Olivia
Online
safe
@safe0x17
Red Team Operator
0.0.0.0
Joined March 2024
223 Following
270 Followers
17 Posts
ย Pinned Tweet
I'm excited to share ๐ฅ๐๐๐๐ถ๐ฐ๐ฒ๐ฐ. A Modern 64-bit ๐ฃ๐ผ๐๐ถ๐๐ถ๐ผ๐ป-๐๐ป๐ฑ๐ฒ๐ฝ๐ฒ๐ป๐ฑ๐ฒ๐ป๐ Shellcode Template for ๐ช๐ถ๐ป๐ฑ๐ผ๐๐, written ๐ถ๐ป ๐ฅ๐๐๐!
#rustlang #CyberSecurity #redteam
https://t.co/SF87YMJJrZ
@_Kudaes_ Appreciate it! Really like the approach with litcrypt2_nostd; it can also be combined with ollvm
I'm excited to share ๐ฅ๐๐๐๐ถ๐ฐ๐ฒ๐ฐ. A Modern 64-bit ๐ฃ๐ผ๐๐ถ๐๐ถ๐ผ๐ป-๐๐ป๐ฑ๐ฒ๐ฝ๐ฒ๐ป๐ฑ๐ฒ๐ป๐ Shellcode Template for ๐ช๐ถ๐ป๐ฑ๐ผ๐๐, written ๐ถ๐ป ๐ฅ๐๐๐!
#rustlang #CyberSecurity #redteam
https://t.co/SF87YMJJrZ
Mildly irritating things seen by malware nerds:
- Person saying {thing} evades EDR and/or AV, but they've never performed against an enterprise environment with an active Blue Team (they don't know what they're talking about). Yes, your payload avoided basic analysis, but stop disrespecting Blue Team nerds, you're seriously under estimating them.
- Person saying {language} is superior to {other language} for malware development. This is like watching Linux nerds argue about distros
- Person saying their malware is FUD. It is only undetected because you've successfully infected 4 machines running Windows 7. Large scale campaigns are difficult to run. Stop disrespecting reverse engineers. They're dealing with serious Threat Groups.
- Person saying {thing} is undetectable (in theory) because they've implemented over 9000 different evasion techniques. No, you've filled your binary with IOCs.
- Person dissing ransomware payloads, saying it is for noobs. This is both correct and incorrect. Writing single threaded ransomware is easy. Writing fast ransomware (thread pools, queuing, I/O completion ports) that can both encrypt and decrypt successfully regardless of file type and file size can be challenging.
- Anyone who references Mr. Robot when discussing malware.
I created a hypervisor-based emulator for Windows x64 binaries. This project uses Windows Hypervisor Platform to build a virtualized user-mode environment, allowing syscalls and memory accesses to be logged or intercepted. https://t.co/KbsWfdLT3D
Project:
https://t.co/xJvm24qqXv
@fin3ss3g0d haha, maybe someday! ๐
@enigmelo I based my work entirely on the public repository, glad you liked it!
๐ฆ ๐ฅ๐๐๐๐ฃ๐ผ๐๐ฎ๐๐ผ: A Rust implementation of ๐๐ผ๐ฑ๐ฃ๐ผ๐๐ฎ๐๐ผ, abusing ๐ฆ๐ฒ๐๐บ๐ฝ๐ฒ๐ฟ๐๐ผ๐ป๐ฎ๐๐ฒ to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTAPI for various operations.
https://t.co/ue0V34GGWu
#redteam #ethicalhacking
@Incubus0x4d thanks, really appreciate it!
๐ฆ ๐ฅ๐๐๐๐ฆ๐ผ๐น๐ถ๐น๐ผ๐พ๐๐: Rust-based Internal-Monologue implementation for capturing NetNTLM hashes locally without touching LSASS. Using SSPI for NTLM negotiation and indirect NTAPIs for core operations.
https://t.co/TpjfJQtMiq
#redteam #ethicalhacking
Interesting things that happened lately:
October 31st: @safe0x17 released RustVEHSyscalls, a Rust port for LayeredSyscalls โ performs indirect syscalls while generating legitimate API call stack frames by abusing VEH
October 30th: @FeribHellscream released a paper on forming a shell company and attempting to purchase an EV code sign cert (it's not fun)
October 29th: @404mediaco received a leaked document from the largest New York hospital system โ the document encourages physicians to use Artificial Intelligence to summarize clinical evaluations, diagnose medical issues, and parse health records
October 29th: @BratvaCorp noted based on the recent United States Department of Justice indictment of Redline information stealer developers โ the authors of Redline connected to their platform from their home IP addresses and linked assets to their personal iCloud accounts.
October 27th: @MalDevAcademy released a proof-of-concept code illustration of extracting an encrypted and embedded PE file from a PNG file and executing it via a LNK file.
October 23rd: @SttyK released a talk on how he discovered North Korean state-sponsored spys on Discord.
October 22nd: @0gtweet released a paper on on how to read BitLocker numerical passwords via the Windows API.
October 22nd: @__mez0__ via @TrustedSec released a paper on malware development via the Groovy programming language and it's usage in network enumeration.
October 19th: @Hexacorn discovered a new malware persistence technique by abusing the UserInstStubWrapper API in advpacker.dll and IEAdvpacker.dll
October 18th: @Hexacorn notes the discovery of 'ClickedOnRAT' windows API function from Windows XP. It's not related to malware, the API name is silly and misleading.
October 18th: @Hexacorn unveiled a prankware technique by abusing NdfRunDllDuplicateIPDefendingSystem and NdfRunDllDuplicateIPOffendingSystem
๐ฆ ๐ฅ๐๐๐๐ฉ๐๐๐ฆ๐๐๐ฐ๐ฎ๐น๐น๐: a Rust port of ๐๐ฎ๐๐ฒ๐ฟ๐ฒ๐ฑ๐ฆ๐๐๐ฐ๐ฎ๐น๐น that performs indirect syscalls while generating legitimate API call stack frames by abusing VEH, bypassing user-land EDR hooks in Windows.
https://t.co/KndPJrF1ZE
#RedTeam #EthicalHacking
๐ฆ RustiveDump can now be compiled ๐ฎ๐ ๐๐ต๐ฒ๐น๐น๐ฐ๐ผ๐ฑ๐ฒ (๐ฃ๐๐) using the ๐ฅ๐๐๐๐ถ๐ฐ๐ฒ๐ฐ ๐ฑ๐ฒ๐๐ถ๐ด๐ป. LSASS memory dumper using only ๐ก๐ง ๐๐ฃ๐๐, supporting ๐ซ๐ข๐ฅ and ๐ฟ๐ฒ๐บ๐ผ๐๐ฒ ๐๐ฟ๐ฎ๐ป๐๐บ๐ถ๐๐๐ถ๐ผ๐ป.
#redteam #ethicalhacking
https://t.co/NF3DJElkgH
@C5pider Thanks a lot!!
๐ฆ Introducing ๐ฅ๐๐๐๐ถ๐๐ฒ๐๐๐บ๐ฝโLSASS memory dumper in pure Rust, using ๐ผ๐ป๐น๐ ๐ก๐ง ๐๐ฃ๐๐, creating a ๐บ๐ถ๐ป๐ถ๐บ๐ฎ๐น ๐บ๐ถ๐ป๐ถ๐ฑ๐๐บ๐ฝ from scratch, with no std, no CRT, and just ๐ญ๐ด๐๐!
https://t.co/NF3DJElS6f
#redteam #CyberSecurity
Choosing the right #cybersecurity #certifications can feel like a maze ๐งฉ. Iโve shared some #tips on how to avoid common pitfalls and align your #CertificationPath with your #CareerGoals. Check it out at https://t.co/WvUtG700bZ #InfoSec #CyberPath
๐ Just dropped Rustic64Shellโ64-bit position-independent reverse tcp shell for Windows, built in Rust! ๐
https://t.co/7Egfip1ZbH
#RedTeam #EthicalHacking #CyberSecurity
New on Medium: Analyzing the Rustic64 Project for building #Windows #Shellcode in #Rust. ๐ฆ๐ป
Explore #PIC shellcode creation and dive into the code architecture!
Check it out here: ๐ https://t.co/17skxEwvJl
#Cybersecurity #RustLang #MalwareDevelopment
Last Seen Users on Sotwe
MลRa
NIKKI BENZ 
Seen from Canada
สรญิตีีดฦรญ
Seen from Philippines
PublicBBCFlash
Naya Khoury ูุงูุง ุงูุฎูุฑู
Seen from Algeria
DOYUMSUZ TรRBANLI
Seen from Turkey
Queen Aliss ๐
Seen from Netherlands
Kampalaโs Finest๐บ๐ฌ
แแแแปแแแปแแแทแ
๐๐ฆ
bokep indo abg mesum memek colmek viral 18+++
Seen from Indonesia
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.3M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers