Jake 鬼 @_gui3_
Senior Consultant - Proactive Services @ Google | Mandiant OSCE | OSCP | OSWP Joined August 2018-
Tweets78
-
Followers25
-
Following244
-
Likes409
SharedMemUtils - A simple tool to automatically find vulnerabilities in shared memory objects (commonly used for IPC in Windows services) This tool immediately uncovered potential exploitation routes in both Nvidia and Dell Audio services on my system. x86matthew.com/view_post?id=s…
Converting LFI into RCE by chaining PHP encoding filters - superb research by @_remsio_! synacktiv.com/publications/p…
It was great to be back at EY Tower for the first time since 2020 for another DC416 event last night! Thank you to the entire @EYCanada CTM team for hosting and sponsoring us! It was a night filled with networking and learnings from Jake Adelson & Samy Ghannad! 1/3
[HackTip ⚒] When hunting for access to 3rd-party apps during the post-compromise phase, it might be useful to launch the Task Manager with PsExec as LocalSystem – after that dropping into someone’s logon session is as simple as right-clicking and ‘Connect’ into it 👹
I figured out that "C:\Windows\System32\certoc.exe -LoadDLL <DLLName>" can be used for loading DLLs. It looks like an alternative #lolbin to regsvr32.
@424f424f and I dropped some new initial access TTP's for your red team engagement at @WWHackinFest. You can leverage RDP files to bypass email attachment blocklists to plant C2 binaries, exfil data & steal clipboards.. or just phish Azure tokens! #wwhf slideshare.net/MichaelFelch/s…
Windows escalation with an OMG cable: from Guest account to System user! Razer hasn’t fixed this for over a year now. o.mg.lol
Threat Hunting/Red Team #ProTip: I see a lot of people using single appdomains for executing C# directly in the main beacon/badger process in order to avoid loading CLRs over and over again. But what most people don't know about this is that Clr.dll, (1/3)
Windows privileges determine the type of operation a user account can perform on the OS and are sometimes abused by attackers. If you've ever wanted to know what a privilege is for, I've created the ultimate cheat sheet that shows all Windows privileges on one page!🤓 #infosec
Passed onto me by @Cyb3rWard0g microsoft.com/security/blog/… Machine learning for offensive security.
Neat command from Ippsec :D find / -newermt "2021-02-12" -newermt "2021-02-19" -ls| grep -v ' /etc\| /var/lib\| /sys\| /proc\| /boot' It finds files from when a box was created then finds stuff the author of a box planted for the CTF :D
did you know? the syscall for WinAPI function GetAsyncKeyState queries the global keymap gafAsyncKeyState (exported) in the kernel. you can poll for keystrokes w/o registering a hook, installing a filter driver, or calling the WinAPI func- bypassing like 100% of A/Vs and ACs lol
Hi all, MS-RPRN to coerce machine authentication is great but the service is often disabled nowadays by admins on most orgz. Here is one another way we use to elicit machine account auth via MS-EFSRPC. Enjoy!! :) github.com/topotam/PetitP…
EDR products hate DLLs
This was circling around last week but seems under appreciated mdpi.com/2624-800X/1/3/…
#Protip: A lot of people don't understand that no matter how you encrypt/encode your shellcode in a C-stub, any good EDR which hooks WriteProcessMemory and analyses the RDX register can view the cleartext shellcode.. Unless your shellcode decodes/decrypts during execution itself.
#Protip: You can query a remote system's IPC share for it's full system path (NetShareEnum) to identify whether you have admin privs on that host; to maintain stealth instead of checking the admin share (C$) since IPCs do generate a lot of noise by default.
Evade AV by deleting your payload before running it. Introducing Process Ghosting 👻: elastic.co/blog/process-g…
New blog: Payload generation with mingw. Walks through writing a PIC stager to load a mock implant, then a small server to patch the host/port/etc., compile both w/ mingw, and extract stager shellcode + convert implant w/ sRDI. passthehashbrowns.github.io/dynamic-payloa…
Just found malware being hosted on a steam profile inside an image! That's the first time I see someting like that @malwrhunterteam
Rajiv Gandhi @gandh28632
3 Followers 160 Following
wh0crypt @wh0crypt
140 Followers 464 Following CTF Player👾 🎓 Computer Engineering at ULL 💻 Cybersecurity, Cryptography & SysAdmin
el_d33 @el_d33
1K Followers 690 Following Pentester, Polymath, EMET fanboy, well informed layman, reluctant cyborg & Pastafarian CryptoGeek @[email protected]
Leytapsat @leytapsat51436
67 Followers 5K Following
Snow @iLickLandmines
6 Followers 288 Following
Mohammed Taha @a1pha0210
8 Followers 352 Following
Adithya Chandra @Adi_Cha_
48 Followers 698 Following Research Scientist - @TrellixARC Security Researcher | Blue Team | Red Team | Threat Hunting | Detection Engg. 🌌🔭 ExploitDB-GHDB-author ID=10689
tas_kmanager@infosec.... @tas_kmanager
928 Followers 2K Following ☁️🛡️ opinions are mine. food, music and astrophotography when afk. @TheDFIRReport @CuratedIntel #ThreatHunting #DetectionEngineering #DFIR #CloudSecurity
Anni @Anni11907620
2 Followers 7 Following Throwaway twitter to contact Eric for MSP430/MCP2515 Help
FraggleRock @schuran
276 Followers 345 Following Sr. Solutions Architect. Hobbies include payment, web, iOT security research. Red Team Volunteer. Bills Mafia volunteer.
haxxofreak @haxxorfreak
39 Followers 626 Following
Hyperion Gray @HyperionGray
5K Followers 4K Following Software & Security Research, Penetration Testing, Ethical Hacker Education
ΜΔDΞRΔS @hackermaderas
22K Followers 14K Following Home of #CyberpunkisNow. Hacker, researcher, writer, creating original #Technology #InfoSec #OSINT #Privacy content & analysis.
Quinton Els @samuraiquin
226 Followers 2K Following entrepreneur, fun lover and all round living life. Love my wife and kids with everything I am.
Marty Dusek @madusec
911 Followers 5K Following #cybersecurity, #infosec, #pentesting, #CTF, #bugbounty, #bugbountytips, #OSCP, #OSCE, #hackerone, #bugcrowd, #HackTheBox, #offensivesecurity, #TryHackMe
Belphegor @hfs_belphegor
828 Followers 1K Following summoner of demons | reinventor of wheels | shifter of bits | king of cups | plague doctor | visionary of tunnels | 1/4 of @HackForSatan
rob adelson @RobAdelson
23 Followers 300 Following
Louis Dion-Marcil @ldionmarcil
2K Followers 746 Following vegan btw. appsec @ mandiant/google cloud. opinions my own etc @ldionmarcil.bsky.social
el_d33 @el_d33
1K Followers 690 Following Pentester, Polymath, EMET fanboy, well informed layman, reluctant cyborg & Pastafarian CryptoGeek @[email protected]
MalDev Academy @MalDevAcademy
17K Followers 5 Following Providing specialized, module-based security training and resources designed for cyber security professionals
Black Hills Informati... @BHinfoSecurity
48K Followers 2K Following Specializing in pen testing, red teaming, and Active SOC. We share our knowledge through blogs, webcasts, open-source tools, and Backdoors & Breaches game.
Darknet Diaries @DarknetDiaries
123K Followers 1 Following True stories from the dark side of the Internet. Host @jackrhysider. New episodes released on the first Tuesday of each month. Discord: https://t.co/bZZRR8C59R
ʝօʄʄ ȶɦʏɛʀ �... @joff_thyer
5K Followers 846 Following Penetration Tester, Security Researcher, Developer, Musician, Certified SANS Instructor, @SecurityWeekly Co-Host, and occasional Tweetl33tist.
Beau Bullock @dafthack
18K Followers 659 Following Hacker, trainer, and guitarist | Black Hills InfoSec #RedTeam | @BreakForge Training | Produces music to hack to at @N0BANDW1DTH
x86matthew @x86matthew
21K Followers 189 Following C / asm / system emulation / reverse engineering. @the_secret_club
Trace Labs @TraceLabs
25K Followers 2K Following NFP with the mission of #crowdsourcing OSINT to help find #missingpersons while training members in the tradecraft of #OSINT | Contact us at [email protected]
Coldzer0 @Coldzer0x0
1K Followers 380 Following Senior Offensive security engineer @EG_CERT | { Opinions are my own } Offensive Tools Developer, Malware Analyst, Reverse Engineer 🦠
waldoirc @waldoirc
3K Followers 626 Following Trying to figure out how computers work. Figuring out SDR, IOT, and Mobile exploitation. https://t.co/rLZFU0dOBy
Jiayuan @tisoga
96K Followers 1K Following Building @devv_ai → first coding agent that helps you ship AI-powered products.
rootsecdev @rootsecdev
26K Followers 1K Following Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
Adrian Korn @AK47Intel
2K Followers 698 Following Passionate about all things #OSINT and #ThreatIntel Organizer of @defcon_toronto
siri@fu4k1 @sirifu4k1
7K Followers 309 Following Web Pentest & girl hh & share anything ithink useful about infosec. follow me! 🇸🇬
Alh4zr3d @Alh4zr3d
24K Followers 276 Following Legal Criminal | Twitch cult leader | InfosecPrep founder | Lovecraft scholar | Soros mercenary | Spiritual cargo shorts wearer | Cthulhu fhtagn
&!^ @ANDnXOR
9K Followers 916 Following We make stuff. We drink beer. In no particular order. @zappbrandnxor @Hyr0n1 @lacosteaef @F4NCI3 @cr4bf04m @5n4ck3y #mattdamon
Joona @joohoi
6K Followers 730 Following Hacks for beer. FOSS, infosec and privacy. Chaotic good. Head of Security Testing at @visma
wrongbaud @wrongbaud
5K Followers 1K Following Cars, Bikes, Coffee and Embedded Systems Security | Founder @voidstarsec Training and Consulting https://t.co/0ib8fK31Ib https://t.co/YzN9K2LaST
Marc Smeets @MarcOverIP
5K Followers 435 Following Does a thing or two with red teaming @OutflankNL | part time race and drift car instructor
Charlie Clark @exploitph
5K Followers 1K Following
Porchetta Industries @porchetta_ind
5K Followers 3 Following A centralized platform for organizations to support the developers of Open Source Infosec/Hacking tools.
ege @egeblc
4K Followers 1K Following Malware enthusiast. Reverse engineer. Threat Intel @PRODAFT, FPV drone pilot 🚁 @[email protected] https://t.co/QnOokdPYYy
[audible]blink @4lex
2K Followers 316 Following 🇲🇽 • Keyboards • Coffee • Drums • Woodworking • Astrophotography • Archery • Army Vet - 15X • Self Hating Red Teamer • Legitimate Business Practice
Sophos X-Ops @SophosXOps
73K Followers 323 Following A task force composed of our SophosLabs, SecOps, and SophosAI teams working together towards one goal: protecting our customers.
kmkz @kmkz_security
19K Followers 2K Following Offensive Security, pom-pom girl... Who cares ?? Bourbon Offensive Security Services | BOSS
MG @_MG_
50K Followers 717 Following Nightmare Reifier. I sell some of them too: https://t.co/5HhKqfxtda & https://t.co/9flQ1nSPZ2
DilDog 🅅 @dildog
14K Followers 1K Following
topotam @topotam77
4K Followers 689 Following All I know is that I know nothing. I like Windows, Active Directory and IoT/Hardware hacking. "Responsable mais pas coupable" de PetitPotam
spotheplanet @spotheplanet
11K Followers 144 Following Hacking the planet at https://t.co/ifUgKQtEYV. Buy me a vinyl at https://t.co/SO41y55HJL
Madhukar Raina @Parad0xCyber
1K Followers 140 Following Security Researcher | Previously threat research @Zscaler/@Securonix | Blog @ https://t.co/8j1uV0aGPx | #DFIR #MalwareAnalysis #ActiveDirectory
@[email protected]... @1njection
8K Followers 4K Following Focused on hacking! Check out my new book on real-time computer conflict and deception below
stacksmashing @ghidraninja
48K Followers 451 Following Security researcher with a focus on hardware & firmware. I occasionally publish stuff on YouTube. Co-founder of @hextreeio. Contact: [email protected]
nico n. @Nico_n_art
3K Followers 663 Following ░ { she/her } ▒ Pixel artist/ditherpunk ▓ Human worker █ Available for work █ Main: @nowk_n █ Merch: https://t.co/IAZ4Uttr5I
Josh @passthehashbrwn
10K Followers 332 Following Adversarial Simulation at IBM, tweets are mine etc.
test domain @User2Micro
721 Followers 4K Following
Battle Programmer Yuu @netspooky
20K Followers 1K Following knuck if you buck 日本語/español OK (he/they) @tmpout @binarygolf @[email protected] (fedi) @ https://t.co/mZ77OENytt (bsky)
The DFIR Report @TheDFIRReport
62K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion. Services: https://t.co/XW613EKt2w
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows | Interested in Security, Debugging, and Windows Internals.
Sean Metcalf @PyroTek3
36K Followers 615 Following Identity Security Architect @ TrustedSec. Microsoft Certified Master #ActiveDirectory & former Microsoft MVP. Co-Host @ Enterprise Security Weekly. He/Him. #BLM
Paul Seekamp @nullenc0de
17K Followers 608 Following I spend a significant amount of time reading security stuff. Co-Founder/Partner @CoastlineCyber https://t.co/ZQT5L8q2RO
Trends for United States
You might like
