Rambo @R44MB00 - Twitter Profile

Pinned Tweet

about 4 years ago

Real interesting stuff. "When everything you can want to know about a program’s behaviour can be found by RE, then source code for software becomes more like blueprints for a building: a record at best of what was intended or specified, but not necessarily of what got built."

0

20

16

2

0

R44MB00 retweeted

Tom Hegel @TomHegel

4 months ago

The Notepad++ CN APT incident - Quick reference to help keep up: 1. Incident overview: (https://t.co/tprANRsJHR) 2. @rapid7 MDR Analysis with IOCs: (https://t.co/vviivevHl2) 3. @ValidinLLC Infrastructure Analysis w/ new IOCs/pivot methods: (https://t.co/7nwFq0xIAY) ...

TomHegel's tweet photo. The Notepad++ CN APT incident - Quick reference to help keep up:

1. Incident overview: (https://t.co/tprANRsJHR)

2. @rapid7 MDR Analysis with IOCs: (https://t.co/vviivevHl2)

3. @ValidinLLC Infrastructure Analysis w/ new IOCs/pivot methods: (https://t.co/7nwFq0xIAY)

... https://t.co/pSRSTsM07b

4

321

89

279

28K

R44MB00 retweeted

MalDev Academy

@MalDevAcademy

5 months ago

As promised, today we released DumpBrowserSecrets a tool which extracts passwords, tokens, cookies and other data from several browsers. https://t.co/EaswGdihdU

MalDevAcademy's tweet photo. As promised, today we released DumpBrowserSecrets a tool which extracts passwords, tokens, cookies and other data from several browsers.

https://t.co/EaswGdihdU https://t.co/1Uhoqsd42I

7

1K

193

946

67K

Rambo @R44MB00

8 months ago

Had such a great time speaking at BSides Toronto! @BSidesTO thank you for having me and everyone for attending. Slides and video to be available soon. #hacktheplanet #malware #opensource

R44MB00's tweet photo. Had such a great time speaking at BSides Toronto! @BSidesTO thank you for having me and everyone for attending.
Slides and video to be available soon.
#hacktheplanet #malware #opensource https://t.co/jMtgWhNz9p

0

2

0

107

Who to follow

Benjamin Spence

@bSpence7337

@[email protected] #RedTeam4Life #LethalForensicator fictional character 🥸 Ally of all (He/His/Him) #BLM #TheConCrudIsReal

TMZ

@guitmz

Hacking computers | #Linux #ELF #Malware #VX | @tmpout

Gowtham

@gowsundar

Security Engineer | SRT | Yogosha.

Rambo @R44MB00

over 2 years ago

One of our latest finds while combing through open source packages. #npm #malware #hacktheplanet

Ax Sharma @Ax_Sharma

over 2 years ago

Security researcher Juan Aguirre aka @R44MB00 analyses #npm package 'distube-config' caught dropping Windows info-stealing malware under the guise of 'UnityLibraryManager.exe' 🎭 https://t.co/SY0q37Y5OB #opensource

Ax_Sharma's tweet photo. Security researcher Juan Aguirre aka @R44MB00 analyses #npm package 'distube-config' caught dropping Windows info-stealing malware under the guise of 'UnityLibraryManager.exe' 🎭
https://t.co/SY0q37Y5OB #opensource https://t.co/qFDUscVQeo

0

1

505

0

1

0

54

R44MB00 retweeted

eversinc33 🤍🔪⋆｡˚ ⋆ @eversinc33

almost 3 years ago

Dumbest AMSI bypass I know so far, but it works: sideloading a fake amsi.dll to a copied version of powershell which simply return S_OK / AMSI_RESULT_CLEAN for every command. I would have thought that there was some kind of signature check upon loading amsi.dll but apparently not

eversinc33's tweet photo. Dumbest AMSI bypass I know so far, but it works: sideloading a fake amsi.dll to a copied version of powershell which simply return S_OK / AMSI_RESULT_CLEAN for every command. I would have thought that there was some kind of signature check upon loading amsi.dll but apparently not https://t.co/Gp8WCDIDd8

18

872

260

243

106K

Rambo @R44MB00

about 3 years ago

The burnout is real! 🥴🔥🔥🥴 Friendly reminder to do something for yourself today.

0

31

R44MB00 retweeted

Sonatype

@sonatype

over 3 years ago

.@Sonatype's Juan Aguirre (@R44MB00) gets back to the basics on how to research and identify threats. ⏪ Juan dives into the waters 🌊 of malware analysis and provides best practices for analyzing Python malware 🐍 https://t.co/aeuF441Ckg

sonatype's tweet photo. .@Sonatype's Juan Aguirre (@R44MB00) gets back to the basics on how to research and identify threats. ⏪

Juan dives into the waters 🌊 of malware analysis and provides best practices for analyzing Python malware 🐍 https://t.co/aeuF441Ckg https://t.co/r7mPxENQKS

1

2

0

244

R44MB00 retweeted

vx-underground

@vxunderground

over 3 years ago

Surprise! Another ChatGPT tweet! Except this time it is people making ChatGPT punch itself in the face *Images via @Kevin2600

vxunderground's tweet photo. Surprise! Another ChatGPT tweet! Except this time it is people making ChatGPT punch itself in the face

*Images via @Kevin2600 https://t.co/mdikykg2aR

21

1K

181

139

0

R44MB00 retweeted

MalwareHunterTeam

@malwrhunterteam

over 3 years ago

Very legit IP address, right? 😂

115

2K

179

32

0

R44MB00 retweeted

Orange Tsai 🍊

@orange_8361

almost 4 years ago

🔥 https://t.co/Vr6fnRUJ35

1

118

37

11

0

R44MB00 retweeted

PT SWARM @ptswarm

almost 4 years ago

🔥 A tip for getting RCE in Jetty apps with just one XML file!

5

715

234

182

0

Rambo @R44MB00

almost 4 years ago

I would love to see more of this and also personally work more on it.

Haifei Li @HaifeiLi

almost 4 years ago

Personally, I'd prefer to see the community pay more attentions on novel attack surface/vector research rather than particular bugs. Attack surface/vector research is the real work, bugs are just expected results. :)

4

131

23

6

0

R44MB00 retweeted

Ax Sharma @Ax_Sharma

almost 4 years ago

LockBit ransomware has published a new page on its data leak website today, saying that the 356,841 files they allegedly stole from Mandiant will be leaked online. - @serghei https://t.co/lHCfuQqwrs

0

5

1

0

Rambo @R44MB00

almost 4 years ago

I wonder what the password is? #airport #opsec #hacktheplanet #vivaair

0

1

0

R44MB00 retweeted

shubs

@infosec_au

about 4 years ago

A few months ago, I collaborated with @HusseiN98D to find critical vulnerabilities in a bank. It involved finding a 0day in dotCMS. You can read about the discovery and exploitation process here: https://t.co/prFg60QieF

10

580

175

139

0

R44MB00 retweeted

Corben Leo

@hacker_

about 4 years ago

Authorization. Easy to understand. Critical if implemented incorrectly. Want to see an example? (dumb question Corben, yes, why not) Last month, I found an auth bypass that lead to a full account takeover. Here's how I found it:

37

806

226

300

0

R44MB00 retweeted

The Bug Bounty Hunter

@tbbhunter

about 4 years ago

Exploiting remote code execution within VirusTotal platform in order to gain access to its various scans capabilities. https://t.co/t906Z0d9CY

0

38

7

4

0

R44MB00 retweeted

Ax Sharma @Ax_Sharma

about 4 years ago

For anyone puzzled by strange stuff on NPM lately 🤔 Random #opensource packages, each with HUNDREDS OF 'security placeholder' versions but no malicious code are being published daily. cc @R44MB00

Ax_Sharma's tweet photo. For anyone puzzled by strange stuff on NPM lately 🤔

Random #opensource packages, each with HUNDREDS OF 'security placeholder' versions but no malicious code are being published daily.

cc @R44MB00 https://t.co/VECQyORRhX

1

6

2

0

Rambo @R44MB00

about 4 years ago

@mcipekci @SynackRedTeam 393 bugs ~ 300k 82 bugs ~ 200k Now that's growth and improvement! Looks like a lot of effort and time put in to the example sqli , but a clear reward can be seen in the numbers. Awesome stuff!

1

4

0

R44MB00 retweeted

Maddie Stone @maddiestone

about 4 years ago

Today we're sharing our Year in Review of 0-days exploited in-the-wild in 2021. Here's our takeaways from this record breaking year. https://t.co/2gDQxDwVkm

2

520

215

73

0

Rambo

@R44MB00

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users