|
Med K
@
redmed666
|
|
Security guy, love reverse engineering, like to search and test new stuff
github.com/redmed666
|
|
|
314
Tweetovi
|
745
Pratim
|
60
Osobe koje vas prate
|
| Tweetovi |
| Med K proslijedio/la je tweet | ||
|
Xentropy
@SamuelAnttila
|
1. velj |
|
I was tired of outdated XSS cheat sheets that don't touch on frameworks, html5, filter bypasses and other important stuff, so I made my own. I hope you find it as useful as I do. :)
netsec.expert/2020/02/01/xss…
#bugbountytips pic.twitter.com/Mdygq1PI9Z
|
||
|
||
| Med K proslijedio/la je tweet | ||
|
FireF0X
@hFireF0X
|
2. velj |
|
KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore, github.com/hfiref0x/KDU pic.twitter.com/s154qYlIKR
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
reenz0h
@Sektor7Net
|
31. sij |
|
Reversing C++ executables with OOAnalyzer Ghidra Plugin
insights.sei.cmu.edu/sei_blog/2019/… pic.twitter.com/rK2k4Q17Gd
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
wrongbaud
@wrongbaud
|
31. sij |
|
Hardware Debugging for Reverse Engineers Part 1: SWD, OpenOCD and Xbox One Controllers
wrongbaud.github.io/stm-xbox-jtag/
Hope you enjoy! As always ping me with any questions
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
Sami Laiho
@samilaiho
|
31. sij |
|
How to hack yourself admin rights on any Autopilot installed Windows 10 - aka The Return of the Shift+F10!
#suomalaismies #4sysops
4sysops.com/archives/hacki…
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
SwiftOnSecurity
@SwiftOnSecurity
|
15. lis |
|
Have a vendor executable with unknown command-line options? Don’t want to reverse-engineer? Brute force in Windows shell!
:: Extract strings from program
strings.exe program.exe >> strings.txt
:: Run each string as program argument
for /f %a IN (strings.txt) DO “program.exe” %a
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
|
SwiftOnSecurity
@SwiftOnSecurity
|
15. lis |
|
Among the undocumented flags in Windows Defender MpCmdRun.exe:
-BuildSfc
-ServiceHardening
-SampleHeaderService
-WriteLogsForSvc
-WDEnable
-ReloadEngine pic.twitter.com/aTLccGQk5h
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
Xavier Mertens🛡
@xme
|
29. sij |
|
|
||
| Med K proslijedio/la je tweet | ||
|
Jason
@coolacid
|
28. sij |
|
It’s with great pleasure I'm (finally) releasing my @MISPProject docker images. Images are optimised for home and enterprise use. Some cleanup work to do (see issues), but its been in $work prod for months now.
Github: github.com/coolacid/docke…
DockerHub: hub.docker.com/r/coolacid/doc…
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
Red Canary
@redcanaryco
|
28. sij |
|
From the folks that brought you Atomic Red Team, Chain Reactor is a new open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints. redcanary.com/blog/chain-rea… pic.twitter.com/fkOISDk9YK
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
|
SwiftOnSecurity
@SwiftOnSecurity
|
28. sij |
|
#DFIR #IR
I think I’ve discovered Win32 application launch history / usage trace data that appears undocumented by the community. It logs 3rd-party apps too.
Win32kTraceLogging.AppInteractivitySummary
See Microsoft’s “Diagnostic Data Viewer” app.
A massive trove of data points pic.twitter.com/zLtDTliJ98
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
Nicolas Krassas
@Dinosn
|
27. sij |
|
Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information.
github.com/depthsecurity/…
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
Pen Test Partners
@PenTestPartners
|
5. sij 2018. |
|
Ooh, here's @cybergibbons with a grand how-to on bypassing code readout protection using JTAG, OpenOCD, gdb and @IncludeSecurity's CRP bypass on the Nordic nrf51822 Bluetooth SoC
pentestpartners.com/security-blog/… pic.twitter.com/oubkomAacc
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
Dino A. Dai Zovi
@dinodaizovi
|
26. sij |
|
The claim in the FTI forensics report on Bezos’ iPhone that, “due to end-to-end encryption employed by WhatsApp, it is virtually impossible to decrypt the contents of the downloader [.enc file]...” bugged me so much that I coded up how to do it:
github.com/ddz/whatsapp-m…
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
gerhart
@gerhart_x
|
25. sij |
|
Good whitepaper about windows 10 secure kernel:
"Live forensics on the Windows 10 securekernel (2017)"
ntnuopen.ntnu.no/ntnu-xmlui/bit…
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
Minoru Kobayashi
@unkn0wnbit
|
24. sij |
|
Hello, #DFIR guys! Finally, I have released new 3 tools for #mac4n6 and #MalwareAnalysis for macOS.
Please try them and have a nice weekend :)
1st tool:
Norimaci is malware analysis sandbox for macOS. This tool was inspired Noriben sandbox.
github.com/mnrkbys/norima…
(1/3)
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
Dimitrios Margaritis
@dmargaritis
|
24. sij |
|
If you have ATP enable the NO-DEFAULT protections: 1)block office apps from creating child process and inject code to other process2)Block JS &VBS from launching downloaded executable content 3)Block credential stealing from lsass.exe and much more bit.ly/2TVkTjl
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
Binni Shah
@binitamshah
|
24. sij |
|
TLDR pages : Simplified, community-driven man pages w/ examples : tldr.sh
cht.sh -->to quickly get access to community-driven cheat sheets. It has more than 60 programming languages and UNIX/Linux commands : pic.twitter.com/LgBhR1v448
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
R136a1
@TheEnergyStory
|
24. sij |
|
IOCs, the decompiled C# code with deobfuscated strings, a registry data config decrypter (for those who are infected) and some information of the Project TajMahal malware sample uploaded in 2019 to Virustotal: github.com/TheEnergyStory… #TajMahal #Malware
|
||
|
|
||
| Med K proslijedio/la je tweet | ||
|
LP
@jotunvillur
|
23. sij |
|
challenges.re (Reversing malware challenges from Dennis Yurichev)
malware-research.org/slack/ (Malware Research Slack group from GelosSnake)
zeltser.com/malicious-soft… (Basically all of Lenny Zeltser's blog)
wiley.com/en-us/The+Art+… (Art of Memory Forensics - Volatility crew)
|
||
|
|
||