Chris Mallz

@vvalien1

Hacking, Shells, 0-day, and I have my OSCP

Ohio, USA
Vrijeme pridruživanja: lipanj 2015.

Tweetovi

Blokirali ste korisnika/cu @vvalien1

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @vvalien1

  1. Prikvačeni tweet
    3. velj 2017.
    Poništi
  2. proslijedio/la je Tweet
    29. sij

    Bob Rossing a fucktup Apple

    Poništi
  3. proslijedio/la je Tweet
    prije 13 sati

    FakeLogonScreen - A utility to fake the Windows logon screen in order to obtain the user's password. The password entered is validated against the Active Directory or local machine to make sure it is correct and is then saved to disk.

    Poništi
  4. proslijedio/la je Tweet
    2. velj

    kerbrute - An script to perform kerberos bruteforcing by using impacket

    Poništi
  5. proslijedio/la je Tweet
    1. velj

    is a C# utility to steal a user's password using a fake Windows logon screen. This password will then be validated and saved to disk. Useful in combination with 's execute-assembly command.

    Poništi
  6. proslijedio/la je Tweet
    31. sij

    Pushed a new Rubeus release after getting some additional feedback from our most recent AT:RTO students. The full changes are detailed here . To highlight a few new features- "/nowrap" globally prevents base64 blobs from line-wrapping, (1/4)

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    27. sij

    I had to get a background check for my job, and it turns out the report is a 300+ page pdf of every single tweet I’ve ever liked with the work “fuck” in it. Enjoy your dystopian bs! *waves*

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    1. velj

    For anyone wondering, yes it’s written in C# and yes I will be totally adding it as a SILENTTRINITY module if I can get the source code (a few changes need to be made in order for it to run in memory).

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    31. sij

    Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS -

    Poništi
  10. proslijedio/la je Tweet
    30. sij

    A quick post on why you shouldn't use SYSTEM Tokens when you sandbox a process. Part 1 of N (where I haven't decided how big N is).

    Poništi
  11. proslijedio/la je Tweet
    29. sij

    We have just pushed some *big* updates to Ghostwriter's master branch that I think you'll like. We've got WYSIWIG editors, autocomplete, new reports, and more! Check it out:

    Poništi
  12. proslijedio/la je Tweet
    29. sij

    I added a mimikatz MemSSP style hook to Fermion, you can check out the code here => This is based on the great write-ups by &

    Poništi
  13. proslijedio/la je Tweet
    28. sij

    For those of you who have been using Kali Linux since it was called Backtrack you will sad and happy to hear that root/toor is dead Dark theme and new icons also available! Kali Linux 2020.1 Release

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    27. sij

    If 's DotnetToJScript is blocked on newer versions of Windows or if it gets flagged by AMSI, you can use Excel automation via a COM object as an alternative to execute shellcode from JScript or VBScript w/o touching disk. PoC for x86 & x64 here:

    Poništi
  15. proslijedio/la je Tweet
    25. sij

    Just finished the writeup for my learning process to replicate the CVE-2019-19470, I also public the source code for exploit and a Masquerade-PEB C#. Hope you enjoy!

    Poništi
  16. proslijedio/la je Tweet
    25. sij

    Our discord community is growing quickly! We'll be performing more ad-hoc and weekly live streams of hacking, TTP's, etc with several hosts from around the industry and occasional special guests. Come join the fun!

    Poništi
  17. proslijedio/la je Tweet

    Some dude who works at $localSecurityCompany just lectured me on bus opsec because he could tell by the labels on my laptop I was a hacker. My dude... it's when you see me with a BLANK computer you need to be suspect. Bad guys don't come with warning labels.

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    19. sij
    Poništi
  19. proslijedio/la je Tweet
    24. sij

    Post-exploitation tip: Do you know how to trivially & remotely hijack an session without prompt nor warning on user's side using signed binary (no patch/multi-session) ? qwinsta+mstsc shadowing is the answer ;) Details:

    Poništi
  20. proslijedio/la je Tweet
    23. sij

    I wrote a secret scanner tool and published it under my employer's GitHub org. Since I don't have much Twitter reach I appreciate any RTs! It currently will scrape Git, S3, and GDocs for secrets, and written in Rust for high performance.

    Prikaži ovu nit
    Poništi
  21. proslijedio/la je Tweet
    23. sij

    Microsoft have released an open source tool to analyze source code for vulnerabilities in almost any modern language:

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·