Twitter | Search | |
Eric Smith
Consultant, Therapist. Persistent SoB. I don't like to lose. Your systems sure do look appetizing.
3,547
Tweets
765
Following
3,756
Followers
Tweets
Eric Smith Oct 30
U wanna sponsor or hack?
Reply Retweet Like
Eric Smith Oct 24
Replying to @vyrus001
Absolutely agree.
Reply Retweet Like
Eric Smith Oct 23
Replying to @vyrus001
Never draw the line.
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Oct 17
Robber. open source tool for finding executables prone to DLL hijacking
Reply Retweet Like
Eric Smith retweeted
Nick Carr Oct 17
This morning was the first time I've seen anyone upload a payload using 's awesome Microsoft.Workflow.Compiler unsigned code execution method to VT. This is a known tester uploader with 10.0.2.15:443 I would bet MANY are using, few detect/upload publicly. 🔗's ⤵️
Reply Retweet Like
Eric Smith retweeted
philip hartlieb Oct 17
Anthem Mega-Breach: Record $16 Million HIPAA Settlement (InfoRiskToday)
Reply Retweet Like
Eric Smith Oct 2
Thank you for having me out to present on Red Teaming: An Identity Crisis. I'll post up slides shortly. Thanks to all who came! Truly a pleasure.
Reply Retweet Like
Eric Smith retweeted
Responder Sep 16
On an internal pentest? Always have Pcredz monitoring while ARPing. Great for passive analysis on goal oriented pentests... CC parsing, SMB read/write extraction, imap, pop, mysql, & a lot more other credentials extractions. If you're not using it, you're losing some goodies.
Reply Retweet Like
Eric Smith retweeted
Matt Johansen Aug 6
If you're an experienced security pro in Vegas this week I've got 2 challenges for you. 1. Watch one talk you know NOTHING about. Like barely understand the title. 2. Find at least one student or much younger pro and buy them a meal/coffee/drink and let them ask you questions.
Reply Retweet Like
Eric Smith retweeted
the grugq Aug 2
“They allegedly used another Atlassian program, Jira, for project management purposes, tracking details of the intrusion, maps of networks, and stolen data.” — Those poor poor bastards.
Reply Retweet Like
Eric Smith retweeted
Matt Graeber Aug 2
Without fail, while prepping for the Adversary Tactics PowerShell class, I uncovered another code exec bug that I reported to MSRC. I'm excited to pass on our security feature bypass methodology at ! is a hard freaking bypass target now, though!
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Aug 2
Passing-the-Hash to NTLM Authenticated Web Applications
Reply Retweet Like
Eric Smith retweeted
Jared Haight Aug 2
Speaking of nmap parsing, I wrote a quick PowerShell script that reads in an nmap xml and correlates ARIN data to each IP. Useful for checking who owns the IP address ranges you're looking at.
Reply Retweet Like
Eric Smith retweeted
WRCCDC Aug 2
We will be running a training this Sunday 8/5/2018 from 2PM to 4PM on the basics of Windows and Linux defense!
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Aug 2
Active Directory: DSQUERY Commands
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Jul 26
Advanced Incident Detection and Threat Hunting using Sysmon (and Splunk)
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Jul 25
How to Mitigate Mimikatz WDigest Cleartext Credential Theft
Reply Retweet Like
Eric Smith Jul 26
Nice! Congrats.
Reply Retweet Like
Eric Smith retweeted
Kyle Hanslovan Jul 22
Evasive tradecraft starts with an easy to customize codebase. ’s Reflective PSExec loader & DLL is ideal for this. Provides position independent loading for Windows x86/x64/ARM (module/import hashing, address fixup), flexible DLL injection options.
Reply Retweet Like
Eric Smith retweeted
DirectoryRanger Jul 23
BeRoot For Windows. post exploitation tool to check common Windows misconfigurations to find a way to escalate our privilege
Reply Retweet Like