Ronnie Flathers

@ropnop

security guy, pentester, researcher. i sometimes blog and code based on motivation/caffeine levels. Currently leading product appsec

Chicago
blog.ropnop.com
Vrijeme pridruživanja: listopad 2013.
139 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @ropnop

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @ropnop

  1. 4. velj

    So much fun presenting this! Happy to share my slides for "Don't Cross Me! Same Origin Policy and all the 'cross' vulns". SOP is an important topic I feel is not adequately explained and understood by many developers and security pros.

    19 proslijeđenih tweetova 44 korisnika označavaju da im se sviđa
    Poništi
  2. 2. velj

    Anyways I'm pretty happy with these slides so far. I really don't think you can fully grok XSS and CSRF without putting them in context of SOP

    1 reply 4 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  3. 2. velj

    Me: I'll make some quick overview slides of XSS and CSRF Me: But I can't really explain those without first explaining the SOP and browser security model Me: ... (40 slides later) Me: okay, here's a quick overview of XSS and CSRF 🙃

    9 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    29. sij

    Anyone out there deploying container workloads over K8S and using an NGFW to protect those workloads? If so I’d love to discuss. Please R/T.

    1 reply 1 proslijeđeni tweet 4 korisnika označavaju da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    22. sij

    Revisiting RDP lateral movement and releasing a project that will be part of a bigger tool coming next week

    25 replies 485 proslijeđenih tweetova 884 korisnika označavaju da im se sviđa
    Poništi
  6. 20. sij

    Alright, flipped the switch and is now hosted with and Hopefully no issues, but lmk if I broke anything or links don't work anymore

    Thinking of migrating my blog to pure static using and . Copied over all my posts and trying to make it look/feel the same. Any thoughts or feedback?
    1 proslijeđeni tweet 1 korisnik označava da mu se sviđa
    Poništi
  7. proslijedio/la je Tweet
    20. sij

    Hi Blue/CTI. It's me. Would you be willing to test something? It's a tool that takes an IP and tells you if it's Empire. That's it. I don't have access to the kind of sample data you do. Is something like this useful to you in your day to day?

    7 replies 36 proslijeđenih tweetova 118 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  8. 20. sij

    Thinking of migrating my blog to pure static using and . Copied over all my posts and trying to make it look/feel the same. Any thoughts or feedback?

    8 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    14. sij

    Don’t forget: we’re THIS WEDNESDAY! Join a great group of infosec and cigar nerds in The West Loop at ⁦⁩ around 5! Cigar noobs always welcome!

    3 proslijeđena tweeta 4 korisnika označavaju da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    14. stu 2019.

    🥳To celebrate the 1st year anniversary of my . I decided to public the beta version of - a framework for web application testing. Enjoy! 🥳

    20 proslijeđenih tweetova 87 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    6. sij

    As pipelines get more complex and distributed, making the shift from a "push" to "pull" model makes so much sense. Lots of opportunity to limit attack surface using this model.

    1 reply 3 proslijeđena tweeta 17 korisnika označava da im se sviđa
    Poništi
  12. 18. pro 2019.

    Can't wait!

    TONIGHT! Come join us at for a Cigarsec Meetup, 5pm! And take advantage of some specials for us: 20% off accessories, 20% off house blends, and 20% off Opus X's! Noobies welcome as always - see you there!
    1 korisnik označava da mu se sviđa
    Poništi
  13. proslijedio/la je Tweet
    17. pro 2019.

    New tool: rubeus2ccache Generates ccache files directly from Rubeus dump output. Major thanks to for basically writing anything hard. Merry Christmas Red Team! 🎄

    100 proslijeđenih tweetova 228 korisnika označava da im se sviđa
    Poništi
  14. 16. pro 2019.

    Come join us Wednesday!

    Don’t forget about us THIS WEDNESDAY! Join us at from 5-7 for smokes and jokes! Newcomers are very welcome!!
    1 reply 1 korisnik označava da mu se sviđa
    Poništi
  15. proslijedio/la je Tweet
    16. pro 2019.

    Tossing PDFs like it’s 1999 – mjesto: Norris Conference Center

    26 proslijeđenih tweetova 93 korisnika označavaju da im se sviđa
    Poništi
  16. 14. pro 2019.

    Oh and maybe finally get around to submitting to the CFP. Got some deliciously evil ideas on red teaming DevOps toolchains I think it's time to share ;)

    8 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. 14. pro 2019.

    Now gonna fire up the and nerd out while the year hopefully comes to a relaxing close :) Happy holidays!

    1 reply 2 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  18. 14. pro 2019.

    And cut a release of the Impacket static binaries to be on par with latest v0.9.20 release. Also updated my Docker image rflathers/impacket to use Python 3 now that it's supported. Great work as always,

    1 reply 1 proslijeđeni tweet 15 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. 14. pro 2019.

    Pushed an update to the serverless toolkit too. Since I released it, no longer supports arbitrary Docker images, so I reworked them all to be pure functions. Unfortunately can't port them all, but theyre still super helpful!

    1 reply 4 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  20. 14. pro 2019.

    New version of Kerbrute released. Some minor improvements and added a --delay option if you want to slow things down and be stealthier. Big thanks to for the PR!

    1 reply 1 proslijeđeni tweet 6 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi

@ropnop još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·