Scott Taylor

@scottctaylor12

Senior Red Teamer emulating realistic tactics and techniques || Previously Aplura, MITRE, T. Rowe Price

Sony

Joined February 2017

148 Following

212 Followers

136 Posts

Scott Taylor @scottctaylor12

over 1 year ago

What checky said 😁 Apply for the Sony Red Team Internship this summer and come work with us!

One punch mander @checkymander

over 1 year ago

My team has an intern position available! US based (hard req), preferably in the VA area (not a hard requirement, just a nice to have if you want to attend some intern events/team events) https://t.co/Cy1WnSu7Jw

1

8

2

1

1K

0

2

0

0

156

scottctaylor12 retweeted

One punch mander @checkymander

over 1 year ago

My team has an intern position available! US based (hard req), preferably in the VA area (not a hard requirement, just a nice to have if you want to attend some intern events/team events) https://t.co/Cy1WnSu7Jw

1

8

2

1

1K

Scott Taylor @scottctaylor12

over 1 year ago

If you'd like to read more about this process in depth, checkout my blog post where I talk about external C2, Mythic development, and weaponing GitHub https://t.co/nHchoCIVL2

0

1

0

0

169

Scott Taylor @scottctaylor12

over 1 year ago

Mythic users out there, I wrote a GitHub C2 profile that is compatible with the Athena agent by @checkymander! As always, shoutout to @its_a_feature_ for the framework and great community support. Check out the C2 Profile at: https://t.co/jboqYHIsV5

1

33

2

12

3K

Who to follow

Verified account

Building @originhq | Author, Evading EDR @nostarch

@passthehashbrwn

Adversarial Simulation at IBM, tweets are mine etc.

Verified account

Scott Taylor @scottctaylor12

over 1 year ago

@checkymander Bro your tradecraft is next level 🔥

1

1

0

0

172

scottctaylor12 retweeted

One punch mander @checkymander

over 1 year ago

I'll give you a patchless amsi bypass

checkymander's tweet photo. I'll give you a patchless amsi bypass https://t.co/7KrXMSFdlP

3

143

17

111

18K

scottctaylor12 retweeted

One punch mander @checkymander

over 2 years ago

https://t.co/jFYR9ZWlvU Setting up Nemesis can be daunting, I wrote a blog post detailing the exact steps you need to to go from a fresh Ubuntu 22.04 image to a running Nemesis setup. Future posts, I'd like to go into operational usage of it with Mythic and other tools

1

78

34

37

14K

scottctaylor12 retweeted

Cody Thomas @its_a_feature_

about 3 years ago

It's official! Mythic 3.0 is LIVE! Check out the blog post about it here: https://t.co/LJb77jLqQZ. Highlights include: rpfwds, graph groupings, jupyter notebook, custom webhooks, tags, docker updates, and an entirely new back end!

2

167

80

15

53K

Scott Taylor @scottctaylor12

about 3 years ago

@M_haggis When's the official drop time? I'm F5ing over here like it's ShmooCon 😁

1

2

0

0

101

Scott Taylor @scottctaylor12

about 3 years ago

@Flangvik Rust isn't in my future until it works with Donut! Curse you thread local storage....

0

1

0

0

261

Scott Taylor @scottctaylor12

over 3 years ago

@checkymander *our

0

1

0

0

37

Scott Taylor @scottctaylor12

over 3 years ago

@checkymander Bro quit leaking out internal tools!

2

5

0

0

858

Scott Taylor @scottctaylor12

over 3 years ago

@Tyl0us Oh wait... You wrote a shellcode loader, not an implant. Forget what I said, Rust is great lol

1

0

0

0

127

Scott Taylor @scottctaylor12

over 3 years ago

@Tyl0us If only you could convert it to shellcode with Donut 😢

1

0

0

0

256

Scott Taylor @scottctaylor12

over 3 years ago

@passthehashbrwn @vysecurity @chetdorn but x10

0

1

0

0

599

Scott Taylor @scottctaylor12

over 3 years ago

@jaredcatkinson @jamieantisocial @HackingLZ The more you know! I typically test my tooling with Sysmon because it's free, but I'll look into MDE

0

1

0

0

46

Scott Taylor @scottctaylor12

over 3 years ago

@jaredcatkinson @jamieantisocial @HackingLZ Haha apologies for the scare. Behavior based detection for the win!

0

1

0

0

48

Scott Taylor @scottctaylor12

over 3 years ago

@jaredcatkinson @jamieantisocial @HackingLZ However, some orgs rely on their AV to to come with signatures to detect every tool under the sun. Unfortunately that's a never ending game of wackamole between the "superficial wrappers" of new tools and just outright obfuscating existing tools.

0

1

0

0

32

Scott Taylor @scottctaylor12

over 3 years ago

@jaredcatkinson @jamieantisocial @HackingLZ Sorry I'm sarcastically shitposting lol. I'm a HUGE fan of tuning Sysmon Event ID 10 to detect LSASS credential dumping. That's one of my favorite go-to examples when explaining detecting TECHNIQUES rather than the procedure (tool) 🙂

2

2

0

0

87

Scott Taylor @scottctaylor12

over 3 years ago

@jamieantisocial @jaredcatkinson @HackingLZ In my head I was thinking string-matching signatures leveraging AMSI for visibility, but 'signatures' can be interpreted in ALL sorts of ways lol

0

0

0

0

56

Last Seen Users on Sotwe

Trends for you

Most Popular Users