kocka

@k0ck4

c̶y̶p̶h̶e̶r̶p̶u̶n̶k̶, Crypto-anarchist, NetBSD fanboi, grsecurity and Alpinelinux evangelist. GCFA || OSCP || GXPN

Vrijeme pridruživanja: lipanj 2012.

Tweetovi

Blokirali ste korisnika/cu @k0ck4

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @k0ck4

  1. proslijedio/la je Tweet
    31. sij

    Wrote a post on how to use GadgetToJScript with Covenant & Donut Thanks to for the answering my queries and helping me while exploring tool 🙏

    Poništi
  2. proslijedio/la je Tweet
    30. sij
    Poništi
  3. proslijedio/la je Tweet
    31. sij

    Has anyone (boss, client, student, etc) ever asked you in what Windows event log can you find a process, IP address, InterfaceUuid, etc? Very helpful to identify providers that you might need to start collecting data from. is using online interactive

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    2. velj

    ICYMI developed an online tool to convert Sigma rules into the query language of your choice FAQs What if my field values differ from the standard? What if I get too many false positives?

    Poništi
  5. proslijedio/la je Tweet
    2. velj

    A curated list of resources for learning about deploying, managing and hunting with Microsoft Sysmon. Contains presentations, deployment methods, configuration file examples, blogs and additional github repositories.

    Poništi
  6. proslijedio/la je Tweet
    2. velj

    My slides for today’s talk on protocol security are posted on my website: Thanks to everyone who attended and for all the great feedback I got so far!Enjoy the rest of the con!

    Poništi
  7. proslijedio/la je Tweet
    2. velj

    Another run of that obfuscated multistage PowerShell loader for Cobalt Strike Beacon.

    Poništi
  8. proslijedio/la je Tweet
    1. velj
    Poništi
  9. 5. velj

    AZ-900 check. Now it’s time to start preparing for OSCE.

    Poništi
  10. proslijedio/la je Tweet
    31. sij

    Akamai WAF Bypass, worked on a recent program <x onauxclick=a=alert,a(domain)>click

    Poništi
  11. proslijedio/la je Tweet
    2. velj

    SettingSyncHost.exe as a LolBin cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foo

    Poništi
  12. proslijedio/la je Tweet
    30. sij

    This report is a year journey✈️ to follow the trail of TA505. ⭐️Especially : TTP, Malwares, Relevance with Carbanak (Only published in Korean😅)

    Poništi
  13. proslijedio/la je Tweet
    30. sij

    Remember, folks, one may not necessarily need code execution to privesc to root via kernel exploit. This video shows how interesting data-only exploits can be and provides really good insight into how an attacker thinks.

    Poništi
  14. proslijedio/la je Tweet
    30. sij

    I found this article to be excellent. From building Windbg Tooling to working exploits. Its a dense and rich read. Really well done. I thought. Introduction to SpiderMonkey exploitation.

    Poništi
  15. proslijedio/la je Tweet
    28. sij

    New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZure

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    28. sij

    CVE-2020-7799 – FusionAuth “Apache Freemarker” Code Execution, by my coworker

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    24. sij

    Wonder how many log collectors are running on this AS.

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet

    The highest state court in Berlin was hacked and it is **that bad** Patrick has a summary of T-Systems' forensic analysis. (scoops by ) TL;DR: High likelihood that attackers had access to ev-ry-thang. PDF:

    Poništi
  19. proslijedio/la je Tweet
    26. sij

    finally a macro sample using something other than ps as a wmiprvse child process :)

    Poništi
  20. proslijedio/la je Tweet
    27. sij

    2020-01-27 New - maldoc.🧐 p://185.]159.]82.]182/gox/go.php?zs=h21&ed=<9randomdigits> No VT submission - No AnyRun activities> @hexraptor

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·