Lee Christensen

@tifkin_

I like making computers misbehave. Does stuff at .

github.com/leechristensen/
Vrijeme pridruživanja: siječanj 2011.
19 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @tifkin_

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @tifkin_

  1. 30. sij

    On this same note, disable Chrome sync in your organizations. I can't tell you how many times I've seen domain/server admin creds saved to Chrome with sync enabled. I can guarantee your admins' home computers and personal devices aren't secured as well as your corporate devices.

    I made the fatal mistake of syncing my Chrome stuff because a manual transfer of my Chrome profile wasn't working. Now if I try to disable Chrome sync, it wipes everything that was just synced on every machine. Does everyone just accept Chrome sync or what is the alternative?
    15 proslijeđenih tweetova 50 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    27. sij

    Big change coming to Windows Server this March - insecure LDAP requests will be rejected by default. That's a change in behaviour which will absolutely break things in some orgs How to get in front of the issue:

    30 replies 350 proslijeđenih tweetova 682 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    22. sij

    Despite its incredible security enhancements, PowerShell continues to be abused by adversaries. A strong knowledge of PowerShell enables defenders to effectively manage and respond to its abuse. (1/4)

    9 replies 181 proslijeđeni tweet 489 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    22. sij

    Here is the link to the SpecterOps Adversary Tactics: PowerShell course material: Enjoy! For information about our current training offerings, information can be found here: (4/4)

    20 replies 533 proslijeđena tweeta 952 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    22. sij

    Revisiting RDP lateral movement and releasing a project that will be part of a bigger tool coming next week

    25 replies 485 proslijeđenih tweetova 884 korisnika označavaju da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    22. sij

    I just published a ~45 page whitepaper on attacking and defending terraform infrastructure as code in GitHub. Includes attack scenarios, hardening, detections, etc. Deep thanks to and for their inspiration and research. ❤️ 1/3

    5 replies 164 proslijeđena tweeta 458 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    21. sij

    We released a Red Teaming book! Red Team Development and Operations. It's been a crazy project that has existed in many forms. It started as simple notes, came together as a SANS class, and will now live as a book. Read about it here.

    36 replies 256 proslijeđenih tweetova 750 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    21. sij

    It is common to hear people refer to the Johari Window (known knowns, unknown knowns, etc.) in discussions about infosec and detection. During detection engineering efforts which of the following do you find yourself more concerned with and why?

    6 replies 12 proslijeđenih tweetova 14 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    21. sij

    Just released Satellite, a payload hosting and proxy software for red team operations. In the blog post, I discuss the feature set of Satellite as well as why an operator would choose it over Apache or Nginx.

    8 replies 157 proslijeđenih tweetova 341 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    16. sij

    My favorite articles are the ones that walks you through the author methodology and strategy to find/exploit bugs. This is the case for last post on Chrome IPC vulnerabilities:

    27 proslijeđenih tweetova 76 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    13. sij

    I've been poking around the Windows kernel a lot lately and one of my favorite samples I've referenced is Mimikatz's driver, Mimidrv. I took some time and documented all of its functions and included some write-ups on important kernel structures. Post: 1/3

    265 proslijeđenih tweetova 516 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    6. sij

    New year, new on the information security team. Why Palantir? Our software has been used to stop terrorist attacks, develop new medicines, improve national defense, combat child trafficking, etc. InfoSec is germane to our existence. 1/n

    12 proslijeđenih tweetova 21 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    3. sij

    The offensive security community means a lot to me. Following 's great thread that injected some much needed infosec positivity, I wanted to highlight a few (offensive-ish) posts/talks that my team and myself enjoyed over the last year or so.

    231 proslijeđeni tweet 541 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    2. sij

    To bring in the new year here's a new blog post about empirically testing Windows Service Hardening to see if it is really not a security boundary even on Windows 10. h/t

    6 replies 154 proslijeđena tweeta 298 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    30. pro 2019.

    This is soooo useful. has a repo comprised of all ETW instrumentation manifests and classic MOF event schemas. If you ever want a reference to help answer "is there an event for THIS?", bookmark this. 🔥💯

    1 reply 118 proslijeđenih tweetova 297 korisnika označava da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    24. pro 2019.

    A lot of mud slinging on InfoSec twitter lately; I wanted to flip the script a bit and highlight the blogs, tools, talks etc that I keep coming back to on a regular basis, both as a defender and general InfoSec professional. Thread..

    438 proslijeđenih tweetova 1.390 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    23. pro 2019.

    I've been doing this more and more with interesting articles, vuln disclosures I think may vanish, and more. Highly recommend this after years of getting burned where my meticulous notes lead to 404'd sources.

    Side-note for professors & teachers: I made it a requirement for students to cite any URL as an 'd URL—meaning students had to archive before citing. This class alone created hundreds of archived sources, including obscure posts and whatnot. You should too.
    Prikaži ovu nit
    17 proslijeđenih tweetova 35 korisnika označava da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    20. pro 2019.
    Odgovor korisnicima i sljedećem broju korisnika:

    Offensive security tools, new ones that bypass current security measures, are absolutely required to be in the public space. It’s regulators thinking the opposite that hinder defense more than trying to keep these things secret. Same debate as 1853.

    5 replies 23 proslijeđena tweeta 56 korisnika označava da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    20. pro 2019.
    Odgovor korisnicima i sljedećem broju korisnika:

    These “paper trails” that don’t offer any actual real world control of the tool transfer amount to a regulatory burden that I and so many others fought so hard to exempt researchers & incident responders from having to deal with. The world you’re describing isn’t ideal. Opposite.

    3 proslijeđena tweeta 38 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    17. pro 2019.

    New blog post outlining how to use my .NET RPC Client tooling from PowerShell and C# to test and exploit local RPC security vulnerabilities. Also an early xmas present for those who enjoy long standing design flaws in UAC :-)

    1 reply 230 proslijeđenih tweetova 395 korisnika označava da im se sviđa
    Poništi

@tifkin_ još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·