Olivia
Online
Vylegzhanin Daniil
@jfmeee
RT
Joined June 2016
193 Following
403 Followers
1.1K Posts
Welcome to the red team world…. where blue chastised us for hoarding TTPs 😂😂
https://t.co/M6crnBxent
@domchell "less things shared publicly" so it's finally healing and we no longer brag about .one motw bypasses in the face of the vendor?
Shared a note about the issue I discovered during the weaponization of auditd persistence on macOS
https://t.co/ZvZUOdkbdn
We've just pushed details on our latest #Nighthawk release (Sivako) https://t.co/iSoLVbsnJK - including async BOF support, native kerberos and more 🔥 https://t.co/yPUUBrA5pF
Exploring the WDAC Microsoft Recommended Block Rules: kill.exe
kill.exe is an interesting SDK #lolbin. Instead of loading unsigned code through deserialization or through some script host trampoline magic, kill.exe appears to bypass WDAC b/c it is vulnerable to buffer overflow
Infosec twitter is something
🚀 Just dropped v0.5 of my Chrome App-Bound Encryption Decryption tool! Full user-mode (no admin), all path-validation bypasses, full cookie extraction (JSON 🍪) and stealth DLL injection. Chrome’s ABE is officially broken, works on Chrome, Edge & Brave. Anything else to tackle with ABE? 🤔
So I wanted to collate a bunch of different attacks you can perform via ServiceNow that we've used pretty regularly, but for which there doesn't seem to be much out there publicly.
V8 Sandbox escape/bypass/violation and VR collection
https://t.co/dMhlqzYiSf
Nothing feels better than finishing a year with a high integrity callback on the high value server running under privileged account.
@HaifeiLi Yeah, corpus minimisation and coverage stability for these kind of targets took most of the time for me as well. I found that harnesses make a huge difference for stability, especially when COM is involved.
@filip_dragovic Does it change anything tho?
Spent last two weeks working with Binary Ninja and finally can put ida to the bin. Awesome product, solid plugin support (lighthouse available!), 10/10
Rip webdav motw bypass, was part of some nice exec chains, burnt as cve-2024-38213 by zdi. Unlucky that won't be able to use it for my next gig but had some good time.
Thrilled to release my latest research on Apache HTTP Server, revealing several architectural issues! https://t.co/7ygwWXY0pd
Highlights include:
⚡ Escaping from DocumentRoot to System Root
⚡ Bypassing built-in ACL/Auth with just a '?'
⚡ Turning XSS into RCE with legacy code from 1996
OST's Stage1 C2 is now Outflank C2, an optimised, OPSEC focused custom C2 framework with:
•Native implants for Windows, macOS and Linux
•Dynamic code exec
•Proxying support
•Peer-to-peer C2 between all three implants
Get more info at https://t.co/UM2DPDBWqM
Last Seen Users on Sotwe
Bokep Indo Terbaru 2021 Video Viral Abg Mesum 𝟏𝟖
Seen from Indonesia
Liseli Genç Sex Kız
Seen from Turkey
DamlaVivos
Seen from Turkey
قصص | احمد 11k
Seen from Oman
Türk Yerli İfşa Porno
Seen from Turkey
Tuna Koçaslan
Seen from Turkey
Emir
Seen from Turkey
chapinas buenas
Seen from Guatemala
ensestim ablama
Seen from Turkey
koparacak
Seen from Saudi Arabia
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.2M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
61.9M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers