Olivia
Online
Max dcb
@max2cbx
OSCP|CRTO - Senior Information Security Engineer
Joined December 2021
90 Following
105 Followers
13 Posts
🕸 OpenShiftGrapher: A graph based tool to map, exploit & secure OpenShift clusters.
Perfect for pentesters to uncover:
🔸 RBAC abuse paths
🔸 Privilege escalation via SCCs
🔸 Risky misconfigs
📝 Read: https://t.co/mM3MaJKN3O
#RedTeam #Pentest #Kubernetes
A new life of reflective DLLs - fixing call stacks.
Registering a proper unwinding information from .pdata section with RtlAddFunctionTable() helps fixing the call stack of a function called from within reflective DLL.
Example implementation called DreamWalkers and other details in a post by Max (@max2cbx).
Source: https://t.co/1xMmGEKgKl
#redteam #maldev #malwaredevelopment.
@SEKTOR7net Wow, thank you for sharing this — it truly made my week! I'm a great admirer of your work and have learned so much from your various courses. I'm honored that you found interest in my modest contribution.
🧪 New technique: DreamWalkers
A reflective shellcode loader that crafts a synthetic, clean call stack.
Achieving stealthy execution from memory-mapped modules.
🔗 https://t.co/kYLmaVkn5Z
#MalwareResearch #RedTeam #WindowsInternals #OffSec
@UK_Daniel_Card If you want real risk management I can recommend the book "How to Measure Anything in Cybersecurity Risk" it points out why we need to stop using risk matrix with highs and lows and do the math!
@ColeVanlanding1 @C5pider @securityonion Super cool video! Do you know good resources to set up the Security Onion environment, it seems super interesting!
@C5pider @Eaga11N Yeah for the windows exploit side but for exemple you could use protobuf to ease the message parsing. I come from a c++ dev background and I see a lot of possibilities in using higher level functionalities. Maybe their are things I don't see..
@C5pider @Eaga11N It s seems super cool! For my own culture could you imagine integrate some high level lib in you agent and staticly compiled it ? I don't understand why beacon have to be low level dev? Apart from the loader.
@VirtualAllocEx Very cool project, exactly what I was looking for. I am definitely going to try that. Thank you.
@VirtualAllocEx Very interesting. Can you use the same technique to execute arbitrary .exe like the execut-assembly function of cobalt strike does ? What would be the manipulation to get the hex of a compiled .exe ?
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.4M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.1M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers