JMP RSP

@0xffhh

offensive security addict. @falconforceteam co-founder. speed maniac.

Joined March 2010

329 Following

390 Followers

464 Posts

JMP RSP @0xffhh

over 2 years ago

@jsecurity101 @_xpn_ Exactly this! The ROI on c2 detections is super low. You need a lot of data, a lot of time and detection effort, and still are guaranteed to miss a lot of things. Detecting bad behavior has a waaay bigger ROI.

0

2

0

0

83

0xffhh retweeted

Wild West Hackin' Fest @WWHackinFest

over 2 years ago

Sponsor Spotlight | @falconforceteam We would like to thank FalconForce for being a Silver Sponsor for Deadwood 2023! Check out all about their company and services here: https://t.co/11xh6sEBt6

WWHackinFest's tweet photo. Sponsor Spotlight | @falconforceteam

We would like to thank FalconForce for being a Silver Sponsor for Deadwood 2023! Check out all about their company and services here: https://t.co/11xh6sEBt6 https://t.co/mGzyXF1OWE

0

7

6

0

3K

JMP RSP @0xffhh

over 3 years ago

@Flangvik @HackingLZ Congrats man! Epic car 😎

0

1

0

0

0

JMP RSP @0xffhh

over 3 years ago

Having an implant running undetected on an edr protected machine is all cool, but detecting TAs is just ~20% about detecting their implant. Detecting the stuff they do with their implant is what matters way more. Local priv esc, cred dumping, lateral movement, etc. Just saying 🤷‍♂️

1

20

3

1

0

Who to follow

FalconForce Official

@falconforceteam

Building a resilient digital society through highly specialised digital security consulting.

Red Team Tooling & Tradecraft

@its_a_feature_

Mythic Developer (https://t.co/Uz4fOxIUbe) | @SpecterOps @[email protected] | @its-a-feature.bsky.social

JMP RSP @0xffhh

over 3 years ago

@N7WEra @Jean_Maes_1994 https://t.co/VzckoFYpBz 🤷‍♂️ Tl;dr very low tax rates for expats.

0

0

0

0

0

JMP RSP @0xffhh

over 3 years ago

@GayzeMay I’m still waiting for @KLM to respond. Same ‘no response’ on social media…

0

0

0

0

0

JMP RSP @0xffhh

over 3 years ago

Hey @KLM, i’m waiting for 6 months already for a claim to be handled. Don’t you think it’s about time to fix this? Already called you a few times and you keep saying ‘it’s busy’. So taking the shaming route now…

0xffhh's tweet photo. Hey @KLM, i’m waiting for 6 months already for a claim to be handled. Don’t you think it’s about time to fix this? Already called you a few times and you keep saying ‘it’s busy’. So taking the shaming route now… https://t.co/4HcR31JpZU

0

4

0

0

0

JMP RSP @0xffhh

over 3 years ago

@KwyjiboUK @UK_Daniel_Card @LisaForteUK @AppSecBloke @brechtcastel does this kind of magic as well.

0

0

0

0

0

JMP RSP @0xffhh

over 3 years ago

@pati_gallardo Build a random go project as lib and statically link into your project? 🤷‍♂️😋

0

0

0

0

0

JMP RSP @0xffhh

almost 4 years ago

@yarden_shafir Red and black trees with a few green nodes?

0

1

0

0

0

JMP RSP @0xffhh

almost 4 years ago

Does anyone have a working .NET core gadget for a deserializing vulnerability with https://t.co/y1yzulUlMY? The documented .NET framework gadgets don’t work in core. #SharingIsCaring

0

0

0

0

0

JMP RSP @0xffhh

almost 4 years ago

@ChenCravat / Raymond Chen is a genius! Every time i encounter something weird in windows, he has documented it 10+ years ago 🤷‍♂️😎

0

0

0

0

0

0xffhh retweeted

FalconForce Official @falconforceteam

almost 4 years ago

It’s #FalconFriday and summer is here! Take a refreshing dive into our newest blog, where we will shed some light on how Certipy and Rebeus work with UnPAC-the-hash and shadowing creds, and how to detect these techniques with our free #Kusto detections. https://t.co/cxjyW3IxCg

falconforceteam's tweet photo. It’s #FalconFriday and summer is here! Take a refreshing dive into our newest blog, where we will shed some light on how Certipy and Rebeus work with UnPAC-the-hash and shadowing creds, and how to detect these techniques with our free #Kusto detections.

https://t.co/cxjyW3IxCg https://t.co/rEP7NYXAnY

1

19

9

2

0

JMP RSP @0xffhh

about 4 years ago

@n0x08 It’s more nuanced! Dependens on country/airport. Amsterdam allows you to leave everything in your bag. While many other eu airports require you to take stuff out. US is famous for shoes off, but was flying from SAN recently, and was allowed to leave liquids in the bag go figure🤷‍♂️

0

0

0

0

0

JMP RSP @0xffhh

about 4 years ago

@alisaesage Just wanted to say thanks for offering 10 spots for free for those who’re not fortunate enough to have an employer pay for it.

0

0

0

0

0

JMP RSP @0xffhh

about 4 years ago

@chvancooten @olafhartong @DebugPrivilege @DebugPrivilege no pressure…👀👀 when do you want to drop by? We’ll still off you a drink if you don’t want to share - promise!

0

2

0

0

0

JMP RSP @0xffhh

about 4 years ago

Does anyone know what the status is of API Monitor? Is in dead? Will it ever get an update or be open sourced? I have so many usecases and/or feature requests…🤯 Cc: @rohitab

0

3

1

0

0

JMP RSP @0xffhh

about 4 years ago

@chvancooten @olafhartong @DebugPrivilege Awesome! Can you forward me the invite as well, so I can make sure to be there? 😋 (i.e. when do you want to drop by?)

1

3

0

0

0

JMP RSP @0xffhh

about 4 years ago

@tijshofmans @defcon Check! Ik ben er + nog stapel collega’s.

0

2

0

0

0

Last Seen Users on Sotwe

Trends for you

Most Popular Users