nafiez

@zeifan

Information Security / Reverse Engineering / Vulnerability Research / POC, HITB & NanoSec Speaker

Malaysia
Vrijeme pridruživanja: kolovoz 2010.

Tweetovi

Blokirali ste korisnika/cu @zeifan

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @zeifan

  1. Prikvačeni tweet
    12. ožu 2019.
    Poništi
  2. proslijedio/la je Tweet
    2. velj

    KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore,

    Poništi
  3. proslijedio/la je Tweet
    31. sij
    Poništi
  4. proslijedio/la je Tweet
    31. sij

    Want to see how the red team weaponizes threat intel for R&D and TTP development? Check out some research I did with and . Also includes some new executables that can be used for DLL abuse.

    Poništi
  5. proslijedio/la je Tweet
    31. sij

    Fuck it, I can't focus at all today. It's a mess, sorry.. I've also uploaded the discussed bug to github. Maybe someone can make sense of it. It's a junction bug that's a little more complicated then a simple "bait and switch". Hope it's useful to someone.

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    30. sij

    Just published a follow-up to my Adobe Reader symbols story on the Project Zero blog. Turns out there's even more debug metadata to be found in some old (and new) builds, including private CoolType symbols. Enjoy!

    Poništi
  7. proslijedio/la je Tweet
    27. sij

    Windows Kernel _IMAGE_DOS_HEADER::e_lfanew Denial Of Service/Memory Corruption

    Poništi
  8. proslijedio/la je Tweet
    30. sij

    A quick post on why you shouldn't use SYSTEM Tokens when you sandbox a process. Part 1 of N (where I haven't decided how big N is).

    Poništi
  9. proslijedio/la je Tweet
    28. sij

    [Educational] One of the best blog posts that I ever read about going from 0 to unauth RCE in f**king Mikrotik OS step by step:

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    28. sij
    Ovo je potencijalno osjetljiv multimedijski sadržaj. Saznajte više
    Poništi
  11. proslijedio/la je Tweet
    28. sij

    New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZure

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    28. sij

    My comments about the hubbub of AV vuln use finally being caught: Everybody with any experience knew it's going on. AV software was vuln-dev training material more than a decade ago. There were just sufficient economic reasons to ignore it until it became indisputable.

    Poništi
  13. proslijedio/la je Tweet
    23. sij

    New article! Anti-virus Exploitation: Malwarebytes 4.0.4 - Protection Not Found - Hijacking Malwarebytes via COM IPC

    Poništi
  14. 24. sij
    Poništi
  15. proslijedio/la je Tweet
    23. sij

    Microsoft have released an open source tool to analyze source code for vulnerabilities in almost any modern language:

    Poništi
  16. proslijedio/la je Tweet
    21. sij

    Senior Security Consultant describes the discovery of a privilege escalation in the Intel Trusted Connect Service Client and how to complete the in order to obtain local admin access

    Poništi
  17. proslijedio/la je Tweet
    22. sij

    Here is the link to the SpecterOps Adversary Tactics: PowerShell course material: Enjoy! For information about our current training offerings, information can be found here: (4/4)

    Prikaži ovu nit
    Poništi
  18. 23. sij

    Interesting. Do you have more sources on this ? Thanks!

    Poništi
  19. proslijedio/la je Tweet
    20. sij
    Poništi
  20. proslijedio/la je Tweet
    18. sij

    Windows kernel explorer: A free powerful Windows kernel research tool

    Poništi
  21. proslijedio/la je Tweet
    18. sij

    My first blog post on browser exploitation for . I'll look at how to pop xcalc on current Linux Spidermonkey given a relative (oob) rw bug. Spidermonkey is the JavaScript Engine in Firefox. Exploit code also supplied.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·