|
Ben Chung
@
MrBenChung
|
|
of course these views are my own
|
|
|
20.574
Tweetovi
|
826
Pratim
|
287
Osobe koje vas prate
|
| Tweetovi |
| Ben Chung proslijedio/la je tweet | ||
|
Tom Sellers
@TomSellers
|
4. velj |
|
We on the @Rapid7 Labs team use Projects Sonar and Heisenberg to provide context for risk on the Internet. Today I published a blog post on DOUBLEPULSAR over RDP in support of @wvuuuuuuuuuuuuu 's efforts in this area.
blog.rapid7.com/2020/02/04/dou…
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
Sébastien Dudek
@FlUxIuS
|
4. velj |
|
Introduction to mobile network intrusion from a mobile phone:
medium.com/mobile-stacks-… by @Gallium24, @BuuriMa, Henri, @tmakkonen, @ad_ili_rai_en and myself.
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
Quix0te
@OMENScan
|
5. velj |
|
I released OMENS more than 5 years ago to help the community detect and combat this problem.
github.com/OMENScan/OMENS
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
Ronnie 'BEC' Tokazowski
@iHeartMalware
|
4. velj |
|
Every. Single. Organization. pic.twitter.com/Vo7DJMiWlx
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
Ryan Hausknecht
@Haus3c
|
3. velj |
|
I made a PowerShell script when researching COM objects that has like 30 foreach and if loops and will search every COM object method for a keyword, e.g. finding COM objects with a method containing 'ExecuteShell'. Maybe someone else will find it useful. github.com/hausec/COMMeth…
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
Danus
@danusminimus
|
3. velj |
|
VB6 Packers are no joke, This one took me a while to write and I do hope you enjoy it!
Analyzing Modern Malware Techniques - Part 3 Vb6 packers
0x00sec.org/t/analyzing-mo…
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
dragosr
@dragosr
|
4. velj |
|
TeamViewer (all versions) keys lead to password extraction, not hashed. TeamViewer stored user passwords encrypted with AES-128-CBC with key: 0602000000a400005253413100040000 and iv of 0100010067244F436E6762F25EA8D704 - in the Windows registry. whynotsecurity.com/blog/teamviewe…
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
GJ
@gertjanbruggink
|
4. velj |
|
Inspired by awesome people, last year I made a cheatsheet for measuring CTI aspects. This year I've moved it to github, tweaked the sheet a bit and updated ito make it easier to maintain for both myself & you folks. Expect more content on CTI & RT. Cheers! github.com/gertjanbruggin… twitter.com/gertjanbruggin…
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
Ronnie Flathers
@ropnop
|
4. velj |
|
So much fun presenting this! Happy to share my slides for "Don't Cross Me! Same Origin Policy and all the 'cross' vulns". SOP is an important topic I feel is not adequately explained and understood by many developers and security pros.
speakerdeck.com/ropnop/dont-cr…
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
MalwareHunterTeam
@malwrhunterteam
|
5. velj |
|
So, hearing that Toll Group got hit with ransomware that is caled "Mailto"...
But (just as with REvil), we can take a look at the decrypter for it, and then we see they named it "Netwalker Decrypter", instead of "Mailto Decrypter" or anything else...
@demonslay335
cc @VK_Intel pic.twitter.com/GSyyIjzV4X
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
Florian Roth
@cyb3rops
|
3. velj |
|
RDG Scanner for Vulnerability CVE-2020-0609 & CVE-2020-0610
- multi-threaded
- CIDR support
github.com/2d4d/rdg_scann… pic.twitter.com/8yqu4nD7Te
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
👼 Ąż 杏
@angealbertini
|
3. velj |
|
Would you be interested in such stickers?
(RTs are appreciated) pic.twitter.com/XKrOWSxuWN
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
@mikko
@mikko
|
3. velj |
|
1/ Practically every startup ends up writing code, even if technology wouldn't be the main focus of the company. Here’s a checklist I made to help you and your hot new startup avoid the most common infosec pitfalls. [thread]
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
netbiosX
@netbiosX
|
3. velj |
|
FakeLogonScreen - A utility to fake the Windows logon screen in order to obtain the user's password. The password entered is validated against the Active Directory or local machine to make sure it is correct and is then saved to disk. github.com/bitsadmin/fake…
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
Jason Trost
@jason_trost
|
3. velj |
|
6 Short Links on Malware Training Set Creation for Machine Learning link.medium.com/3gc6dt8uM3
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
Marcello
@byt3bl33d3r
|
3. velj |
|
Really glad to finally get a blogpost out about this. Hopefully this is useful and gives Red Teamers ideas on how to use the BYOI concept in their own payloads. If anyone is interested in a few more follow up posts about this will gladly oblige :)
blackhillsinfosec.com/red-teamers-co…
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
Phil Venables
@philvenables
|
2. velj |
|
Dealing with the Deluge of Vendors. A thread.
[full post here : bit.ly/2u33n2s]
Everyone is deluged by product and service vendors, small and large. Even vendors struggle to keep track of who are their competitors in an ever crowded market place.
1/24
|
||
|
|
||
|
Ben Chung
@MrBenChung
|
3. velj |
|
Another classic Phil thread, useful 👏 twitter.com/philvenables/s…
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
Root
@rootsecdev
|
2. velj |
|
For all you cryptography nerds out there. I’ve very much enjoyed playing around with this project.
GitHub - NationalSecurityAgency/enigma-simulator: An educational demonstration of breaking the Enigma machine github.com/NationalSecuri…
|
||
|
|
||
| Ben Chung proslijedio/la je tweet | ||
|
Jim Troutman next @bsidessf #RSA
@troutman
|
1. velj |
|
Here are the slides from my @shmoocon #firetalk. I fixed a few typos and added links and resources.
nepeeringforum.org/troutman/trout…
|
||
|
|
||