Twitter | Search | |
This is the legacy version of twitter.com. We will be shutting it down on 15 December 2020. Please switch to a supported browser or device. You can see a list of supported browsers in our Help Center.
Tomas Rzepka
Senior👨‍🦳security consultant - Attacker/Defender, RE, IR 🇸🇪
1,028
Tweets
399
Following
274
Followers
Tweets
Tomas Rzepka retweeted
F-Secure Labs Nov 25
Somewhere in this hacker community, is another William Söderberg vulnerability, you may try to subtract it, But that API just won't go away? Three times one? What is it? No more no less than x3 IBM DataPower Gateway DoS -
Reply Retweet Like
Tomas Rzepka retweeted
Arun Magesh Sep 24
Bypassing Android MDM Using Electromagnetic Fault Injection By A Gas Lighter For $1.5
Reply Retweet Like
Tomas Rzepka retweeted
Arun Magesh Aug 25
Ok. so a thread on my new dumb EM fault injection. This is no way can replace professionally ones like ChipShouter or other FI ones. This is just a fun little thing to try on your research device. It is dangerous and can brick your devices. 1/n
Reply Retweet Like
Tomas Rzepka Sep 24
Replying to @Kuggofficial
It’s ok, we’ll just FUND 👾
Reply Retweet Like
Tomas Rzepka retweeted
Andrea Barisani Sep 9
At '19 we introduced the USB armory Mk II and our vision to implement a Bluetooth controlled encrypted drive with it. Full disk encryption, 2-factor authentication, user+hardware bound keys, unlimited storage (uSD). All of this with the push of a button. Coming soon!
Reply Retweet Like
Tomas Rzepka retweeted
Christoffer Jerkeby Sep 8
Today I worked a bit with semgrep. Its a semantic grep tool that understands patterns in code semantically without requiring the full codebase. Found a few bugs! Yay!
Reply Retweet Like
Tomas Rzepka retweeted
Askar Sep 2
Well, you can download a file from the internet using Windows Defender itself. In this example, I was able to download Cobalt Strike beacon using the binary "MpCmdRun.exe" which is the "Microsoft Malware Protection Command Line".
Reply Retweet Like
Tomas Rzepka retweeted
F-Secure Labs Aug 25
We just released our analysis of new technical details related to Lazarus targeting the cryptocurrency vertical (Macros not needed):
Reply Retweet Like
Tomas Rzepka Aug 24
Application Guard for Office - Virtualized Office that protects you from malicious macros and other evil
Reply Retweet Like
Tomas Rzepka retweeted
Books I Didn't Read Aug 11
Reply Retweet Like
Tomas Rzepka retweeted
Andrea Barisani Jul 15
The Fake Cisco A real-life in depth technical analysis of a Cisco counterfeit unit. This paper details the journey that we took at to analyze such a device. Great stuff from and the rest of the team!
Reply Retweet Like
Tomas Rzepka Jul 2
released Leonidas () () a framework for executing attacker actions in the cloud. Complete with detection use cases; not quite 300 of em, but plenty to get you started!
Reply Retweet Like
Tomas Rzepka retweeted
F-Secure Consulting Jun 29
Today : will present a -native toolchain that allows you to easily define, simulate, and detect new in - PLUS how to develop similar capabilities in-house. Watch live @ 15:00 ET > |
Reply Retweet Like
Tomas Rzepka Jun 24
Checkout our online attack detection workshop
Reply Retweet Like
Tomas Rzepka retweeted
mpgn Jun 19
LDAP protocol is added to CrackMapExec, allowing us to quickly find ASREPRoast and Kerberoasting hashes 🔥 I also add two others options to list computers and users with unconstrained delegation and list users with flag "adminCount", big kudos to for the Trooper talk 🙏
Reply Retweet Like
Tomas Rzepka retweeted
Marko ⚡ Denic Jun 13
Mystery Solved!
Reply Retweet Like
Tomas Rzepka retweeted
F-Secure Jun 7
By popular demand, will dig deeper in to the process of fuzz testing in the next F-Secure Live Webcast. Tune in this Wednesday, June 10 as our consultants demonstrate how to classify a bug and how to measure its exploitability in practice>>
Reply Retweet Like
Tomas Rzepka retweeted
Christoffer Jerkeby Jun 5
By popular demand: Next live hacking webcast will be about bug triage and binary exploitation. We will cover debugging, gdb, valgrind and afl-utilities to understand and leverage bugs. Next wednesday 16:00 CEST. Sign up
Reply Retweet Like
Tomas Rzepka Jun 4
Customized old but good dangerous functions script to work with
Reply Retweet Like
Tomas Rzepka retweeted
F-Secure May 12
Want to learn about the wonderful world of fuzzing? Join and for an webcast on fuzz-testing. Register here:
Reply Retweet Like