Isakov Denis

@vinegrep

Dad, husband, security enthusiast with passion for exploit dev and RE. All tweets are my own.

Vrijeme pridruživanja: veljača 2011.

Tweetovi

Blokirali ste korisnika/cu @vinegrep

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @vinegrep

  1. proslijedio/la je Tweet
    21. sij

    For relatives that are more prone to installing junk software bundlers, Windows Defender has protections for it that are only intended for Enterprise customers. However, you can force it on with this PowerShell: Set-MpPreference -PUAProtection enable It’s completely hidden...

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    20. sij

    It's here!!! Tell your colleagues, tell your friends, tell your grandma.

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    18. sij
    Poništi
  4. proslijedio/la je Tweet
    18. sij

    My first blog post on browser exploitation for . I'll look at how to pop xcalc on current Linux Spidermonkey given a relative (oob) rw bug. Spidermonkey is the JavaScript Engine in Firefox. Exploit code also supplied.

    Poništi
  5. proslijedio/la je Tweet
    15. sij

    exploit landed in ! With a useful 'check' command to check if you have vulnerable assets. And a meterpreter session if you need to demo something :) CVE-2019-19781

    Poništi
  6. proslijedio/la je Tweet
    14. sij

    We need your help to select the top 10 web hacking techniques of 2019! Cast your vote here:

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    13. sij

    New blog post on the Microsoft Cloud: What is Azure Active Directory? Post covers what Azure AD is, how it compares to on-prem Active Directory, connecting via PowerShell, and password spraying attacks, mitigation, & detection.

    Poništi
  8. proslijedio/la je Tweet
    9. sij

    Announcing BLAKE3! 🥳 * Faster than MD5, SHA-1, SHA-2, SHA-3, and BLAKE2 * Merkle tree: unlimited parallelism, verified streaming * Builtin MAC, KDF, XOF * One algorithm, no variants * Rust crate: Try it: cargo install b3sum

    Poništi
  9. proslijedio/la je Tweet
    10. sij

    My pinebook pro arrived yesterday, initial impressions are that this is the hacker friendly laptop of your dreams. You can kill (without OS involved) the mic / cam and wireless with fast button presses. It’s got 6 ARMv8 cores and enough RAM to qemu an iPhone. ❤️ it.

    Poništi
  10. proslijedio/la je Tweet
    11. sij
    Poništi
  11. proslijedio/la je Tweet
    10. sij

    Just published a new blogpost with more details about the Citrix ADC Remote Command Execution.

    Poništi
  12. proslijedio/la je Tweet
    9. sij
    Odgovor korisnicima

    I'll take a crack at this 😀 1. Identify SCCM Admin accounts 2. Compromise workstation in use by SCCM admin 3. Dump LSASS / keylog RDP to get account credentials 4. Connect to SCCM as admin 5. Build new package "Windows App Updates 20191229b" & deploy or something similar

    Poništi
  13. proslijedio/la je Tweet
    9. sij

    I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage:

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    9. sij

    Spray-AD, a new Kerberos password spraying tool for Cobalt Strike that might come in handy when assessing Active Directory environments for weak passwords (generates event IDs 4771 instead of 4625).

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    10. sij

    I was able to reproduce the Citrix ADC Remote Command Execution in one day. Guess you need to patch ASAP. -2019-19781

    Poništi
  16. proslijedio/la je Tweet
    8. sij

    How can you tell if someone works for a Fortune500? Don’t worry, they’ll tell you.

    Poništi
  17. proslijedio/la je Tweet
    2. sij

    Problem: Key management is hard. Solution: Just don’t.

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    1. sij

    Why not step into the next decade with WAF bypasses? Here are some gifts.😎 - Imperva <a69/onclick=write&lpar;&rpar;>pew - DotDefender <a69/onclick=[0].map(alert)>pew - Cloudbric <a69/onclick=[1].findIndex(alert)>pew Happy 0x32303230.😉

    Poništi
  19. proslijedio/la je Tweet

    It must be DNS Appreciation Day because I’m seeing a lot of resolutions.

    Poništi
  20. proslijedio/la je Tweet
    30. pro 2019.

    I have published a blog post: "Active Directory Security Fundamentals" - It contains a PDF with hands-on recommendations that you use to secure AD.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·