Vlad

Hey Twitter, I built a thing, and I think it's pretty cool. FishCrypt is a server side database field encryption utility. PoC demo: https://fishcrypt.herokuapp.com/  (sign up and send me a message!) Code: https://github.com/glennzw/fishcrypt … #golang #infosec #webdev

The claim in the FTI forensics report on Bezos’ iPhone that, “due to end-to-end encryption employed by WhatsApp, it is virtually impossible to decrypt the contents of the downloader [.enc file]...” bugged me so much that I coded up how to do it:https://github.com/ddz/whatsapp-media-decrypt …

I've been poking around the Windows kernel a lot lately and one of my favorite samples I've referenced is Mimikatz's driver, Mimidrv. I took some time and documented all of its functions and included some write-ups on important kernel structures. Post: https://posts.specterops.io/mimidrv-in-depth-4d273d19e148 … 1/3

Ppl interested to learn about SSRF attacks 1. https://medium.com/bugbountywriteup/server-side-request-forgery-ssrf-testing-b9dfe57cca35 … 2. https://www.shorebreaksecurity.com/blog/ssrfs-up-real-world-server-side-request-forgery-ssrf/ … 3. https://hackerone.com/reports/115748  4. https://www.kernelpicnic.net/2017/05/29/Pivoting-from-blind-SSRF-to-RCE-with-Hashicorp-Consul.html … 5. https://geleta.eu/2019/my-first-ssrf-using-dns-rebinfing/ … 6. https://medium.com/@androgaming1912/gain-adfly-smtp-access-with-ssrf-via-gopher-protocol-26a26d0ec2cb … 7. https://medium.com/@w_hat_boy/server-side-request-forgery-ssrf-port-issue-hidden-approch-f4e67bd8cc86 … 8. https://medium.com/@armaanpathan/pdfreacter-ssrf-to-root-level-local-file-read-which-led-to-rce-eb460ffb3129 … Writeups

Responder 3.0.0.0 is out! Massive upgrade, support for both py3 and py2, many bug fix, enhancements and Q.A++ on all servers, poisoners and tools. Enjoy! ;)https://github.com/lgandx/Responder/releases/tag/v3.0.0.0 …

For anyone interested in my presentation on Local RPC in .NET the HITB version is now up on YouTube.https://youtu.be/2GJf8Hrxm4k 

This is soooo useful. @jdu2600 has a repo comprised of all ETW instrumentation manifests and classic MOF event schemas. If you ever want a reference to help answer "is there an event for THIS?", bookmark this. https://github.com/jdu2600/Windows10EtwEvents …

How to build a TCP proxy (Part 1) : Intro : https://robertheaton.com/2018/08/31/how-to-build-a-tcp-proxy-1/ … Fake DNS Server (Part 2) : https://robertheaton.com/2018/08/31/how-to-build-a-tcp-proxy-2/ … Proxy Server (Part 3) : https://robertheaton.com/2018/08/31/how-to-build-a-tcp-proxy-3/ … Fake Certificate Authority (Part 4) : https://robertheaton.com/2018/08/31/how-to-build-a-tcp-proxy-4/ … cc @RobJHeaton

Three years after 2016 election, we still don't know extent of Russian hacking efforts. Gov reports say Russians hacked an elections tech company & installed malware on its network. But the company says no. Here's my deep dive into that enduring mysteryhttps://www.politico.com/news/magazine/2019/12/26/did-russia-really-hack-2016-election-088171 …