Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @marcosd4h
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @marcosd4h
-
Prikvačeni tweet
Last week was a blast! I met old and new friends at Vegas and I also presented two tools I've been working on: SysmonX at
@BlackHatEvents Arsenal track, and Memhunter at@defcon Demo Labs and@BlueTeamVillage. Expect to hear more about these tools in the upcoming weeks
pic.twitter.com/b2KVDwfVOx
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
Custom Signed Kernel Driver's Pretty cool
Without the need to enable TestSigning.
Sample Project:
https://github.com/HyperSine/Windows10-CustomKernelSigners …pic.twitter.com/opyM91m1HI
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore, https://github.com/hfiref0x/KDU pic.twitter.com/s154qYlIKR
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
Today I learned Google recently hit 50% fuzzing coverage in Chrome. Wow.https://twitter.com/arw/status/1222616480736395265 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
Windows Kernel _IMAGE_DOS_HEADER::e_lfanew Denial Of Service/Memory Corruption https://waleedassar.blogspot.com/2020/01/malformed-pe-header-kernel-denial-of.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
PInjectra’s Stack Bombing Process Injection example was only the beginning. I wrote a practical implementation of it that performs process migration using shared Memory, self-loading/linking DLLs, and an RWX ROP chain. Https://github.com/Crypt0s/Ampulex Also included: a detection for it
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
Check out
@Nosoynadiemas ' tips on Fuzzing, to overcome known challenges and maximize results:https://securitylab.github.com/research/fuzzing-challenges-solutions-1 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
we have an update to DTrace on Windows. with the latest 20H1 insider build, no more KD required to use dtrace on windows. plus arm64 MSI.https://techcommunity.microsoft.com/t5/windows-kernel-internals/dtrace-on-windows-20h1-updates/ba-p/1127929 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
memhunter : Live hunting of code injection techniques : https://github.com/marcosd4h/memhunter … cc
@marcosd4hpic.twitter.com/wkuRUx3JuQHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
KSDumper....process dumper with a twist...will be mucking with this later:https://github.com/EquiFox/KsDumper …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
So proud to see our PowerShell class released to the public for free. There may be some tradecraft in there FYI that might not be broadly covered. Enjoy!https://twitter.com/SpecterOps/status/1220056424866353158 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
Windows kernel explorer: A free powerful Windows kernel research toolhttps://github.com/AxtMueller/Windows-Kernel-Explorer …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
This has been a very long time coming, thank you so much David for developing and sharing this! The applications for this of course go far beyond BloodHound, but if you're looking for the best way to play with BloodHound, this is it!https://twitter.com/davidprowe/status/1218174883617804288 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
We have a working proof-of-concept exploit for ‘Whose Curve is it Anyway?’ — NSA’s bug in Microsoft’s Crypto API. Read on for our explainer:https://blog.trailofbits.com/2020/01/16/exploiting-the-windows-cryptoapi-vulnerability/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
Visit the test site listed in this awesome post and validate your Audit-CVE log against an actual PoC (versus my silly attempts). If an actual exploitation attempt is made, you can parse out the embedded ASN.1 accordingly. https://research.kudelskisecurity.com/2020/01/15/cve-2020-0601-the-chainoffools-attack-explained-with-poc/ … https://twitter.com/mattifestation/status/1217490544773009409 …pic.twitter.com/ILhGylk8pb
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
Should we name CVE-2020-0601 CurveBall? Applying to twitter infosec naming committee AKA
@GossiTheDog#curveballhttps://twitter.com/TalBeerySec/status/1217202495103086597 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
In this post,
@matterpreter dissects Mimikat'z kernel mode driver, Mimidrv, and walks through some of the capabilities available to us in ring 0. Check it out:https://posts.specterops.io/mimidrv-in-depth-4d273d19e148 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
Video recording of my presentation with
@ptrpieter at Black Hat Asia 2019 is online. MS Office in Wonderland: 50 minutes of offensive tradecraft with Word and Excel. Exploiting fields, Power Query, VBA stomping, Excel4 macros, AMSI bypasses and more fun.https://youtu.be/9ULzZA70DzgHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
HOW TO GIVE A CONFERENCE TALK IN FIVE EASY STEPS 1. Write the outline! It'll help you collect your thoughts and make a good talk!!! 2. Write a first draft! Doesn't need to be that good, just get your thoughts down!!! 3. Rehearse! Read the draft aloud and see if it sounds good!
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
For anyone interested in my presentation on Local RPC in .NET the HITB version is now up on YouTube.https://youtu.be/2GJf8Hrxm4k
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Marcos Oviedo proslijedio/la je Tweet
To continue,
@_xpn_'s entire blog. The breadth and depth of Adam's work is truly amazing, but if I had to pick a favorite recent post(s) it would be his articles on Mimikatz internals: https://blog.xpnsec.com/exploring-mimikatz-part-1/ … andhttps://blog.xpnsec.com/exploring-mimikatz-part-2/ …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.