REni

@reni_ni

127.0.0.1
Vrijeme pridruživanja: srpanj 2009.
113 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @reni_ni

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @reni_ni

  1. proslijedio/la je Tweet
    27. sij

    Windows Kiosk breakout tip: If you get a Printing panel, and the traditional methods don't work: Amongst the printers, select "SendTo OneNote" OneNote will launch -> Add new notebook On the Notebook -> New page Type: \\127.0.0.1\c$\windows\system32\cmd.exe Click the link

    28 replies 651 proslijeđeni tweet 2.707 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    13. sij

    I've been poking around the Windows kernel a lot lately and one of my favorite samples I've referenced is Mimikatz's driver, Mimidrv. I took some time and documented all of its functions and included some write-ups on important kernel structures. Post: 1/3

    266 proslijeđenih tweetova 517 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    19. pro 2019.

    the cool thing about those 2 newly introducted MS security eventid 4799, 4798 is that they will capture any local group/user discovery attempts even if done via winapis, below an e.g. with the checkadmin.exe custom recon tool referenced in Operation Wocao :D

    6 replies 199 proslijeđenih tweetova 462 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. 19. pro 2019.

    Look what arrived in the mail today! 🤘🏼🥳. Another one bites the dust, whoop whoop. Thank you , for yet another awesome course! Very proud of this cert. Now onto more exploit dev and rop chaining for OSEE.... 🤯

    10 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    11. pro 2019.

    dotnet.exe [PATH_TO_DLL] Its just like doing python . (funny) dotnet.exe is trusted binary and Default AppLocker rule don't block it so its a valid AppLocker bypass. Similar to regasm.exe. CC

    127 proslijeđenih tweetova 329 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    10. pro 2019.

    DNS tunneling is not new again! I got ya covered. Detection with + ELK. Or whatever dns logs you got. Also, I discuss short comings w/ various detections. ie: Using “most unique subdomains” will probably lead to false positives in the real world

    98 proslijeđenih tweetova 274 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    10. stu 2019.

    My talk slides for "Top Ten Active Directory Security issues, impact, & remediation" posted on . Thank you to everyone who joined me and overflowed the theater! Link to talk recording (audio with slides synched) as well.

    Attending Microsoft Ignite? Interested in improving the security of your Active Directory? I've got you covered :) Wednesday Nov 6th The Hub: Partner Solution Zone - Theater 7 12:40pm to 1:00pm THR2232 Top Ten Active Directory Security issues, impact, & remediation
    89 proslijeđenih tweetova 223 korisnika označavaju da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    6. stu 2019.

    Because it keeps coming up, how about a thread on Emoji in passwords. So we (and you) can link to it in the future. Should they be allowed? For all practical purposes they can't not be. So, yes. Should they be heavily warned against? Yes. But why? Well...

    27 replies 508 proslijeđenih tweetova 879 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    6. stu 2019.

    Slides and video of my talk "A year of hacking Azure AD" are online! Contains my exploration of the unofficial "1.61-internal" version of the Azure AD graph and the resulting vulnerabilities😃 Slides: Video:

    145 proslijeđenih tweetova 315 korisnika označava da im se sviđa
    Poništi
  10. 6. stu 2019.

    Forensic techniques, modern malware and seeing CQURE edition in action, messing around with Cached Logon credentials. Thanks for 3 awesome talks today!

    1 proslijeđeni tweet 1 korisnik označava da mu se sviđa
    Poništi
  11. proslijedio/la je Tweet
    5. stu 2019.

    Burp Suite Pro 2.1.05 released, with experimental support for using Burp's embedded Chromium browser to perform all navigation while scanning. This new approach will provide a robust basis for future capabilities. Feedback welcome if you want to play now.

    16 replies 164 proslijeđena tweeta 500 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    5. stu 2019.

    you can create a dump whitelisting rule to prevent execution from ADS, process_name like "*:*" block (verified it as a hunt on prod, 0 hits), se.g. Bitpaymer ransom use this.

    18 proslijeđenih tweetova 53 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    30. lis 2019.

    Going to Microsoft Ignite? My session is about a week away! I will cover the Top ~10 issues we () discover during Active Directory Security Assessments for customers. Also covered is the impact and remediation of these issues.

    16 proslijeđenih tweetova 61 korisnik označava da mu se sviđa
    Poništi
  14. proslijedio/la je Tweet
    13. lis 2019.

    Detect suspicious keyboard layout loads with this config & Sigma rule > Example: Allows you to detect CN 🇨🇳, VN 🇻🇳, IR 🇮🇷 remote users that connect to your servers maintained by US 🇺🇸 staff only Sysmon Config Sigma Rule

    29 replies 809 proslijeđenih tweetova 2.055 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    8. lis 2019.

    Ever wondered what lies beneath that cool looking chip on your bank card? What does it do? Why is it there? Well here's a little pointless thread that delves into the magic using my card as an example

    35 replies 478 proslijeđenih tweetova 1.168 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    28. ruj 2019.

    Holy fuck

    45 replies 162 proslijeđena tweeta 1.066 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    18. ruj 2019.

    Retweet if you have taken down a network. I’ll go first.

    401 reply 773 proslijeđena tweeta 864 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    27. kol 2019.

    Code execution in via malicious AD Object 💛

    14 replies 378 proslijeđenih tweetova 756 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    17. kol 2019.

    Responder 2.3.4.0 has been released. This version includes a rogue RDP server supporting RDP clients ranging from Windows7 to Windows 10 (tested) and since MSFT recommends enforcing NLA, Responder collects these NLA NTLM hashes :) Enjoy!

    12 replies 588 proslijeđenih tweetova 1.118 korisnika označava da im se sviđa
    Poništi

@reni_ni još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·