Gabriel Ryan

@s0lst1c3

Researcher and Infosec Journeyman. Red / Blue multiclass battlemage . I enjoy low-level code and things without wires. Views are my own. 247

Denver, CO
github.com/s0lst1c3
Vrijeme pridruživanja: prosinac 2014.
163 fotografije ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @s0lst1c3

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @s0lst1c3

  1. Prikvačeni tweet
    20. pro 2019.

    In Part 2 of our series on ’s , we provide a deep technical dive into Opportunistic Wireless Encryption (OWE) and OWE Transition Mode at the management frame level.

    In early 2019, myself and set out to answer the question — “is Opportunistic Wireless Encryption (OWE) susceptible to abuse and attack, and if so, how?”. I'm pleased to present the 1st of a 3 part series documenting our work. ?
    16 proslijeđenih tweetova 23 korisnika označavaju da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    4. velj

    As promised, here is the follow up defensive blog to last weeks post on Attacking Azure.

    62 proslijeđena tweeta 158 korisnika označava da im se sviđa
    Poništi
  3. 3. velj

    Also, Python 2 is now deprecated.

    Yearly reminder to remove PowerShell V2 EVERYWHERE. Doesn’t matter what EDR , logging, witchcraft you have in place. If an attacker has access to the Posh V2 runtime, they can automatically bypass it all.
    2 proslijeđena tweeta 2 korisnika označavaju da im se sviđa
    Poništi
  4. 3. velj

    “The successful warrior is the average man, with laser-like focus.” - Bruce Lee Applies to all genders, but point taken

    7 korisnika označava da im se sviđa
    Poništi
  5. 1. velj

    Donated my hair to charity today. Should be enough for at least three wigs. 😝

    28 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    29. sij

    I added a mimikatz MemSSP style hook to Fermion, you can check out the code here => This is based on the great write-ups by &

    48 proslijeđenih tweetova 132 korisnika označavaju da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    28. sij

    New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZure

    12 replies 385 proslijeđenih tweetova 794 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    27. sij

    Move Faster, Stay Longer blog about extending CS and tools to go with it.

    7 replies 159 proslijeđenih tweetova 254 korisnika označavaju da im se sviđa
    Poništi
  9. 27. sij

    Guess what arrived at my front door this month morning!

    9 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    26. sij

    The claim in the FTI forensics report on Bezos’ iPhone that, “due to end-to-end encryption employed by WhatsApp, it is virtually impossible to decrypt the contents of the downloader [.enc file]...” bugged me so much that I coded up how to do it:

    1.184 proslijeđena tweeta 2.770 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    22. sij

    New from - Revisiting Remote Desktop Lateral Movement This post discusses RDP lateral movement by leveraging mstscax.dll. Steven also is releasing SharpRDP with corresponding detection guidance for this attack technique. Post:

    98 proslijeđenih tweetova 220 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    23. sij

    If you weren't aware of the reason PE timestamps in Win 10 binaries were nonsensical, Raymond's post explains the reason: to support reproducible builds.

    40 proslijeđenih tweetova 108 korisnika označava da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    23. sij

    The malware repurposing lab was my favorite one from the PowerShell course. It was designed to tie all the reflection concepts together where the students build a script to interact with a subversive .NET binary that an analyst might overlook.

    28 proslijeđenih tweetova 104 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    24. sij

    This is the book I wanted to write on Red Team. It's perfect and desperately needed. Every other book on red team leads with "Red team is a concept from the military" then promptly fails to cover how it's actually done inside modern orgs. Thank you so much !

    👀
    10 replies 13 proslijeđenih tweetova 130 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    22. sij

    Here is the link to the SpecterOps Adversary Tactics: PowerShell course material: Enjoy! For information about our current training offerings, information can be found here: (4/4)

    20 replies 533 proslijeđena tweeta 952 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    22. sij

    Revisiting RDP lateral movement and releasing a project that will be part of a bigger tool coming next week

    25 replies 485 proslijeđenih tweetova 884 korisnika označavaju da im se sviđa
    Poništi
  17. 22. sij

    COBOL punchcard ASMR

    COBOL is good Windows is bad
    1 korisnik označava da mu se sviđa
    Poništi
  18. 22. sij

    Picked up a couple of Startech racks for the new home lab. One pre-assembled, one unassembled. Amazing what you can find on Craigslist for free. Planning on making this a fun weekend project over the next couple of months.

    1 reply 4 korisnika označavaju da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    21. sij

    Hey Defender friends. Turns out that removing those services with Unicode/non-printable characters is pretty hard, so I wrote you a tool to help with that. I'll be releasing the offensive PoC later this week or early next week.

    1 reply 102 proslijeđena tweeta 186 korisnika označava da im se sviđa
    Poništi
  20. 22. sij

    Our interns are downright scary. 😆

    Our first intern, created a project called Satellite to automate C2 traffic redirection. In this post, he talks about some of the keying, proxying, and filtering options of the project. Read more here: Project link:
    1 reply 5 korisnika označava da im se sviđa
    Poništi
  21. proslijedio/la je Tweet
    17. sij

    How every correlation study sounds

    2.861 proslijeđeni tweet 8.184 korisnika označavaju da im se sviđa
    Poništi

@s0lst1c3 još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·