dfirfpi @dfirfpi - Twitter Profile

dfirfpi retweeted

DogeDesigner

@cb_doge

almost 2 years ago

612

65K

11K

2K

5M

dfirfpi retweeted

Jake Williams

@MalwareJake

about 3 years ago

If you're starting out in security and find the breadth of stuff you "need to know" daunting, I want to give you some perspective: 1. The field has broadened - dramatically. The "baseline knowledge" grows every year. Anyone saying otherwise is lying or uninformed. 1/

30

1K

241

383

258K

dfirfpi retweeted

SANS Offensive Operations @SANSOffensive

about 3 years ago

The SANS #RansomwareSummit is open for registration! Join @rj_chap Live Online as we bring together #Cybersecurity professionals for in-depth talks focused on #Ransomware prevention, detection, response, and recovery. ✍️ Register For Free: https://t.co/qbfoBhXWIY

SANSOffensive's tweet photo. The SANS #RansomwareSummit is open for registration!

Join @rj_chap Live Online as we bring together #Cybersecurity professionals for in-depth talks focused on #Ransomware prevention, detection, response, and recovery.

✍️ Register For Free: https://t.co/qbfoBhXWIY https://t.co/YEHrvH6kQ9

1

7

4

1

5K

dfirfpi retweeted

Matthew Green 🌻

@mgreen27

over 3 years ago

@nas_bench We target anything from C:\\Users as first path https://t.co/gJ6xC68iTp

1

12

4

3

819

Who to follow

DFRWS

@DFRWS

The Digital Forensics Research Conference is dedicated to the sharing of knowledge and ideas about digital forensics research.

Anuj Soni

@asoni

Malware Reverse Engineer. Instructor & Author. Occasional YouTuber.

Mari Degrazia

@maridegrazia

Digital Forensics and Incident Response Professional, SANS Instructor, Maker and VR Gamer

dfirfpi retweeted

SANS Institute, EMEA @SANSEMEA

over 3 years ago

Coming 🔜: #SANS 🇪🇸 Madrid, March 2023 🔦 #SANS In-Person Course Spotlight #FOR508: 🗣️@dfirfpi #FOR509: 🗣️Korstiaan Stam #ICS410: 🗣️ @meeas ➕ Search For More Courses: https://t.co/lLjyFhrkop #SANSTraining #EMEA #CyberSecurityTraining

SANSEMEA's tweet photo. Coming 🔜: #SANS 🇪🇸 Madrid, March 2023

🔦 #SANS In-Person Course Spotlight

#FOR508: 🗣️@dfirfpi
#FOR509: 🗣️Korstiaan Stam
#ICS410: 🗣️ @meeas

➕ Search For More Courses: https://t.co/lLjyFhrkop

#SANSTraining #EMEA
#CyberSecurityTraining https://t.co/0ugCldBDoq

0

4

2

0

1K

dfirfpi retweeted

Silvia Spallarossa @SilviaSpallaro1

over 4 years ago

@mattiaep @domenicacrognal @sansforensics Thanks to you and @dfirfpi for giving me this great opportunity ❤️ and thanks to all @_RealityNet (especially @KlodiaMaida) for all your support in these months ❤️

0

1

0

dfirfpi retweeted

Mattia Epifani @mattiaep

over 4 years ago

Congrats @SilviaSpallaro1 for your #GASF cert! Very well deserved, so proud of you! And thanks @domenicacrognal for teaching her :) #for585 @sansforensics

2

3

1

0

dfirfpi retweeted

Grzegorz Tworek

@0gtweet

over 4 years ago

"write.exe" is just ShellExecute() to wordpad.exe. And ShellExecute() reads HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths before reading HKLM. Which means, you can use "write" to launch anything if you create "wordpad.exe" subkey. And it explains why I love Windows.🙃

9

817

199

126

0

dfirfpi retweeted

payloadartist @payloadartist

over 4 years ago

Why you should never ever ever use pixelation as a redaction technique 🙈 https://t.co/hGaam08mmr #infosec #cybersecurity #dataprivacy

9

1K

410

152

0

dfirfpi retweeted

Dr. Nestori Syynimaa

@DrAzureAD

over 4 years ago

New #AADInternals version and related blog post (with multicolor arrows) out now! "Stealing and faking Azure AD device identities": https://t.co/n9sydZ4AeI Credits to @gentilkiwi/#Mimikatz! #infosec #redteam #blueteam

DrAzureAD's tweet photo. New #AADInternals version and related blog post (with multicolor arrows) out now!

"Stealing and faking Azure AD device identities":
https://t.co/n9sydZ4AeI

Credits to @gentilkiwi/#Mimikatz!

#infosec #redteam #blueteam https://t.co/4mRgV2ZYxy

13

388

178

106

0

dfirfpi retweeted

Malwrologist

@DissectMalware

over 4 years ago

Puzzled why a yara rule did or didn't match? Let me introduce https://t.co/cY3G5MeOk6, a web-based #yara #debugger! With #YaraDbg, you can see the: 1⃣ evaluation steps 2⃣ matched strings 3⃣ relationship among the rules

7

488

223

99

0

dfirfpi retweeted

mr.d0x

@mrd0x

over 4 years ago

Procdump works against Defender with a simple rename. It quarantines the generated .dmp file but you have a few seconds to make a copy of it before it's removed. I've seen other security solutions that do this, try to copy the file quickly before it's removed.

mrd0x's tweet photo. Procdump works against Defender with a simple rename. It quarantines the generated .dmp file but you have a few seconds to make a copy of it before it's removed.

I've seen other security solutions that do this, try to copy the file quickly before it's removed. https://t.co/J0QhhstzQu

8

273

86

33

0

dfirfpi retweeted

Pentest Laboratories @pentestlabltd

over 4 years ago

📢 New Article Released! 📝 Domain Escalation - ShadowCoerce https://t.co/U1m8ise69P #pentestlaboratories #redteam #redteaming

1

85

52

20

0

dfirfpi retweeted

mr.d0x

@mrd0x

over 4 years ago

Bypass Defender AV static detection: If you name a malicious file DumpStack.log Defender doesn't scan it.

37

3K

983

384

0

dfirfpi retweeted

Brian Maloney @bmmaloney97

over 4 years ago

I’ll just leave this here. @chadtilbury @Hexacorn @phillmoore https://t.co/pNS6m6l3Z2

4

94

33

25

0

dfirfpi retweeted

🥝🏳️‍🌈 Benjamin Delpy

@gentilkiwi

over 4 years ago

Don't you think #mimikatz 3 is more sexy with #kekeo inside? Still compatible with Windows XP, Without custom compiler this time (VS2019+ Community+) Without commercial ASN1 library

gentilkiwi's tweet photo. Don't you think #mimikatz 3 is more sexy with #kekeo inside?

Still compatible with Windows XP,
Without custom compiler this time (VS2019+ Community+)
Without commercial ASN1 library https://t.co/C1EbbUMl2R

10

396

126

14

0

dfirfpi retweeted

SANS Institute, EMEA @SANSEMEA

over 4 years ago

SANS Live Online Europe February 2022 Volume 1 SEC504 w/ @bettersafetynet SEC488 w/ @RogerOfarril FOR508 w/ @dfirfpi SEC510 w/ @KennethGHartman FOR610 w/ @jclausing MGT514 w/ @_JoeSullivan Register 👉 https://t.co/UQPc0rNKmn

SANSEMEA's tweet photo. SANS Live Online Europe February 2022 Volume 1

SEC504 w/ @bettersafetynet
SEC488 w/ @RogerOfarril
FOR508 w/ @dfirfpi
SEC510 w/ @KennethGHartman
FOR610 w/ @jclausing
MGT514 w/ @_JoeSullivan

Register 👉 https://t.co/UQPc0rNKmn https://t.co/VPQxF9bd0O

0

4

0

dfirfpi retweeted

SANS Institute, EMEA @SANSEMEA

over 4 years ago

SANS Live Online Europe January 2022 Volume 1 #FOR500 w/ @lee_whitfield #FOR508 w/ @dfirfpi #SEC660 w/ @mchllmmns #SEC530 w/ @Greg_Scheidel #MGT551 w/ @markaorlando Register 👉 https://t.co/7PcvyZpv9E

SANSEMEA's tweet photo. SANS Live Online Europe January 2022 Volume 1

#FOR500 w/ @lee_whitfield
#FOR508 w/ @dfirfpi
#SEC660 w/ @mchllmmns
#SEC530 w/ @Greg_Scheidel
#MGT551 w/ @markaorlando

Register 👉 https://t.co/7PcvyZpv9E https://t.co/IomRtoSEv3

0

3

2

0

dfirfpi retweeted

Lorenzo Maffia @Maff1t

over 4 years ago

InjectionTracer v0.1 is OUT! A tool that aims to help you to 𝐢𝐝𝐞𝐧𝐭𝐢𝐟𝐲, 𝐝𝐞𝐛𝐮𝐠 𝐚𝐧𝐝 𝐝𝐮𝐦𝐩 the injected code. It supports most of the known process injection techniques. https://t.co/ykuq6R2LK8

1

16

4

1

0

dfirfpi retweeted

Mattia Epifani @mattiaep

over 4 years ago · Genoa

Apple TV 4 with iOS 14.7. Jailbreak with @checkra1n Full file system with @ElcomSoft and @MagnetForensics Processing with @AlexisBrignoni iLEAPP and @iamevltwin APOLLO Nice :)

mattiaep's tweet photo. Apple TV 4 with iOS 14.7.
Jailbreak with @checkra1n
Full file system with @ElcomSoft and @MagnetForensics
Processing with @AlexisBrignoni iLEAPP and @iamevltwin APOLLO
Nice :) https://t.co/MsNc9IcZKj

1

45

13

2

0

dfirfpi

@dfirfpi

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users