Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @williballenthin
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @williballenthin
-
Willi Ballenthin proslijedio/la je Tweet
1/ Here's a thread on how to build the kind of security artifact "social network" graph popularized by
@virustotal and others, but customized, and on your own private security data. Consider the following graph, where the nodes are malware samples:pic.twitter.com/k7DsdBxJGb
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Willi Ballenthin proslijedio/la je Tweet
The team didn't reserve indicators associated with targeted actors in the production of this scanner. Some of the things included in this scanner are widespread, and others are so incredibly rare we only saw them affecting a single customer out of the thousands we support.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
In which we discuss an actor deploying a mitigation for the Citrix vuln, but also appearing to have a backdoor.https://www.fireeye.com/blog/threat-research/2020/01/vigilante-deploying-mitigation-for-citrix-netscaler-vulnerability-while-maintaining-backdoor.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
* not guaranteed to be a selfless action
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
ROFL at the internet white knight that's dropping payloads to inoculate Netscaler devices.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Here's what I've learned about disassembling programs using
@MiasmRe http://www.williballenthin.com/post/2020-01-12-miasm-part-2/ …pic.twitter.com/XL8um35epG
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Here's my first set of notes collected while learning
@MiasmRe to do Binary Analysis in Python3.http://www.williballenthin.com/post/2020-01-09-miasm-part-1/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Even Go code starts to look like BNF language definitions. See below. This makes it feasible to rapidly develop query languages or DSLs for specific tasks. Glad I don't have to stuff everything into YAML or inline Python.pic.twitter.com/gBMyvmMAEZ
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
In college, I came to understand that parsing (source code, structured text, etc.) was difficult. Yacc & Bison didn't seem easy to use. These days, I've learned there are easy and powerful solutions: things like Nom (Rust) or Parsec (Haskell).
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Willi Ballenthin proslijedio/la je Tweet
Any ideas for Masters/Bachelors thesis topics around malware analysis, reverse engineering, low-level security or other infosec topics? Please RT too - I get this question a lot and I always struggle to answer. So I hope to use our community's wisdom and send folks here :)
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
have you ever wished to have interactive buttons in your IDA Pro comments? https://gist.github.com/williballenthin/333525d2d02c1f6ff71763a285b39efe …pic.twitter.com/idsyofHnon
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Building an app this week that has: Lua extension points to a Go program compiled into WebAssembly that loads from TypeScript compiled into JavaScript. And somehow it works awesomely.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
By configuring CD with GH Actions then it should be easy to push new content, even via the GH new page editor! https://github.com/williballenthin/williballenthin.com/blob/master/.github/workflows/ci.yml …pic.twitter.com/HBW3kv6IJ5
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Updated the ol' website to use Hugo (instead of Jekyll). http://www.williballenthin.com/ pic.twitter.com/BFmDEPZVEp
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Willi Ballenthin proslijedio/la je Tweet
#DFIR#PSA Can confirm this! Just found APT evil in this file last week.
It was like finding money in your pocket after putting your winter coat on for the first time since last year. ConsoleHost_history.txt for the win.https://twitter.com/mattifestation/status/740242366754226176 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Parse Transactional Registry logs in 010 Editor using this template: https://gist.github.com/williballenthin/eeeb2796c112b9b12f09af782e7b91fb … Windows Scheduled Tasks uses the Transactional Registry to record tasks, so you can feasibly recover deleted tasks. Used this to find APT28 lateral movement last week.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
me: "I want to get the Cybertruck" wife: "We can talk about this later"
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
softball question on SO about macOS savedState files ...a thing I know a bit about!https://apple.stackexchange.com/questions/375746/how-to-read-and-manipulate-library-saved-application-state-com-apple-finder-sa/375747#375747 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Willi Ballenthin proslijedio/la je Tweet
This is an amazingly detailed work, and I am sure even many of those who solved this task can learn something new:https://twitter.com/Eleemosynator/status/1195679495468048384 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.