Rustam Shirinov

@rsh1r1nov

- DFIR - Normal & Reverse engineering - Shitposting - ADEO

Vrijeme pridruživanja: srpanj 2017.

Tweetovi

Blokirali ste korisnika/cu @rsh1r1nov

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @rsh1r1nov

  1. Prikvačeni tweet
    17. stu 2019.

    is a Response IR tool aimed to help people to get their incident response tasks done in a short time with a little amount of help. Thanks to & for inspiring the CLI :) Thanks to team for the opportunity.

    Poništi
  2. proslijedio/la je Tweet
    2. velj

    ICYMI developed an online tool to convert Sigma rules into the query language of your choice FAQs What if my field values differ from the standard? What if I get too many false positives?

    Poništi
  3. proslijedio/la je Tweet
    1. velj

    1\ Malware sandboxes are useful but extremely limited. Here's a malware call graph, and in red are the functions the malware actually *executed* when run in a sandbox -- a miniscule fraction of the malware's potential badness!

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    1. velj

    Some essential process execution/cmd lines to monitor for initial access/persist. powershell cmd rundll32 control wscript javaw csc regsvr32 reg certutil bitsadmin schtasks wmic eqnedt32 msiexec cmstp mshta hh curl installutil regsvcs/regasm at msbuild sc cscript msxsl runonce

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    1. velj

    The biggest struggle I see from people transitioning from highly technical individual contributor roles to management roles is balancing their desire to remain technical while investing in things that are imperative to being a well rounded leader. That struggle is very real.

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    29. sij

    Bob Rossing a fucktup Apple

    Poništi
  7. proslijedio/la je Tweet

    Cobalt Strike kit for Lateral Movement

    Poništi
  8. proslijedio/la je Tweet
    Poništi
  9. proslijedio/la je Tweet
    28. sij

    [Educational] One of the best blog posts that I ever read about going from 0 to unauth RCE in f**king Mikrotik OS step by step:

    Prikaži ovu nit
    Poništi
  10. 28. sij

    a decent DFIR team + a decent APT scanner = A kick ass APT Radar

    Poništi
  11. proslijedio/la je Tweet
    27. sij

    Behaviour indicators of an Insider Threat via

    Poništi
  12. proslijedio/la je Tweet
    24. sij

    THOR Integration into Microsoft Defender ATP -exploring synergies and setup options - example with a 'quick start' solution (scanner on file share)

    Poništi
  13. proslijedio/la je Tweet
    24. sij

    Root-Me launches a "Pro version" dedicated to schools and companies who wish to train their teams/students, organize cybersecurity events (CTF, Hackaton, etc.) or detect new talents :

    Poništi
  14. proslijedio/la je Tweet
    15. sij
    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    11. sij

    One-liners that aids in penetration testing operations, privilege escalation and more

    Poništi
  16. proslijedio/la je Tweet

    Iranian APT Groups & Possible Commands Used By These Groups

    Poništi
  17. proslijedio/la je Tweet

    lateral movement techniques that can be used during red team exercises

    Poništi
  18. proslijedio/la je Tweet
    6. sij

    you can hunt for comsvcs_lsass memdump module via sysmon 10 and trgt image eq "lsass.exe" and calltrace contains "comsvcs.dll"

    Poništi
  19. proslijedio/la je Tweet
    30. pro 2019.

    Analysis of payload relevant to VISA fuel pump report (incident 2): I put the payload on VT (for static analysis): 3d5ae56c6746e0b3ed5b15124264a0d2 Credit to for initial shellcode. cc for tracking/sigs

    Prikaži ovu nit
    Poništi
  20. 26. pro 2019.

    Behind this lies sleepless nights, tired fingers and a diet consisting of coffee and junk food. I can't say it wasn't fun :)

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·