-
Tweets43
-
Followers61
-
Following72
-
Likes135
A couple of blog posts for learning about Linux process injection (specifically sshd injection for credential harvesting) @_xpn_: blog.xpnsec.com/linux-process-… @jm33_m0: jm33.me/sshd-injection… #processinjection #redteam #cybersecurity
Slides for my @BSidesDublin 2022 talk, "Does this thing actually work?" docs.google.com/presentation/d…
This week I learned that resource-based constrained delegation can be (ab)used as a means for LPE. Low priv shell -> create machine account -> Webdav -> coerced auth -> RBCD -> LPE Special thanks to Adam Crosser from @praetorianlabs for his blog. Ref: praetorian.com/blog/red-team-…
I found out "C:\Windows\System32\WorkFolders.exe" (signed by MS) can be used to run arbitrary executables in the current working directory with the name control.exe. It's like a new rundll32.exe #lolbin but for EXEs!
Just found another Microsoft Office sandbox escape for MacOS🍏 This one is instant as well, fire and escape 😈
I finally got around to posting something I was testing last year. Maybe not ground breaking, but some interesting tidbits I hadn't really seen before. pwnshift.github.io/2021/08/12/has…
A growing number of cybercriminals are switching from conventional #programming languages to "exotic" languages—such as Go, Rust, Nim, Dlang—for #malware development that can bypass security, and complicate reverse-engineering efforts. Read: thehackernews.com/2021/07/hacker… #infosec
New blog: NTLM relaying to AD CS - On certificates, printers and a little hippo dirkjanm.io/ntlm-relaying-… Tool release - PKINITtools: github.com/dirkjanm/PKINI…
I added a new "flavor" to the Transacted Hollowing PoC: github.com/hasherezade/tr… - this time merging it with #ProcessGhosting
Process Herpaderping - A Method of Obscuring the Intentions of a Process by Modifying the Content on Disk after the Image has been Mapped github.com/jxy-s/herpader…
Added InjectCheck to my github.com/D00MFist/Persi… project. InjectCheck is a JXA macOS Process Injection Checker leveraging the codesign APIs. The tool enumerates the Hardened Runtime, Entitlements, and the presence of Electron files to determine possible injection opportunities.
DLL Hijacking persistence by @duff22b, Unauth RCE for HP 💻 Manager from @nickstadb, 🐧 package manager persistence by @pwnshift, malware unpacking methods from @Marco_Ramilli, criticals in 🍎 infra by @samwcyo, DLL hijacking for LM by @domchell, and more! blog.badsectorlabs.com/last-week-in-s…
I've posted my first blog, which is about using package managers for persistence: pwnshift.github.io/2020/10/01/per…
[Credential Harvesting Trick] Using a Windows .theme file, the Wallpaper key can be configured to point to a remote auth-required http/s resource. When a user activates the theme file (e.g. opened from a link/attachment), a Windows cred prompt is displayed to the user 1/4
Quick coupling of Windows Defender MpCmdRun.exe LOLBAS (found by @mohammadaskar2) and using regsvr32 to get around Windows Defender. Before and after. Fun with #LOLBAS
The upcoming talk about writing malware in go I’ll give with with @carsons_5 will be streamed: youtu.be/MYWR13kO8JM
[BLOG] The Future of Adversaries is Software Development A weather report depicting why APEX predator adversary groups must build custom coded toolkit and why you should start learning to develop code today if you want your red team to model them. link.medium.com/bVnZsJOL6X
Just stumbled across iTerm's instant replay feature. Command+Option+b = TIVO for your terminal.
[email protected]... @KyanHexagon
436 Followers 3K Following Honest but earnest. Doing my best and trying to do good recklessly. A slow burner. Computers?! ペネトレーションテストエンジニア
bngr @bngrsec
213 Followers 452 Following Trust me, i'm from IT | 2x @defcon🥇 | Tweet Ghostwriter | Jeff Probst is my dad | #SecKC #Formula1 #Survivor
محسن بیچاره @M0h3xN
18 Followers 211 Following
Brett Fitzpatrick @_brettfitz
751 Followers 499 Following security, stonks, games. Senior Security Engineer. Previously IronRadar. Developing proactive threat intelligence capabilities.
Peter @Peterininder
37 Followers 936 Following
Bethany @betheimi
13 Followers 98 Following
Loui Blake @LouiBlake2
5 Followers 169 Following
n00py @n00py1
13K Followers 963 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
Morgan Demboski @MorganDemboski
1K Followers 701 Following Cyber Threat Intel Analyst 🏹 @Sophos | A self-proclaimed expert in cyber & geopolitics (opinions = my own)
zha0 @zha0
120 Followers 3K Following
Joe Stocker @ITguySoCal
8K Followers 1K Following Christian Family Man, CEO of Patriot Consulting (Microsoft Security Partner) Author of "Securing Microsoft 365" Microsoft MVP (Security) (2020-present)
Myl @mylwaremyk
11 Followers 52 Following
0x4d @0x4d_
2K Followers 1K Following
th3y @_th3y
2K Followers 2K Following Pentester | webapp security researcher | OSCP/OSWE | Personal account | opinions are mine 😶
Luis Bayanilla 🇵�... @LuisBayanilla
77 Followers 1K Following from Borinquén | Cyber Security Engineer/Leader | Veterano
CyberSecuritySalesMan @CSSalesMan
574 Followers 3K Following Cybersecurity sales-man. I sell the best cyber cyber stuff. Words of wisdom. The most in-depth analysis of the cyber-world. I failed my own Turing test.
Mehedi_Hasan @MehediH56381372
11 Followers 121 Following Front End Developer, JavaScript enthusiastic & quick learner
alpiste @thealpiste
16 Followers 672 Following
Bad Sector Labs @badsectorlabs
8K Followers 503 Following Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]
Ben Hunter @B_H101
1K Followers 2K Following Passionate about security research. Always on a learning curve.
MIxAxIM @MI_xAx_IM
66 Followers 949 Following Smart Contract Developer | Malware Analyst | Blockchain Security & Certification Researcher | Co-founder of @AndamioPlatform and @ekival_labs
Sixdub @sixdub
11K Followers 1K Following Microsoft Threat Intelligence | Student @ GMU Antonin Scalia Law School | USAFA '10 & USAF Veteran | Focus: Intelligence, Technology, Cyber Law, Leadership
gdwallasign @Gdwallasign
353 Followers 5K Following Application Penetration Tester and Cybersecurity Consultant
Oliver @wai_oliver
17 Followers 33 Following
Rebecca Blair @ElifIknow_sec
94 Followers 74 Following SOC Manager @ToastTab. Book released: https://t.co/tUjccn9YZf Thoughts are all my own. 🏳️🌈 NU'14, UMUC'17, VSB'22
Jon Perez @johnny_nohandle
120 Followers 280 Following Interested in hunting threats, analyzing malware, and scaling detection teams.
IO @InvalidOperator
96 Followers 308 Following I do stuff with computers.. Red Team ops lead at ¯\_(ツ)_/¯. All tweets are my own.
Carson @carsons_5
69 Followers 114 Following Cybersecurity guy, homelabber, log reader, infrequent tweeter, frequent hiker/biker/kayaker. Mostly Go/TS dev but I try not to have favorites.
Ryan Franklin @rfranklin99
223 Followers 219 Following Proactive Defense @ Amazon. Builder, Student, Veteran. Thoughts are mine and mine alone.
Marc Milligan @marcmilligan
177 Followers 917 Following Cybersecurity and a lot of building things in-flight.
Brandon McCrillis @13M4C
3K Followers 593 Following Independent Cybersecurity Consultant. SANS Certified Instructor. US Navy Veteran. Former USAF Civilian. Former Hollywood Chef. Infosec Executive. Dad. ESTJ-A.
William Stewart @infosecDubya
98 Followers 132 Following
bngr @bngrsec
213 Followers 452 Following Trust me, i'm from IT | 2x @defcon🥇 | Tweet Ghostwriter | Jeff Probst is my dad | #SecKC #Formula1 #Survivor
Mr.Un1k0d3r @MrUn1k0d3r
13K Followers 508 Following I don't know how to search on Google so I do research on my own and tweet about it. Hacking as a life style https://t.co/a05mevChzu
n00py @n00py1
13K Followers 963 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
Morgan Demboski @MorganDemboski
1K Followers 701 Following Cyber Threat Intel Analyst 🏹 @Sophos | A self-proclaimed expert in cyber & geopolitics (opinions = my own)
Tim McGuffin @NotMedic
6K Followers 2K Following Back to Red Teaming. Risk Hunter. DEFCON Staff & CFP Board. MS in DF. Fmr Fire/EMS. Red and Blue. Builder. Morally Flexible. https://t.co/zakkIXeyHu @ bluesky
Adam Chester 🏴�... @_xpn_
36K Followers 498 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
0x4d @0x4d_
2K Followers 1K Following
Jason Lang @curi0usJack
16K Followers 200 Following @TrustedSec Red Team lead | Hi-Fidelity trolling | Privacy Enthusiast | Putting the "no" in nano | Avatar: https://t.co/3XHmKR8nCk
Vinoth Kumar @vinodsparrow
7K Followers 3K Following
Mudge @dotMudge
63K Followers 337 Following Make a dent in the universe. Find something that needs improvement: go there and fix things. If not you, then who? {he/they}
Bad Sector Labs @badsectorlabs
8K Followers 503 Following Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]
Spiros Fraganastasis @m3g9tr0n
14K Followers 1K Following Team @hashcat! Eternal n00b and knowledge seeker! Age is just a number and motivation is the fuel! Whatever you do in your life, do not forget to be humble.
David Valles @davidvalles007
818 Followers 1K Following Passionate about Infosec! Tweets are my opinion and do not represent my employer's view.
Patrick @pierson_pat
113 Followers 195 Following Tech enthusiast, Veteran, my opinions are forced upon me by my dog.
Daniel Gordon @_justdaniel
9 Followers 12 Following
IronNet @IronNet
5K Followers 1K Following IronNet offers advanced collective defense and network detection and response technology and services to protect against current and emerging cyber threats.
Rebecca Blair @ElifIknow_sec
94 Followers 74 Following SOC Manager @ToastTab. Book released: https://t.co/tUjccn9YZf Thoughts are all my own. 🏳️🌈 NU'14, UMUC'17, VSB'22
Oliver @wai_oliver
17 Followers 33 Following
Leo Pitt @_D00mfist
1K Followers 269 Following Husband | Father | Newb | Gamer | Otaku | Security Engineer @Zoom
Oddvar Moe @Oddvarmoe
19K Followers 1K Following Red Teamer @TrustedSec | MS MVP | Speaker | Security Researcher | Blogger | Total n00b & always learning | UNC1194 | Tinkerer | Gamer I try to inspire!
IO @InvalidOperator
96 Followers 308 Following I do stuff with computers.. Red Team ops lead at ¯\_(ツ)_/¯. All tweets are my own.
Carson @carsons_5
69 Followers 114 Following Cybersecurity guy, homelabber, log reader, infrequent tweeter, frequent hiker/biker/kayaker. Mostly Go/TS dev but I try not to have favorites.
IronNet Threat Resear... @IronNetTR
948 Followers 38 Following Transforming NDR through Collective Defense Interested in a trial or demo of IronRadar? Reach out to [email protected]
Greg Conti @cyberbgone
3K Followers 2K Following Security Researcher // Co-Founder and Principal @Kopidion_llc
Ryan Franklin @rfranklin99
223 Followers 219 Following Proactive Defense @ Amazon. Builder, Student, Veteran. Thoughts are mine and mine alone.
Rusty Bower @rustybower
532 Followers 784 Following Information Security Engineer / Professional Packet Herder
Brandon McCrillis @13M4C
3K Followers 593 Following Independent Cybersecurity Consultant. SANS Certified Instructor. US Navy Veteran. Former USAF Civilian. Former Hollywood Chef. Infosec Executive. Dad. ESTJ-A.
William Stewart @infosecDubya
98 Followers 132 Following
Josh Day @josh__day
205 Followers 173 Following Offensive security and Hunt cyber professional but more importantly dad and husband
Nick Carr @ItsReallyNick
38K Followers 3K Following Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA
Alyssa (she/her) @ramen0x3f
3K Followers 574 Following @ramen0x3f.bsky.social Senior Threat Researcher and Pun Aficionado @Microsoft Former research+red team+hand drawn memes @Mandiant
Ken Jenkins @K3N_J3NKINS
143 Followers 411 Following Retired Military, Consumer of all things cyber operations. Husband and Father.
Social-Engineer, LLC @SocEngineerInc
16K Followers 606 Following Threats to information security consistently focus their attacks on company employees. Discover how our Managed Services keep your company protected.
The Innocent Lives Fo... @InnocentOrg
9K Followers 86 Following 501(c)3. Our mission is to identify anonymous child predators and help bring them to justice.
Christopher Hadnagy @humanhacker
38K Followers 432 Following Human Hacking or Social Engineering is about learning how to communicate with intent. Check out the new book at https://t.co/B4GdVzCz0O
Kyle Hanslovan @KyleHanslovan
11K Followers 351 Following CEO at @HuntressLabs | Classy but ❤️’s Trap MusicTrends for United States
You might like
