Olivia
Online
Rohan
@Decode141
lots of cyber. All the cybers. Cyber cyber. Cyber.
London, England
Joined October 2010
122 Following
199 Followers
291 Posts
@Decode141 and I will be sharing ideas for engaging in cyber deception in Active Directory at BlackHat USA next Thursday between 11:25 and 12:35 PST in the Business Hall - Arsenal Station 5.
If you are around, please visit us in-person or virtually using a free on-demand business pass.
For more information, please visit https://t.co/WwyU2wDR9W
https://t.co/08DWxzNoBR by @APTeeb0w
1) We are finally propagating MotW to Virtual Disk containers! For example, when you download and mount an ISO from the Internet, applications that query the zone of files inside of that ISO will receive the zone of the ISO itself. 3/7
Microsoft fixed my Kerberos PAC verification bypass issue this month in HTTP.sys which me and Nick presented at Blackhat. Sadly no more details for 30 days, but it might be easy to work out how to do it :) https://t.co/GkFHGW0hOw
@swat_cyber Enjoy your time in London!
Google completed its acquisition of Mandiant today. We’re excited to get started on our shared mission to create a comprehensive and best-in-class cyber security solution for customers and partners. Read more here: https://t.co/JpkOHify14
my biggest financial mistake was being in 8th grade in 2009 when I should’ve been buying foreclosed real estate
Excited to announce that I will be leading an on-demand session at #BlackhatUSA that’ll cover core #GraphQL concepts and how to exploit the most common #security issues. Join the session virtually from Aug 10. https://t.co/KDw6qGGLRQ #BHUSA
Starting our list of Saturday AM workshops, we have @Decode141 and @am0nsec teaching "Windows Defence Evasion and Fortification Primitives"
DC Forum link: https://t.co/VbEcSJRRG3
EventBrite link: https://t.co/FlbSfDISal
Finally finished my code for parsing Virtual Address Descriptors (VADs) tree in order to extract all the different information and PTEs
@SteveSyfuhs @tiraniddo Any thoughts on if TGSs will be non-exportable in the future? Atm, the limit is at TGTs, but privileged attackers that steal an access token or use code injection into a victim user process can request arbitrary TGSs and export them?
@djcater @ajxchapman The contract should define IP ownership associated with vulnerabilities, their confidentiality and any credit for vendor products. In case of bug bounties, clients that enforce this may suffer from unreported vulnerabilities entirely if the crowdsourced reward is more.
@djcater Not again!
@tiraniddo Nice one. For pen testers, Kekeo exported “service/target.FQDN” TGSs can be reliable used for lateral movement. CIFS particularly has worked for me with even native sc.
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers
✨
⭐
💫