Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @redmed666
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @redmed666
-
Prikvačeni tweet
Now, there is even an GUI embryo for Mal6raph (https://github.com/redmed666/mal6raph …) using
@vuejs and@d3js_org (thanks@emiliorizzo )
it allows you to upload samples (analysed by @radareorg), displays all the samples (@neo4j db) and displays similar samples based on function analysis \o/pic.twitter.com/9oLzwJUPG2
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore, https://github.com/hfiref0x/KDU pic.twitter.com/s154qYlIKR
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
Reversing C++ executables with OOAnalyzer Ghidra Plugin https://insights.sei.cmu.edu/sei_blog/2019/07/using-ooanalyzer-to-reverse-engineer-object-oriented-code-with-ghidra.html …pic.twitter.com/rK2k4Q17Gd
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
Hardware Debugging for Reverse Engineers Part 1: SWD, OpenOCD and Xbox One Controllers https://wrongbaud.github.io/stm-xbox-jtag/ Hope you enjoy! As always ping me with any questions
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
How to hack yourself admin rights on any Autopilot installed Windows 10 - aka The Return of the Shift+F10!
#suomalaismies#4sysopshttps://4sysops.com/archives/hacking-admin-rights-on-an-autopilot-installed-windows-device-return-of-the-shift-f10/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
Have a vendor executable with unknown command-line options? Don’t want to reverse-engineer? Brute force in Windows shell! :: Extract strings from program strings.exe program.exe >> strings.txt :: Run each string as program argument for /f %a IN (strings.txt) DO “program.exe” %a
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
Among the undocumented flags in Windows Defender MpCmdRun.exe: -BuildSfc -ServiceHardening -SampleHeaderService -WriteLogsForSvc -WDEnable -ReloadEnginepic.twitter.com/aTLccGQk5h
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Med K proslijedio/la je Tweet
It’s with great pleasure I'm (finally) releasing my
@MISPProject docker images. Images are optimised for home and enterprise use. Some cleanup work to do (see issues), but its been in$work prod for months now. Github: https://github.com/coolacid/docker-misp … DockerHub: https://hub.docker.com/r/coolacid/docker-misp …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
From the folks that brought you Atomic Red Team, Chain Reactor is a new open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints. https://redcanary.com/blog/chain-reactor-framework-for-linux/ …pic.twitter.com/fkOISDk9YK
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
#DFIR#IR I think I’ve discovered Win32 application launch history / usage trace data that appears undocumented by the community. It logs 3rd-party apps too. Win32kTraceLogging.AppInteractivitySummary See Microsoft’s “Diagnostic Data Viewer” app. A massive trove of data pointspic.twitter.com/zLtDTliJ98
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information.https://github.com/depthsecurity/armory …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
Ooh, here's
@cybergibbons with a grand how-to on bypassing code readout protection using JTAG, OpenOCD, gdb and@IncludeSecurity's CRP bypass on the Nordic nrf51822 Bluetooth SoC https://www.pentestpartners.com/security-blog/nrf51822-code-readout-protection-bypass-a-how-to/ …pic.twitter.com/oubkomAacc
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
The claim in the FTI forensics report on Bezos’ iPhone that, “due to end-to-end encryption employed by WhatsApp, it is virtually impossible to decrypt the contents of the downloader [.enc file]...” bugged me so much that I coded up how to do it:https://github.com/ddz/whatsapp-media-decrypt …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
Good whitepaper about windows 10 secure kernel: "Live forensics on the Windows 10 securekernel (2017)" https://ntnuopen.ntnu.no/ntnu-xmlui/bitstream/handle/11250/2448948/18109_FULLTEXT.pdf …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
Hello,
#DFIR guys! Finally, I have released new 3 tools for#mac4n6 and#MalwareAnalysis for macOS. Please try them and have a nice weekend :) 1st tool: Norimaci is malware analysis sandbox for macOS. This tool was inspired Noriben sandbox. https://github.com/mnrkbys/norimaci … (1/3)Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
If you have ATP enable the NO-DEFAULT protections: 1)block office apps from creating child process and inject code to other process2)Block JS &VBS from launching downloaded executable content 3)Block credential stealing from lsass.exe and much morehttps://bit.ly/2TVkTjl
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
TLDR pages : Simplified, community-driven man pages w/ examples : https://tldr.sh/ http://cht.sh/ -->to quickly get access to community-driven cheat sheets. It has more than 60 programming languages and UNIX/Linux commands :pic.twitter.com/LgBhR1v448
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
IOCs, the decompiled C# code with deobfuscated strings, a registry data config decrypter (for those who are infected) and some information of the Project TajMahal malware sample uploaded in 2019 to Virustotal: https://github.com/TheEnergyStory/malware_analysis/tree/master/TajMahal …
#TajMahal#MalwareHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
https://challenges.re/ (Reversing malware challenges from Dennis Yurichev) https://malware-research.org/slack/ (Malware Research Slack group from GelosSnake) https://zeltser.com/malicious-software/ … (Basically all of Lenny Zeltser's blog) https://www.wiley.com/en-us/The+Art+of+Memory+Forensics%3A+Detecting+Malware+and+Threats+in+Windows%2C+Linux%2C+and+Mac+Memory-p-9781118825099 … (Art of Memory Forensics - Volatility crew)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Med K proslijedio/la je Tweet
Post-exploitation
#Friday tip: Do you know how to trivially & remotely hijack an#RDP session without prompt nor warning on user's side using#Microsoft signed binary (no patch/multi-session) ? qwinsta+mstsc shadowing is the answer ;) Details: https://github.com/kmkz/Pentesting/blob/master/Post-Exploitation-Cheat-Sheet …#Pentestingpic.twitter.com/wHVIYQo73A
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.