Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @monoxgas
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @monoxgas
-
Nick Landers Retweeted
Interesting Fact: The core implant uses a multi-stage approach with exportable DLL ordinals for near each step of the deployment. Seems like
@monoxgas approach is fairly threat representative. Plan on doing some RE of the loader next week.Show this threadThanks. Twitter will use this to make your timeline better. Undo -
Nick Landers Retweeted
Yet another Ruler vector - CVE-2017-11774 shell Outlook via the home page. New Ruler and NotRuler available: https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/ …pic.twitter.com/V3oXPtZyAK
Thanks. Twitter will use this to make your timeline better. Undo -
Nick Landers Retweeted
Blog post - Hunting for .NET in-memory techniqueshttps://www.endgame.com/blog/technical-blog/hunting-memory-net-attacks …
Thanks. Twitter will use this to make your timeline better. Undo -
Always in our hearts, SBS doesn't forget.
#TrevorForget@Grifter801@TrevorTheRoach@SilentBreakSecThanks. Twitter will use this to make your timeline better. Undo -
The best days for blue teams are sometimes the toughest for red teams. Great job MS! Time to get back to work researching Outlook.https://twitter.com/_staaldraad/status/910794256733949952 …
Thanks. Twitter will use this to make your timeline better. Undo -
Nick Landers Retweeted
KB4011091 for Outlook 2016 seems to block VBScript in forms! If so, well played MSFT! Can't find mention of it in the update description
Thanks. Twitter will use this to make your timeline better. Undo -
Nick Landers Retweeted
Exploiting
#PowerShell Code Injection Vulnerabilities to Bypass Constrained Language Mode http://www.exploit-monday.com/2017/08/exploiting-powershell-code-injection.html …Thanks. Twitter will use this to make your timeline better. Undo -
Nick Landers Retweeted
[Blog] UMCI vs Internet Explorer: Exploring CVE-2017–8625https://posts.specterops.io/umci-vs-internet-explorer-exploring-cve-2017-8625-3946536c6442 …
Thanks. Twitter will use this to make your timeline better. Undo -
Nick Landers Retweeted
New blog post by
@monoxgas! Check out the latest for in-memory malware -> sRDI (Shellcode reflective DLL injection)https://silentbreaksecurity.com/srdi-shellcode-reflective-dll-injection/ …Thanks. Twitter will use this to make your timeline better. Undo -
Nick Landers Retweeted
New, but short blog post is up! XSS Using Active Directory Automatic Provisioning -https://silentbreaksecurity.com/xss-using-active-directory-automatic-provisioning/ …
Thanks. Twitter will use this to make your timeline better. Undo -
SyncAppVPublishingServer kickin' on Windows 7 with PowerShell v3.
@mattifestationpic.twitter.com/1gOJ884TfQ
Thanks. Twitter will use this to make your timeline better. Undo -
Need a signed alternative to Powershell.exe? SyncAppvPublishingServer in Win10 has got you covered.pic.twitter.com/WdudIxWWq6
Thanks. Twitter will use this to make your timeline better. Undo -
Big credits to
@stephenfewer@_dismantl@mattifestation@tifkin_Thanks. Twitter will use this to make your timeline better. Undo -
Shellcode Reflective DLL Injection (sRDI). Convert DLLs to position independent shellcode. Inject all the things!https://github.com/monoxgas/sRDI
Thanks. Twitter will use this to make your timeline better. Undo -
Thanks for the love man. We will shoot for a public release soonhttps://twitter.com/tyler_robinson/status/889978210628247552 …
Thanks. Twitter will use this to make your timeline better. Undo -
Proof that Outlook abuse is in the wild, put this on your radars!https://twitter.com/CrowdStrike/status/888553969362112514 …
Thanks. Twitter will use this to make your timeline better. Undo -
Nick Landers Retweeted
Looking forward to Dark Side Ops 1 and 2 training at
#blackhat2017#BlackHatusa!!pic.twitter.com/u5TDTo3Rmy
Thanks. Twitter will use this to make your timeline better. Undo -
Office 365 with Outtook 2013/16 now limits dangerous outlook rules. KB3191883 and KB3191938 https://support.microsoft.com/en-us/help/3191893/how-to-control-the-rule-actions-to-start-an-application-or-run-a-macro …
Thanks. Twitter will use this to make your timeline better. Undo -
Nick Landers Retweeted
Anyone up for beta testing "NotRuler"? Pulls out VBScript containing forms and endpoints from rules.pic.twitter.com/I0mS3FfbdX
Thanks. Twitter will use this to make your timeline better. Undo -
Everyone stay up to date on this tool. Will be a much needed step for detecting Outlook abuse.https://twitter.com/_staaldraad/status/881819936628383745 …
Thanks. Twitter will use this to make your timeline better. Undo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.