Nick Landers

@monoxgas

Security research, exploits, malware dev, training.

Utah
Vrijeme pridruživanja: listopad 2010.

Tweetovi

Blokirali ste korisnika/cu @monoxgas

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @monoxgas

  1. proslijedio/la je Tweet
    31. sij
    Poništi
  2. 30. sij

    Anyone know the most reliable way to tell if a remote process is running under SysWOW? It would appear SystemSuppportedProcessorArchitectures is only available in newer versions. Maybe wow64 in LDR or some PEB/TEB bits.

    Poništi
  3. 16. pro 2019.

    Quick arbitrary disk read (LPE) exploit for the Nalpeiron licensing service. Avoid NLSSRV32 and Nitro PDF =< v10.

    Poništi
  4. proslijedio/la je Tweet
    10. lis 2019.

    "Dark Side Ops: Malware Dev" focuses on the goals, challenges, architecture, and operations of advanced persistent threat (APT) tooling, and is bringing this Training to in London, December 2 & 3.

    Poništi
  5. 9. lis 2019.

    Got a quick blog up about an arbitrary registry write LPE in the AtherosSvc windows service. We've seen it frequently on laptops with Qualcomn wireless/bluetooth chip sets.

    Poništi
  6. 30. ruj 2019.

    Posted some VBA code for loading a DotNet assembly directly using mscorlib + Assembly.Load by manually accessing the VTable of the IUnknown. Hopefully it saves someone else some time, but it's not the cleanest approach I was hoping for.

    Poništi
  7. 28. ruj 2019.

    I'm apparently a bit late, but the recording for my talk about C2 is available now: Slides+Code if you missed them:

    Poništi
  8. 27. ruj 2019.

    Completely re-factored+cleaned the core of sRDI this week which just went into the dev branch. Also added an import obfuscation option which will randomize IAT patching order and (optionally) add sleeps between DLL loads. Might help someone :)

    Poništi
  9. 18. ruj 2019.

    Want to see us steal 's email scoring model? Need to know what words to use in a phishing link? Or how to classify a sandbox with an ANN? Check out our talk, slides and code below :) Also included are our thoughts on the future of attack graph theory.

    Poništi
  10. proslijedio/la je Tweet
    12. ruj 2019.

    I was a bit slow getting this out.. but wanted to give a big shout out to and for the course they ran at BH. Thoroughly enjoyed it

    Poništi
  11. proslijedio/la je Tweet

    42: The answer to life, the universe, and everything offensive security Will Pearce, Nick Landers , for

    Poništi
  12. proslijedio/la je Tweet
    5. ruj 2019.

    Loved the Malware Dev course by . It felt like I got to code Cobalt Strike from the ground up over the last 16 hours. In-memory loading, ICMP tunneling, COM hijacking, DLL export forwarding, SMB pivots it had it all. Nice work guys!

    Poništi
  13. proslijedio/la je Tweet
    3. ruj 2019.

    Have 2 tickets to up for sale.

    Poništi
  14. proslijedio/la je Tweet
    1. ruj 2019.

    Short blog post as a follow up to my two year old one on becoming TrustedInstaller using a poorly documented trick with the Task Scheduler.

    Poništi
  15. proslijedio/la je Tweet
    30. kol 2019.

    Come see and I talk offensive use cases of machine learning

    Poništi
  16. proslijedio/la je Tweet
    10. kol 2019.

    Slides and code for my talk. Thanks to all who attended.

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    10. kol 2019.

    With Vegas over and done with for another year, it's time to go Twitter dark for a while. But one last blog before I go for and hat tip to

    Poništi
  18. 8. kol 2019.

    Come stop by our booth to chat about Dark Side Ops, our talks, or security in general!

    Poništi
  19. 8. kol 2019.

    I've uploaded the materials for my "Flying a False Flag" talk at ! Domain takeover via fast cloud IP cycling, EWS C2, and VirusTotal abuse. Thank to you everyone who attended, and also to the researchers releasing these great related works.

    Poništi
  20. proslijedio/la je Tweet
    6. kol 2019.

    Another Dark Side Ops in the bag. Students crushed the material, a new class of RATs graduated into the wild.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·