Olivia
Online
Blake
@bmcder02
Threat Hunter for Rapid7. Opinions are my own.
Australia
Joined May 2012
153 Following
726 Followers
118 Posts
@AndrewCGower Hey Andrew! Are there any plans for changeable font sizes? With my eyes, I really struggle reading the professions tab and quest bar without it taking up the whole screen. Especially on the steam deck. Thanks!
If you're hunting for vulnerable XZ instances in Velociraptor:
- For Linux, run the Packages artifact and add `WHERE package =~ "xz"` to the default notebook.
- For MacOS, list the directory `/opt/homebrew/Cellar/xz/5.6.*` for instances where users have to update/upgrade brew.
Forgot to mention this will only work on v0.7.1 onwards, due to the updated ETW library.
Did you know you can use the ETW provider "Microsoft-Windows-DotNETRuntimeRundown" to get a list of loaded .NET Assemblies/Modules/Namespaces?
This can be particularly useful for finding malicious DotNet which has been loaded reflectively, using Assembly.Load().
Who to follow
13Cubed 
@13CubedDFIR
The official account for 13Cubed. Follow @davisrichardg for my personal account.
The Haag™
@M_haggis
Threat Researcher | Co-Host of Atomics on a Friday | LOLDrivers & Atomic Red Team Maintainer | I'm Everywhere and Nowhere - BSG.
Wietze
@Wietze
Threat Detection & Response. Views are my own, unless retweeted.
Maintainer of https://t.co/000t7J0NBR & https://t.co/thv6PP5C48
Co-maintainer of https://t.co/rXIxOggXs2
I've just added a Velociraptor Artifact to query this ETW provider, you can grab it here: https://t.co/6LvBJhGCgO
It's physically impossible to keep up with the research being released nowadays. Basically life becomes a mix of FOMO, Imposter Syndrome and eventual burnout😭
What's the solution you might ask? Welp it turns out, no one is actually keeping up with everything. 😂Everyone is working on their thing, so keep doing yours.
Hi SIEM vendors,
I've noticed you're using Sigma rules from the community GitHub in your products and calling them "Built-In", but you're not giving credit to the authors. It's a simple thing to do and really important for respecting the open-source community's efforts and the Detection Rule License (DRL).
Please start crediting the authors and respect the DRL.
Have you played around with @velocidex 0.7.1-rc1? With some great features like #sigma integration, I'm excited for the future of Detection Engineering in Velociraptor. Try it out now! 😁
https://t.co/5qsP8NPO7g
While there are many great articles that discuss logs to be sent to a SIEM, many don't mention filtering on the endpoint during investigations. This is an area in which @velocidex excels. 🦖🚀 #FastForensicsBeforeFullSendIt #LogManagementMusts #SaveTheSIEM #SplunkCostBoss
If you missed VeloCon23, all talks are available on YouTube and the website.
https://t.co/XGNrUHnqzB
#dfir #cybersecurity #rapid7
@power_napz Leaked audio of me during an incident.
Excited to be speaking at an @ACSnewsfeed event this Tuesday in the #riverina . Great opportunity for local businesses to come ask any Cyber Security incident response questions!
https://t.co/gHvvwRKp93
@reprise_99 Real Word users use it on Server Core. GUI is so lame, omg.
Hi X, it's been a while.
I'm excited to announce that I've joined the @rapid7 @velocidex team, focusing on the open-source build. We've got some exciting things in the works, and can't wait to share them with this amazing community.
@AlanJ_KA7 If I could, I'd join you. I feel like we would look great in matching merch.
@runasand A similar thing happened to my partner. When we got access again, we had to change the email address and phone number to something completely different so they wouldn't be able to use the same logon information to try and reset it.
I hope you get access again soon!
@cyb3rops Building bespoke techniques into your own c2 can be amazing for detection engineering so I can understand the courses. But I'm also of the opinion that offensive tools shouldn't be shared on github, even with the "only for educational purposes" in the readme. 🙄
@nikksterDotTech Create a way for it to slowly transition through all the different themes every 20 minutes. Not only will it allow you to use all your themes, but it'll also provide a great opportunity to gaslight your visitors into wondering if the site was this colour before.
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers