Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @munrobotic
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @munrobotic
-
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
Have you ever seen a detection that you felt was too brittle or narrowly focused? In this post, I explore an idea I call "Capability Abstraction" where I seek to demonstrate where that feeling comes from for me.https://medium.com/@jaredcatkinson/capability-abstraction-fbeaeeb26384 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
I commissioned this comic in late-2011 to market what would become Cobalt Strike. I'm always amazed at how well the overall "story" has held up. Open question: How many pen testers "report in" with a salute to the customer CEO at the end of an engagement? https://www.cobaltstrike.com/downloads/cs2015comic.pdf …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
Burp Suite extension to perform Kerberos authenticationhttps://github.com/nccgroup/Berserko …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
Custom Signed Kernel Driver's Pretty cool
Without the need to enable TestSigning.
Sample Project:
https://github.com/HyperSine/Windows10-CustomKernelSigners …pic.twitter.com/opyM91m1HI
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
Really glad to finally get a blogpost out about this. Hopefully this is useful and gives Red Teamers ideas on how to use the BYOI concept in their own payloads. If anyone is interested in a few more follow up posts about this will gladly oblige :)https://www.blackhillsinfosec.com/red-teamers-cookbook-byoi-bring-your-own-interpreter/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
A reminder (in case you're slow like me) that Twitter is now supporting full app-based 2FA for accounts in all regions and you no longer have to provide a phone number for SMS-based 2FA. Go get at em!pic.twitter.com/V4gXJ0NNus
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
#FakeLogonScreen is a C# utility to steal a user's password using a fake Windows logon screen. This password will then be validated and saved to disk. Useful in combination with#CobaltStrike's execute-assembly command. https://github.com/bitsadmin/fakelogonscreen …pic.twitter.com/2pAOk9InLMHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
For those of you using a NV GPU with Volta or Turing chipset, listen up! We hacked our way into the post-48k GPU shared memory region. This improved bcrypt cracking performance by an average of 25%. For instance a GTX2080Ti improved from 42116 H/s to 54770 H/spic.twitter.com/jm6gICcu9h
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
Also, if you have a GV100 (TITAN V, V100) the bcrypt cracking performance should be *doubled* but really only this exact chipset. So far this is only a theoretical value. I can't verify because I don't have this GPU for testing. Someone can verify?
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
Load encrypted PE from XML Attribute. MSBuild is still the best.
https://github.com/XwingAngel/PELoader/ …
MSBuild sets Property then calls Execute.
Use this example to decouple payloads & prove that all security products have a "Single File Bias".
Decouple payloads to subvert detection.pic.twitter.com/648rujlLQn
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
The code to execute in JS via "System.Runtime.InteropServices.RegistrationServices" here: https://ghostbin.co/paste/krdqe You need to expose a static method public static void UnRegisterClass(string key) And of course you need an assembly object :) Cheers
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
Pushed a new Rubeus release after getting some additional feedback from our most recent AT:RTO students. The full changes are detailed here https://github.com/GhostPack/Rubeus/blob/master/CHANGELOG.md#150---2020-01-31 … . To highlight a few new features- "/nowrap" globally prevents base64 blobs from line-wrapping, (1/4)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
Lots of other changes, fixes, and additions as well. Thank you to everyone who contributed, and I hope everyone else finds the new changes useful! Again, a full changelog is available at https://github.com/GhostPack/Rubeus/blob/master/CHANGELOG.md#150---2020-01-31 … (4/4)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Friends in the UK... Remember to set your clocks back 46 years tonight.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
New Blog Post from
@Haus3c on Azure. Ryan discusses Azure and Azure AD's components, reviews some of the attacks, and release PowerZure to help understand the attacks. Link: https://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a … PowerZure:https://github.com/hausec/PowerZure …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
ICYMI -
@0xthirteen released MoveKit and StayKit, a collection of aggressor scripts, .NET projects, and templates to enhance lateral movement and persistence on your engagements. Link: https://posts.specterops.io/move-faster-stay-longer-6b4efab9c644 … MoveKit: https://github.com/0xthirteen/MoveKit … StayKit:https://github.com/0xthirteen/StayKit …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
Just pushed a somewhat big update to SILENTTRINITY with a lot of forward compatibility fixes for Python 3.8 and made the PowerShell "stageless" stager public. Plus more modules and bug fixeshttps://github.com/byt3bl33d3r/SILENTTRINITY …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
Interesting recent change (at least 1903) to SeTokenCanImpersonate which determines if you can impersonate an access token. The Session ID is now checked so that you can't impersonate same user session 0 tokens outside of session 0.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
#BlueTeam command-line MSBuild.exe detection's got your#RedTeam down? How about MSBuild without MSBuild.exe? https://s5.gifyu.com/images/msbuild_api.gif …https://github.com/rvrsh3ll/MSBuildAPICaller …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
lɐʍɹǝuɔǝ ɯnuɹo proslijedio/la je Tweet
I just published a ~45 page whitepaper on attacking and defending terraform infrastructure as code in GitHub. Includes attack scenarios, hardening, detections, etc. Deep thanks to
@tifkin_ and@harmj0y for their inspiration and research.
https://www.sans.org/reading-room/whitepapers/securecode/defending-infrastructure-code-github-enterprise-39380 …
1/3Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.