Pedram Amini

@pedramamini

CTO at . Founded in 2005. NYC born, Austin transplant. I tweet about infosec, general nerdery, and things that make me laugh.

Austin, TX
keybase.io/pedram
Vrijeme pridruživanja: veljača 2009.
65 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @pedramamini

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @pedramamini

  1. 27. sij

    For the record, the Jumpshot referred to in this Vice article () has nothing to do with my Jumpshot from Kickstarter (). I've received a number of concerned inquiries from colleagues and backers. The domain name was simply repurposed.

    2 proslijeđena tweeta 4 korisnika označavaju da im se sviđa
    Poništi
  2. 31. pro 2019.

    Second SHA1 hash collision found, how neat!

    37 proslijeđenih tweetova 86 korisnika označava da im se sviđa
    Poništi
  3. 30. pro 2019.

    Calling all tinkerers... someone, somewhere, will figure out how to get these devices out of "recycling mode" ... or at least find a way to prevent them from entering that mode during the 21 day grace period:

    1 reply
    Poništi
  4. proslijedio/la je Tweet
    30. pro 2019.

    The videos from Blackhat USA 2019 are up, check out our CTO 's talk on Worm Charming: Slide deck is available for download from Finally, the referenced data portal is available

    9 proslijeđenih tweetova 16 korisnika označava da im se sviđa
    Poništi
  5. 2. pro 2019.

    Anyone else notice a sudden increase in spam over chat?

    2 korisnika označavaju da im se sviđa
    Poništi
  6. 31. lis 2019.

    We've written many many YARA rules with the help of this tool that is just shy of magic. Fun read from my colleague Rob King on the history of Base64 and the automated generation of regular expressions that will match encoded content regardless of padding and endianness.

    Base64 is arguably the most common encoding method used by malware, natively supported by basically every language. Writing regexes that can match Base64 encoded content is tricky but valuable. Learn why and see how we've automated the task in this blog:
    2 proslijeđena tweeta 8 korisnika označava da im se sviđa
    Poništi
  7. 24. lis 2019.

    If you're not already aware of it, Apple's MacOS XProtect is fueled by YARA and UXProtect () is a graphical frontend from (the wizard behind all the awesome utilities) and the fellas from .

    Added UXProtect from to . It's an OSX GUI for YARA signature management and more overtop of Apple's built-in XProtect.
    4 proslijeđena tweeta 8 korisnika označava da im se sviđa
    Poništi
  8. 18. lis 2019.

    This has quickly become my favorite meetup in Austin. Register early if you're interested in attending as the meetup hit capacity the last two gatherings.

    It's that time again, ATX DFIR Meetup on Nov 20th. For more info checkout: Also we've got a couple of speaking slots open if you'd like to do a 15min (super informal) talk.
    Poništi
  9. proslijedio/la je Tweet
    17. lis 2019.

    I'm going to try to post weekly helpful hints about ...here's my "gem" from last week's talk: Override getScriptAnalysisMode() when you're doing wacky disassembling and analysis in a script!

    1 reply 24 proslijeđena tweeta 58 korisnika označava da im se sviđa
    Poništi
  10. 5. lis 2019.

    Finally. A new space show at the Hayden planetarium. I’ve been rewatching the same one for years as the planetarium is among my favorite places to take friends visiting NYC. Wish AMNH would have at least cycled through the old shows.

    1 korisnik označava da mu se sviđa
    Poništi
  11. 2. lis 2019.

    Posted a blog on Adobe Extensible Metadata Platform (XMP) identifiers. A concept that was initially introduced to me by an industry colleague and long-time friend Mike Remen. Slides from a talk on the matter I gave at an meetup:

    Adobe XMP: Tales of an Overlook Anchor In this blog, we examine how a non-standard indicator can be leveraged for threat detection as well as sample clustering. Readers can follow along with samples from .
    Prikaži ovu nit
    4 proslijeđena tweeta 6 korisnika označava da im se sviđa
    Poništi
  12. 25. ruj 2019.

    Another great DFIR gathering hosted by the folks from . Great talks from , , Kyle Bailey, and Jayson Weiss. Check for future events. Highly recommended.

    3 proslijeđena tweeta 7 korisnika označava da im se sviđa
    Poništi
  13. 12. ruj 2019.

    Another great piece written by on research from and the Dragos team: "New Clues Show How Russia’s Grid Hackers Aimed for Physical Destruction"

    1 korisnik označava da mu se sviđa
    Poništi
  14. proslijedio/la je Tweet
    11. ruj 2019.

    Our contest deadline is approaching, do not wait until the last minute!

    5 proslijeđenih tweetova 14 korisnika označava da im se sviđa
    Poništi
  15. 26. kol 2019.

    Some additional/related research from and worth digging into if you're interested in this topic:

    1 proslijeđeni tweet 2 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  16. 23. kol 2019.

    More importantly that the slides, take a gander at the data portal we made available to empower other peoples research: The free/open API plus some JQ driven command line foo can result in interesting slices of data. I'll write a blog about it all soon.

    Slides from 's Blackhat 2019 talk on searching for 0day campaigns prematurely uploaded to VirusTotal are up: (Worm Charming is a real "sport" by the way, do look it up)
    19 proslijeđenih tweetova 29 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    13. kol 2019.

    We welcome feedback on our static dropper analyzer and data portal that we announced at Blackhat last week. Search a large corpus of file samples, aggregate reputation information, IOCs extracted from public sources. Augment YARA development with tooling.

    18 proslijeđenih tweetova 35 korisnika označava da im se sviđa
    Poništi
  18. 7. kol 2019.

    Unveiling an open data portal for malware researchers during my “Worm Charming” talk today at … come join us at 2:40 to see tactics for hunting for 0day among malware corpora.

    4 proslijeđena tweeta 12 korisnika označava da im se sviđa
    Poništi
  19. 31. srp 2019.

    Tinkering with the beta of , 's latest venture... I'm initially impressed by both how smooth the agent install/removal is and by how incredibly fast it can scan.

    1 reply 4 korisnika označavaju da im se sviđa
    Poništi
  20. 29. srp 2019.

    Harvesting from harvesters...

    Another fun sample captured by our Base64_Encoded_Powershell_Directives YARA rule (), a WiFi password stealer script with the attackers GMail credentials: djole2k6@gmail.com / gsx750600j
    3 korisnika označavaju da im se sviđa
    Poništi

@pedramamini još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·