drm @lowercase_drm - Twitter Profile

Pinned Tweet

drm @lowercase_drm

over 1 year ago

Choose your poison 🦋 https://t.co/xKbJwJzT8m 🐘 https://t.co/KtIiGxzUzZ (still posting here too)

0

1

0

1

2K

drm @lowercase_drm

2 days ago

HP Probook 440 G5: TPM sniffed on the BIOS flash (SOIC 8)

0

42

drm @lowercase_drm

about 1 year ago

Recently sniff a SPI bus for the first time (with and without PIN) on a Lenovo T470. It's quite fun, event with a DSLogic! s/o @en4rab for SPITkey.

lowercase_drm's tweet photo. Recently sniff a SPI bus for the first time (with and without PIN) on a Lenovo T470. It's quite fun, event with a DSLogic! s/o @en4rab for SPITkey. https://t.co/OdrfzJ7yHd

4

22

8

4

3K

drm @lowercase_drm

16 days ago

Dell 7450: VMK sniffed on the WSON flash (UC2), clock is 25Mhz. Added to https://t.co/ORc8akJzSM 🫡

1

0

88

Who to follow

Kleiton Kurti

@kleiton0x7e

A web security guy, Red Team Enthusiast and wannabe Malware Developer. Opinions and views are my own.

Thomas Seigneuret

@_zblurx

Red Teamer & Security researcher Maintainer of #NetExec, #DonPAPI, dploot, certsync, and all the stuff on my github repo bsky: https://t.co/zISpgvDSWc

Rémi GASCOU (Podalirius)

@podalirius_

Senior Security Researcher @SpecterOps | 3xMicrosoft Security MVP | Creator of opensource security tools 🎬 https://t.co/QaAENc4NcY | Views are my own

drm @lowercase_drm

14 days ago

@en4rab @NoobieDog @iiiikarus « Will be available from July 2026 on select HP G2 commercial PC » TPM is not dead yet imo.

0

43

lowercase_drm retweeted

Stu Kennedy @NoobieDog

15 days ago

https://t.co/gaALOradj2 Continues to grow! Loads more laptops added to the repo that are extractable! Dell Lattitude 5430 and 5440! @lowercase_drm @en4rab

3

67

20

51

6K

drm @lowercase_drm

15 days ago

@iiiikarus @NoobieDog @en4rab PR submitted, thanks for the idea

0

2

0

32

drm @lowercase_drm

21 days ago

Please, be advised that someone is using a forked repo of my KingCastle python script to spread LUA malware. What a time to be alive. User: Ramdhankola Repo: KingCastle 🌻

lowercase_drm's tweet photo. Please, be advised that someone is using a forked repo of my KingCastle python script to spread LUA malware. What a time to be alive.

User: Ramdhankola Repo: KingCastle

🌻 https://t.co/mli69fmms2

0

1

138

lowercase_drm retweeted

Nightmare Eclipse @ChaoticEclipse0

22 days ago

Two more zerodays - https://t.co/kUgSQqq0s8

9

463

119

193

63K

drm @lowercase_drm

23 days ago

@SipeedIO Will it be open sourced ?

1

0

67

drm @lowercase_drm

about 1 month ago

Asked Claude to code a small site for the @NoobieDog repo about TPM sniffing. It was a fun exercice (even with a free tier claude account haha). https://t.co/ORc8akJzSM

lowercase_drm's tweet photo. Asked Claude to code a small site for the @NoobieDog repo about TPM sniffing. It was a fun exercice (even with a free tier claude account haha).

https://t.co/ORc8akJzSM https://t.co/lHvw9nxcE9

0

7

0

3

298

lowercase_drm retweeted

MDSec @MDSecLabs

2 months ago

In our latest post, researcher @craigsblackie documents attacks against the Dell UEFI firmware that enable DMA attacks against TPM-only bitlockered devices https://t.co/b835C7rlW4

MDSecLabs's tweet photo. In our latest post, researcher @craigsblackie documents attacks against the Dell UEFI firmware that enable DMA attacks against TPM-only bitlockered devices https://t.co/b835C7rlW4 https://t.co/LrAvwF4zMr

3

155

51

64

13K

lowercase_drm retweeted

Almond OffSec @AlmondOffSec

3 months ago

A private @Burp_Suite Collaborator instance is an essential for pentesting sensitive environments, but managing TLS for it can be a pain. Today we release a Certbot plugin that automates Let’s Encrypt wildcard certificate renewals for private instances. https://t.co/UTr8aFlDFd

0

11

3

5

539

drm @lowercase_drm

3 months ago

Based on prior research by @Jonas_B_K, @harmj0y, @PyroTek3, @_dirkjan, @gentilkiwi and prior work from @SAERXCIT and many impacket contributors!

Almond OffSec @AlmondOffSec

3 months ago

Are one-way trusts really one way? @lowercase_drm sums up how the TDO password lets you turn a one-way AD forest trust into bidirectional access, and releases a new tool to remotely extract these secrets. https://t.co/jh9MRAeHk9

AlmondOffSec's tweet photo. Are one-way trusts really one way? @lowercase_drm sums up how the TDO password lets you turn a one-way AD forest trust into bidirectional access, and releases a new tool to remotely extract these secrets.

https://t.co/jh9MRAeHk9 https://t.co/VnWbQkmzaU

2

115

42

74

16K

2

47

13

29

8K

drm @lowercase_drm

3 months ago

@vendetce No, problem, it's nothing fancy, but it helps (me, at least 🙂)

0

30

drm @lowercase_drm

3 months ago

I was bored to type the same commands each time I started a new internal pentest. So here comes KingCastle. This script does not perform any attacks, consider it as a cheat sheet, to quickly see low hanging fruits. https://t.co/tFUZkzYdXC