Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @r3c0nst
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @r3c0nst
-
Prikvačeni tweet
Slides from my V00d00 talk -> Operation FastCash - Hidden Cobra's AIX PowerPC malware dissected https://github.com/fboldewin/FastCashMalwareDissected/blob/master/Operation%20Fast%20Cash%20-%20Hidden%20Cobra%E2%80%98s%20AIX%20PowerPC%20malware%20dissected.pdf …
#Malware#DFIR#Hacking#APT38#Lazarus#ATMpic.twitter.com/BvehDaSOr1
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
One of those
#ATM Alice samples. Haven't seen this panel before, though old build date, uploaded on 09th January 2020 from DE. Maybe something for your malware zoo. Supervisor ID is '123'#YARA-rule: https://raw.githubusercontent.com/fboldewin/YARA-rules/master/ATM.Malware.ALICE.yar …#DFIR#MALWAREpic.twitter.com/lDTo6KPRb7
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
IDA Pro 7.x plugin that integrates
#Ghidra decompiler code by Chris Eagle (@sk3wl ) Awesome! https://github.com/cseagle/blc/blob/master/README.md …#IDAPro#ReverseEngineeringHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Frank Boldewin proslijedio/la je Tweet
Cutter v1.10 now has a DEBUGGER!

After a lot of work, we are so happy to announce that we finally implemented your most requested feature.
The beta version of the debugger is available NOW on our website >> https://cutter.re
List of features and what's coming next >>pic.twitter.com/4OOlF0Y0Wk
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Frank Boldewin proslijedio/la je Tweet
A post I wrote in 2017 on bypassing CarbonBlack all products, since the trick is still unfixed, decided to public it.. https://bytecod3r.io/bypassing-carbonblack-defense-protection-response/ …
#Bypass#redteamHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Frank Boldewin proslijedio/la je Tweet
Windows Privilege Escalation approach: https://sec-consult.com/en/blog/2019/04/windows-privilege-escalation-an-approach-for-penetration-testers/ … This blog is so articulate and well written for any beginner to learn Windows Privesc. Thanks
@sec_consultHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Just released my Group-IB CyberCrimeCon Singapore slides. It's a case i have investigated in March 2019. These slides contain all the details i found out during my investigation. Enjoy! https://github.com/fboldewin/Libertad-y-gloria---A-Mexican-cyber-heist-story---CyberCrimeCon19-Singapore/blob/master/README.md …
#Malware#ATM#DFIR#Hackingpic.twitter.com/MXxPhvIv9q
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Frank Boldewin proslijedio/la je Tweet
Relocating BaseAddress Agnostic Memory Dumps ~ https://int0xcc.svbtle.com/relocating-baseaddress-agnostic-memory-dumps … Modifying
@hasherezade pe_unmapper to allow remapping without LoadBase.pic.twitter.com/p19eeNYG7K
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Just published my
#IDAPython scripts to reconstruct Microsoft COM-Code. Tested on#IDAPro v7.4 and Python v2+3 => Happy reversing! https://github.com/fboldewin/COM-Code-Helper/blob/master/README.md …#Malware#DFIRpic.twitter.com/wIbMcLUgHA
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
So Phineas Fisher wrote a detailed guide howto hack a bank and transfer money via SWIFT. It seems he failed transferring large amounts because of missing knowledge in the interbanking environment. A circumstance that could change quickly. http://sprunge.us/SUfVvV
#Hacking#DFIRpic.twitter.com/Fo83lnnBvt
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Windows privilege escalation exploit for CVE-2019-1322 + CVE-2019-1405 With Sourcecode, binary and howto Video. Tested and works! Expect this to be used in future malware.
#Hacking#DFIRhttps://twitter.com/SpecialHoang/status/1194958728065376258 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
New tool for your
#redteam arsensal.#RdpThief sniffs credentials out of RDP sessions by injecting into the mstsc.exe process.#DFIR#Hackinghttps://twitter.com/MDSecLabs/status/1194620076974104576 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Surely one of the craziest financial hacker stories in 2019. I will talk about the details in Singapore @ GROUP-IB‘s
#CyberCrimeCon19#Hacking#Malware#DFIR#threatintelhttps://twitter.com/GroupIB_GIB/status/1192823666851164161 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Legacy repo of my discontinued reconstructer website with some tools and papers from 2006 - 2013 now moved to Github. https://github.com/fboldewin/reconstructer.org …
#Malware#DFIR#OfficeMalScanner#Windbg#Volatility#IDAPropic.twitter.com/RauPLU6GRM
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
My analysis of a new
#ATM#malware called#XFS_DIRECT using a Raspberry Pi Zero W and P4WNP1's HID backdoor for delivery. https://github.com/fboldewin/ATM-Jackpotting-P4WNP1-style-with-malware-XFS_DIRECT …#DFIR@Bank_Security#YARA rule is here --> https://raw.githubusercontent.com/fboldewin/YARA-rules/master/ATM.Malware.XFS_DIRECT.yar …pic.twitter.com/5F8zbH8BBu
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
IDA Pro 7.4 has been released. Now with Python 3 support, new processor modules, structure editor, decompiler improvements and much more. https://www.hex-rays.com/products/ida/7.4/index.shtml …
#Reversing#Decompiler#IDAPRO#Debuggingpic.twitter.com/0nUJbRZNPT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Five Chinese nationals involved in the country's biggest cyber heist in the banking sector so far. Never heard of chinese cybercriminals in that business before. ^^ https://thehimalayantimes.com/nepal/chinese-men-held-for-cyber-heist-worth-millions/ …
#ATM#Malware#Hackingpic.twitter.com/97rLazuwsw
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rico, a Junior Analyst in our SoC-Team did a great writeup how to fully deobfuscate a heavily obfuscated JSE downloader used by
#Trickbot https://blog.rico-j.de/jse-malware-analysis/ …#DFIR#Malware Deobfuscator -> https://blog.rico-j.de/assets/files/2019-08-29-jse-malware-analysis/deobfuscator.py …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Fresh
#ATM#Malware XFSCashNCR directly from Chile. Build date 30th July 2019. Uploaded to VT on 28th August 2019. Hash --> d6dff67a6b4423b5721908bdcc668951f33b3c214e318051c96e8c158e8931c0#Yara rule --> https://raw.githubusercontent.com/fboldewin/YARA-rules/master/ATM.Malware.XFSCashNCR.yar …#DFIR@Bank_Securitypic.twitter.com/03m0jgbZzJ
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Frank Boldewin proslijedio/la je Tweet
The first version of my new plugin (Windbg2IDA) is released. Using this plugin, you’ll be able to dump each step in Windbg then see the code coverage results in IDA, you can also compare two or more dumps w/ different colors & lots of other cool features. https://windbg2ida.ntdebug.com pic.twitter.com/QOnsqYRrTF
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Frank Boldewin proslijedio/la je Tweet
After much delay.. the Windows Sysmon Logging Cheat Sheet has been released !!!http://malwarearchaeology.com/cheat-sheets
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.