  14. 28. sij

    This is amazing work by . Can’t wait for the detection piece 😉

    Poništi
  15. proslijedio/la je Tweet
    27. sij

    Move Faster, Stay Longer blog about extending CS and tools to go with it.

    Poništi
  16. proslijedio/la je Tweet
    22. sij

    Despite its incredible security enhancements, PowerShell continues to be abused by adversaries. A strong knowledge of PowerShell enables defenders to effectively manage and respond to its abuse. (1/4)

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    22. sij

    Revisiting RDP lateral movement and releasing a project that will be part of a bigger tool coming next week

    Poništi
  18. proslijedio/la je Tweet
    21. sij

    Hey Defender friends. Turns out that removing those services with Unicode/non-printable characters is pretty hard, so I wrote you a tool to help with that. I'll be releasing the offensive PoC later this week or early next week.

    Poništi
  19. proslijedio/la je Tweet
    21. sij

    We released a Red Teaming book! Red Team Development and Operations. It's been a crazy project that has existed in many forms. It started as simple notes, came together as a SANS class, and will now live as a book. Read about it here.

    Poništi
  20. proslijedio/la je Tweet
    21. sij

    Our first intern, created a project called Satellite to automate C2 traffic redirection. In this post, he talks about some of the keying, proxying, and filtering options of the project. Read more here: Project link:

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·