LOLBASline - a PowerShell tool designed to assess the presence and execution capabilities of Living Off The Land Binaries and Scripts (LOLBAS) on Windows systems. github.com/magicsword-io/…
Exciting times. I'm publishing Dittobytes today after presenting it at @OrangeCon_nl !
Dittobytes is a true metamorphic cross-compiler aimed at evasion. Use Dittobytes to compile your malware. Each compilation produces unique, functional shellcode.
github.com/tijme/dittobyt…
You want to load your shellcode in .NET without calling VirtualProtect? Use RuntimeHelpers.PrepareMethod to create a predictable RWX memory region for you. This method also doesn't require a delegate function pointer, since you override a .NET method.
github.com/Mr-Un1k0d3r/Do…
Last week, I focused on Active Directory Admins (ADAs).
x.com/PyroTek3/statu…
This week, let's look at built-in privileged groups:
* Account Operators - should be empty per Microsoft due to highly privileged access in AD.
* Backup operators - should only contain backup…
Last week, I focused on Active Directory Admins (ADAs).
x.com/PyroTek3/statu…
This week, let's look at built-in privileged groups:
* Account Operators - should be empty per Microsoft due to highly privileged access in AD.
* Backup operators - should only contain backup… https://t.co/WltLXFUcgt
I reverse engineered Lockbit's Linux ESXi variant, also explaining how I did some of the steps! For the fun of it, cause reverse engineering is lots of fun. Enjoy! hackandcheese.com/posts/blog1_lo…
Here’s a warning: as agents are granted more autonomy and integrated deeper into systems, security has to be a priority. In this post, @GaryMarcus and I explore the security issues of coding agents and show that fixes aren’t so easy. It’s gonna be wild. garymarcus.substack.com/p/llms-coding-…
Here is the full writeup on my full Bug Bounty Challenge, I documented. I hope this will answer all questions I keep receiving:
medium.com/@YourFinalSin/…
I have released all my prep notes prior to obtaining the #OSEE from @offsectraining. This includes material consumed before the AWE and after! You can find a link to it here:
github.com/wetw0rk/AWE-PR…
A tale of Reverse Engineering 1001 GPTs: the good, the bad and the ugly
Last year, I spent 5 months reverse engineering custom GPTs from @OpenAI.
In this video, I share all the learnings from: prompt engineering, injection, leaks, talk about plagiarism, protection prompts,…
Always nice to see kevs books making an appearance at Blackhat
Met some new faces today at the innovators and investment summit.
Left disappointed with the speaking content (perhaps I've been to one too many events).
Who are a few new faces in cyber that are great at…
356 Followers 370 Following👋 backend & distributed systems with jvm, webrtc, mobile with kmp & compose, a bit of web spa with angular; 🚧 building @heyshutterapp
93 Followers 446 FollowingRed team/Blue Team some might call this the Purple team. Consultant. Senior Cybersecurity Analyst in the financial services industry.
895 Followers 394 FollowingZimperium Inc. scholar, inventor.
FWIW opinions are my own.
Author of Fuzzing Against the Machine
founder @ https://t.co/1OJiGY3WHs
4K Followers 706 FollowingElastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
6K Followers 2K FollowingBack to Red Teaming. Risk Hunter. DEFCON Staff & CFP Board. MS in DF. Fmr Fire/EMS. Red and Blue. Builder. Morally Flexible. https://t.co/zakkIXeyHu @ bluesky
16K Followers 29 FollowingTechnical Twitter of QiAnXin Technology, leading Chinese security vendor. It is operated by RedDrip Team which focuses on malware, APT and threat intelligence.
11K Followers 297 FollowingTruth Seeker.
Catholic.
Hacker.
Prompter.
Techno-Ethicist.
Chasing my Apotheosis.
Views are correct.
Truth is at the intersection of Athens & Jerusalem
17K Followers 15 FollowingSecurity reviews and research that keep winners winning. We apply unmatched hacking talent to secure critical software for the most innovative teams.
2K Followers 1K FollowingPhD by @uc3m, I do things with compilers at QShield (@Quarkslab), co-author of 'Fuzzing against the machine', also RE and programming. English, Español, 日本語.
356 Followers 370 Following👋 backend & distributed systems with jvm, webrtc, mobile with kmp & compose, a bit of web spa with angular; 🚧 building @heyshutterapp
41K Followers 1 FollowingTweeting news from the world of information security that occurred or was announced on today's date in a previous year. Managed by @stevewerby.
175K Followers 283 FollowingBuilding a transparent defi dashboard at @defillama.
Code llama @llamapay_io @sealed_art @smolrefuel
Would rather be right than make money
14K Followers 179 FollowingInterested in programming, electronics, mechanics, and hand drawing.
blog: https://t.co/O70YitimtH
backup: https://t.co/Fu5pufJ3fw
9K Followers 422 FollowingPremier provider of Microsoft Intune and SCCM consulting services. With over 25 years of expertise, we specialize in delivering tailored solutions. Blog/Reports
943 Followers 574 FollowingCPO(Chief Product Officer) at 78ResearchLab, Hacking incident analysis, Digital Forensic, Research on hacking technique, Profiling hacking source.
5K Followers 161 FollowingThe Network and Distributed System (NDSS) Symposium is a leading security forum fostering information exchange among network security and research practitioners