regipy 3.1.0 has been released! Please note that the installation instructions are now a bit different if you are interested in using plugins! https://t.co/IEY43HGZhn
"Regipy MCP: Natural Language Registry Forensics with Claude"
Six years ago, I wrote a blog post introducing regipy, a Python library I built because I was frustrated with existing registry forensic tools. I needed a tool that could parse registry hives… https://t.co/XRxMlzCOAh
Today, we're excited to launch @github code search - a new way to search and navigate code.
We’re introducing a brand new search and code navigation view and they are jam packed with new features. Here are some I’m excited about.... 🧵 1/6
Sneak preview of Volumeiser. Final version will allow listing and extraction of OS files from common hard disk image formats. My favourite so far is AWS EBS snapshots. Extracting registry hives now takes seconds + a few MB of data instead of unworkable 100G images.
3 subdominios de @Microsoft (aka bypass) están siendo utilizados para distribuír #phishing dirigo al robo de credenciales corporativas 🤯
/ecv.microsoft.com/Wk7OBC6cRW
/ncv.microsoft.com/fVgfvmUTpN
/customervoice.microsoft.com
También @digitalocean y @SkynetLabs ⚠️
Here's a finding I had in Defender earlier this year that I thought was neat. Not cool enough for a blog post, so here's a 🧵: Azure VMs have a component called 'Serial Console', which allows commands to be passed via COM1. The commands are limited, but one stood out: procdump
A good writeup of the flaw here by @Horizon3Attack , which has left me shaking my head wondering how this code passed any inspection
https://t.co/P3ogqFZsVu
Linux kernel WiFi stack bugs exploitable over the air are always worth following up with!
CVE-2022-41674 (RCE)
CVE-2022-42719 (RCE) <<<
CVE-2022-42720 (RCE)
CVE-2022-42721 (DoS)
CVE-2022-42722 (DoS)
https://t.co/mTzRoYfdJW
🧵We are excited to share that @Zeekurity is now a component of @Microsoft@Windows ! An incredible development that truly establishes Zeek as the de facto standard for #networkevidence:
https://t.co/jM8b0AZ8d3
1/4
#Emotet’s operators were busy updating their systeminfo module, with changes that enable malware operators to improve the targeting of specific victims and distinguish tracking bots from real users. #ESETresearch 1/7
With more than two months to go of 2022 I can say with certainty that this is THE tip of the year: Shortcuts to Microsoft admin and user portals + deep shortcuts to Azure AD sections. https://t.co/h5b77hxzph
"Hello World under the microscope" - an article we wrote together with @gynvael and @j00ru! Originally published in issue 100 (1/2022) of the Programista magazine, now available online in Polish and English. https://t.co/qGCe36Wigu
Fox-IT just open sourced their enterprise forensics tooling dissect. This is a big project that some of the smartest people I know have worked on. It supports many filesystems and file formats, all as Python libraries. Docs: https://t.co/M6YAygmW3E / code: https://t.co/HKT4eYIm1a
/1 How do Apple Pay and Google Pay handle sensitive card info?
The diagram below shows the differences. Both approaches are very secure, but the implementations are different. To understand the difference, we break down the process into two flows.