Olivia
Online
Mike Brown
@m8sec
Joined February 2016
582 Following
718 Followers
273 Posts
Introducing: https://t.co/FOcfQGdxtg ! 🛜🤖😂
A free prompt injection wargame to troubleshoot your local network with an AI assistant; and a challenge to have it leak some secrets!
Brought to you by @JustHackingHQ, @_ContinuumCon_, @d1gitalandrew Andrew Bellini & Eva Benn.
Anthropic just open-sourced a reference framework for AI-powered vulnerability discovery and remediation 🤖💀
The workflow:
Recon → Find → Verify → Triage → Report → Patch
Features:
• Threat modeling
• Autonomous vulnerability hunting
• Crash verification
• Finding deduplication
• Exploitability analysis
• AI-generated patches with validation
Built around Claude Code and sandboxed agents using gVisor.
🔗 https://t.co/ZFOtXZPEn8
Interesting signal: AI is moving beyond code generation into autonomous security research and vulnerability management.
#CyberSecurity #AppSec #AI #LLM #VulnerabilityManagement #DevSecOps #ClaudeAI
Cleaned up my old ETW notes from Obsidian and put them into one post.
No new research here.
Just a practical map of the parts I keep coming back to, providers, sessions, kernel loggers, ETWTI, tampering, and detection.
https://t.co/e068LAH8p7
Round two!
Yesterday was one report, here’s another: an unpatched NTLM coercion via the Windows Search (search-ms://) URI handler.
Same questions about how it got handled. It’s all in the writeup, timeline included.
https://t.co/eMbyEGbx8b
Who to follow
Active Directory Hardening Series
Part 1 Disabling NTLMv1 https://t.co/9gla1vtQ18
Part 2 Removing SMBv1 https://t.co/KOqpamarcW
Part 3 Enforcing LDAP Signing https://t.co/oW2Ymvu1ZW
Part 4 Enforcing AES for Kerberos https://t.co/iENjEPBOFD
It's been a while since I wrote a blog post. My new post writes about some cool updates to the MS-RPC-Fuzzer for recursively fuzzing complex structures, logging using ETW, and we found a way to escalate to nt\authority system!
https://t.co/Guxzx0gu2J
How well do you really understand what's happening inside a #Kerberos exchange? In our latest blog, @codewhisperer84 breaks down the full authentication flow and demonstrates how to interact with every stage using the #Titanis toolset. Read it now! https://t.co/QfvnCt9C0T
🛡️ Windows Analysis and Research Toolkit
Full-stack Windows inspection — user + kernel mode.
• Processes, ETW, network, registry
• SSDT, callbacks, drivers, memory R/W
• Detect hooks, hollowing, hidden processes
• Remote analysis via WinSysServer
⚠️ Kernel driver → lab use only
🔗 https://t.co/5wb38nG6Am
#DFIR #MalwareAnalysis #WindowsInternals #CyberSecurity
gopacket is live! Check it out, it is intended to be a full reimplementation of Impacket in Go (it is in beta please send me bug reports) https://t.co/9XjTickbyA
I'm thrilled to announce "Can AI Do Novel Security Research? Meet the HTTP Terminator" will premiere at @BlackHatEvents #BHUSA! Check out the abstract:
Your EDR just coerced itself. 🫠
Drop a crafted LNK → MsSense.exe makes a CreateFile call → machine account hands over its Net-NTLMv2 hash over WebDAV → relay to LDAP → Shadow Credentials or RBCD.
No user interaction. No exotic exploit. Just vibes and a shortcut file.
If you're running Microsoft Defender for Endpoint, this one is literally about you. 👀
Full attack + detection breakdown 👇 https://t.co/wUsR1cHuZP
#purpleteam #MDE #NTLMcoercion #detectionengineering
CVE-2024-46062 Miniconda3 macOS installers before 23.11.0-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation,… https://t.co/VTCVHkpzWX
CVE-2024-46060 Anaconda3 macOS installers before 2024.06-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, … https://t.co/0fL0mqTWqw
RedTeam-Tools: https://t.co/O1LEWpv6au
DumpGuard - Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems https://t.co/eSmGZltUtw
Redirect any Windows TCP and UDP traffic to HTTP/Socks5 proxy https://t.co/mrfJ5yt5SE
Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does https://t.co/HBNpU2LOIp
Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays https://t.co/vnUpZvCovC
Last Seen Users on Sotwe
Daddy Fantasy 
Seen from United States
S4bleng_nade
Seen from Indonesia
♤ความงดงามของหญิงสาวชั้งยั้วยวนใจ♤
Seen from Thailand
ngocok peli
Seen from Indonesia
OhThree11
Seen from Spain
ONUR
Seen from Turkey
Merve'nin Dünyası
Seen from Turkey
Clip Gay Hot 🏳️🌈
Seen from Vietnam
Phim Gây Việt
Seen from Vietnam
ThC kingdom
Seen from Japan
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers