![it4sec's tweet photo. "Apple CarPlay: What's Under the Hood" - the newest and most detailed public research on CarPlay I've seen so far. Security analysis and fun memes included! 🚘 📲 🔬
Presentation [PDF]: https://t.co/PrmYmZ7D4O
Video: https://t.co/7f3mTo5oVg https://t.co/v1kmD9UK9G](https://pbs.twimg.com/media/GbuQuDUW4AQ8oQR.jpg)
Olivia
Online
Francois Laplaud (Rebrec)
@elfrancesco
Infosec addict / sysadmin / dreaming about working in the infosec world
France
Joined February 2010
255 Following
47 Followers
1.4K Posts
Offensive security toolkit for Claude Code covering red team, exploit dev, AD attacks, EDR bypass, mobile pentest https://t.co/BkwoSBEFew
We identified a malvertising campaign targeting users searching for legitimate software, leading to the download of a trojanized WinSCP installer that deployed Broomstick/OysterLoader.
All files involved in the initial access phase were signed with valid certificates.
🔥Introducing a new Red Team tool - SessionHop: https://t.co/oU2R60ayPD
SessionHop utilizes the IHxHelpPaneServer COM object to hijack specified user sessions. This session hijacking technique is an alternative to remote process injection or dumping LSASS. Kudos to @tiraniddo for first discovering this years ago.
Blue Team tip: Look for unusual child processes spawning from HelpPane.exe
🚨 A .NET flaw called “SOAPwn” lets hackers run code on enterprise apps — no patch from Microsoft.
Researchers at Black Hat Europe showed how SOAP clients can be tricked into writing files or web shells, hitting tools like Barracuda RMM and Ivanti EPM.
🔗 Full details here ↓ https://t.co/3B3bTCWvPu
Auto labelling sharepoint files in Pureview https://t.co/d5KdiQGN43
Powershell module to create a mermaid representation of your #intune apps and other stuff : https://t.co/BgbOZSHOht
https://t.co/lx6vXMCBmX
Another approach to disable EDRs (with anti-tampering). Credit goes to @sixtyvividtails for the idea🧙♂️
PendingFileRenameOperations and an NTFS junction, we can ask Windows to delete EDR binaries on reboot (with Admin privs)
A link to a complete GitHub PoC follows in replies
https://t.co/0ZG3nghLUY
🪵Gros coup dur pour les forêts: le Parlement vient de saboter la loi européenne contre la déforestation. Ce texte vise à interdire de vendre en Europe des produits s'ils sont responsables de déforestation. Mais les députés viennent de voter pour 3 changements dans le texte qui pourraient avoir des conséquences catastrophiques: une exclusion de la grande majorité des pays des obligations de la loi, une conditionnalité pour la date de sa mise en application, et un report d'un an.
💪Heureusement ce n'est pas fini, il va maintenant falloir trouver un compromis avec la position de la Commission et du Conseil 📃
Hello everyone! Our team loves everything related to LPE exploits. However, there is no publicly available list on the web with fresh LPE exploits (2023-2024) for Windows. However, we do have such a list. And we are sharing it with you!
https://t.co/vZwah6erOy
"Apple CarPlay: What's Under the Hood" - the newest and most detailed public research on CarPlay I've seen so far. Security analysis and fun memes included! 🚘 📲 🔬
Presentation [PDF]: https://t.co/PrmYmZ7D4O
Video: https://t.co/7f3mTo5oVg
![it4sec's tweet photo. "Apple CarPlay: What's Under the Hood" - the newest and most detailed public research on CarPlay I've seen so far. Security analysis and fun memes included! 🚘 📲 🔬
Presentation [PDF]: https://t.co/PrmYmZ7D4O
Video: https://t.co/7f3mTo5oVg https://t.co/v1kmD9UK9G](https://pbs.twimg.com/media/GbuQuDoWgAIm56C.png)
Rooting an Android POS "Smart Terminal" to steal credit card information:✅
Paper "Exploring and Exploiting an Android 'Smart POS' Payment Terminal", by Jacopo Jannone.Paying with a POS will never feel the same for me.
PDF: https://t.co/mZqbgoZZyh
Video: https://t.co/V98uJ4MH0m
Breaking Down Multipart Parsers : File upload validation bypass : https://t.co/p3mmkqEGoH
Le CERT-FR recrute un expert en investigation numérique ! Si vous aimez traquer les APTs, souhaitez devenir expert sur des technologies très variées et donner du sens à votre travail, n'hésitez pas à postuler 🙂
➡ https://t.co/lsyHAmFqr2
New blog!
I hate you COM – Pitfalls of COM object activation!
Addressing few issues in .NET unmanaged apis when used in offensive coding
https://t.co/KKpAlkM4fh
Microsoft Incident Response lessons on preventing cloud identity compromise
https://t.co/kBtEiWsj2q
Extracting Credentials From Windows Logs
https://t.co/018vc4XsWc
New tool published which is proving to be useful. Cred1py allows execution of the CRED-1 SCCM attack published by @Raiona_ZA over SOCKS5 UDP by wrapping the awesome https://t.co/vlpvKEVziV from @0xcsandker. Enjoy :) https://t.co/NO7HYTA1PP
Last Seen Users on Sotwe
gielff
Seen from Indonesia
Video Telegram
Seen from Indonesia
TELEGRAM TÜRK İFŞA KANALI GRUBU
Seen from Turkey
Türk Porno Paylaşım
Seen from Turkey
فحل الأمهات المربربه🔥
couple videos
Seen from Malaysia
Nudists on Beach 
Seen from Indonesia
Aile İfsacisi
Seen from Turkey
Barıştek
Seen from Turkey
미누커플
Seen from Korea
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers