Olivia
Online
Stan Hegt
@StanHacked
Red teamer @ Outflank
.NL
Joined August 2015
157 Following
5.4K Followers
305 Posts
Pinned Tweet
@OutflankNL blog: Attacking Visual Studio for Initial Access.
The post shows how viewing source code can lead to compromise of a dev's workstation. A journey into COM, type libraries and the inner workings of VS. Plus practical examples for red team ops.
https://t.co/awZL4hiH4R
Exciting news: Zero-Point Security has joined @fortraofficial and will work alongside the @_CobaltStrike, @OutflankNL, and @_CoreImpact teams to develop the next generation of offensive security training! Get more details on the blog https://t.co/ROlgDlsAje
@kyleavery ja ja ja
📢 Big News! @mariuszbit is joining Outflank! He ticks all the boxes:
Experienced #offsec researcher ✓
Respected name in red teaming ✓
Built RMF tooling for initial access ✓
His work is coming to OST✓
The red hoodie fits perfectly ✓
Welcome Mariusz!
https://t.co/EBbODaWPBB
Let's play peekaboo with PatchGuard! Read our blog post about hiding processes on modern Windows systems with HVCI enabled:
https://t.co/8q7cAo6pSo
New blog by Outflank’s @KyleAvery: Linux process injection leveraging seccomp to inject shared libraries into Linux processes without LD_PRELOAD, ptrace nor elevated privileges.
Parent-to-child injection at any ptrace_scope level 💪😎
Tech details here: https://t.co/aSv7XlT1Ah
Black Hat Bonus: Learn more about @kyleavery 's research on training self-hosted LLMs to generate evasive malware and creation of a 7B parameter model that generates evasive Cobalt Strike shellcode loaders able to bypass Microsoft Defender for Endpoint. https://t.co/Ojvz7Y4c13
The Outflank and Cobalt Strike researchers will be hosting 15 minute technical lightning talks at our BlackHat USA booth. ⚡️ There's some really good content in there that you don't want to miss.
📍Booth #4422 (Fortra)
🕒 See attached schedule. Limited spots, so come early!
Have you always wanted to roll out your own offensive monitoring network? See how Async BOFs enable automatic notifications for when users log in, useful applications (such as password vaults) are started, or the user tries to log off/shut down. https://t.co/fLsj3ljk9L
BOFs are powerful, but error-prone! We dropped a post and new BOF linting tool to catch bugs early, and to prevent crashing implants.
This will speed up your Beacon Object File dev workflow. If you're building custom C2 payloads, it's a must-read. 🔍
📖 https://t.co/QBZAdcJA55
Here's our new blog on hiding your implant in VTL1, where even an EDR's kernel sensor can't see it.🧑🦯
Post includes full operational details. Plus our OST offering has been updated with a Cobalt Strike sleep mask exploiting secure enclaves.
Full read ➡️ https://t.co/oe9A6RowDV
Yes! We're doing the Infosec Kart Cup again! 🏎️🤘
Mark June 19 in your calendars, and reserve your spot now at https://t.co/pVT7ca9Mqs! The 2024 edition was sold out.
🚀 We're hiring a DevOps/Cloud Engineer at Outflank!
Join us to build and manage complex Azure environments that deliver our OST toolkit.
Skills: Kubernetes (AKS), GitOps, IaC, Tekton, Python💻 It's NOT an offensive role!
Based in NL or a time zone-friendly region? Let's chat!
@Cneelis @Hexacorn He's not. But he knows where we are hiding. 😱
Excellent group of red teamers: ✅
Fantastic talks line up: ✅
Awesome badge: ✅
#RedTreat
New Blog Alert! 🚨
Introducing Early Cascade Injection, a stealthy process injection technique that targets Windows process creation, avoids cross-process APCs, and evades top-tier EDRs.
Learn how it combines Early Bird APC Injection & EDR-Preloading: https://t.co/oWreVHNKyL
Thanks for the good work on part 1 @dez_ @SBousseaden @elastic. Here's our part 2 on #GrimResource. ♥️
Who’s the real #GrimResource? Spoiler: It’s us! 😏
Here's our latest blog on using MSC files for initial access: https://t.co/aQ0Of11pU8
Fun fact: @elastic’s post on this technique came from a sample caught by a blue team, originally used by a red team through our OST offering.
🔥🔥New goody dropped for Outflank Security Tooling customers: PhisherPrice
PhisherPrice helps with Device Code Flow abuse without sending codes/QRs via email. Easy to setup and host a phishing website, easy to receive auth tokens. Just as you like it.
It's not *always* about Windows--macOS and Linux #EDRs need attention, too! In our latest blog, @kyleavery explains more about the telemetry sources for these under-discussed #endpoint products>
https://t.co/fxA5s7vKUH
🏁 InfoSec Kart Cup 2024 is heating up! 🏎️
We already have 30 teams ready to race! Blue team defenders and red team attackers, come challenge your peers in this outdoor karting showdown.
📍 Berghem, NL
📅 June 27
Check our "special" website for details: https://t.co/6qIHcCaTGJ
Want to see this new initial access tool in action? Register for next week's demo on May 30. We'll show this tool, together with other tools and features of Outflank Security Tooling.
https://t.co/51AX1FRcNB
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers