Experienced sysadmin now cyber security consultant, pen tester & ethical hacker. Keen scripter especially in PowerShell and Python. Tweets are my own.
Joined October 2011
- Tweets 625
- Following 261
- Followers 423
- Likes 1,078
57 Photos and videos
19 Feb 2024
Get your early bird tickets now. BSides comes to Exeter!
1
2
108
Liam retweeted
9 Aug 2023
Summer holidays? No, design the sponsor packs! Ok!! Drop us a DM, if you want to be on the list to see the packs first! #sponsorrrrrrrrrrrr
3
1
263
Liam retweeted
29 Jul 2022
Eek, we've sold out of our early bird tickets for this year's conference! 🐤❌
We're running with a reduced upper capacity this year, so make sure you grab yourself a ticket! 🏃♀️🏃♂️
Speaker pages will start being published this Sunday.
conference.techexeter.uk/
ALT picture of a bird with a worm in it's mouth, with a white X overlaid on top with the caption 'early bird tickets sold out'
1
6
20 Oct 2021
Don't forget badly configured permissions can sometimes allow read access to LAPS passwords. Updated my HTA shell to enumerate this for you.
github.com/nccgroup/OneLogic…
3
Liam retweeted
27 Jul 2021
Software is used in Radar systems open to unauthenticated remote compromise in 2021. Our long tail of technical security debt is very real..
27 Jul 2021
Technical Advisory: Sunhillo SureLine Unauthenticated OS Command Injection (CVE-2021-36380) - Sunhillo is an industry leader in surveillance data distribution and this can result in remote compromise - by Liam Glanfield - research.nccgroup.com/2021/0…
1
9
23
Liam retweeted
27 Jul 2021
Technical Advisory: Sunhillo SureLine Unauthenticated OS Command Injection (CVE-2021-36380) - Sunhillo is an industry leader in surveillance data distribution and this can result in remote compromise - by Liam Glanfield - research.nccgroup.com/2021/0…
1
13
29
13 Oct 2020
. @forwardmx_io is this actually you?!?!
I'm amazed at your email that I woke up to this morning. Furthermore the reset password link is actually an analytics link.
1
2
Liam retweeted
7 May 2020
Have published RedacTerm in case others find it useful. Allows you to edit terminal output ready for screenshots - highlight key areas and redact sensitive info.
github.com/bao7uo/redacterm
2
7
25 Apr 2020
Found some old code. During lockdown you might be wanting to dust off some old hard disks and sort those photos. Thought I would share my script. Uses a checksum to validate the copy or if it's a duplicate.
github.com/OneLogicalMyth/So…
3
Liam retweeted
1 Apr 2020
Tomorrow's planned @DC441392 is still going ahead, albeit virtually via Zoom (and yeah, I know not everyone likes zoom). The meet is not being recorded, and has been secured. If anyone in my normal circle would like to hang out with us infosec types from 7pm, HMU for an invite
2
6
Liam retweeted
18 Mar 2020
Something both Andrew & I feel strongly about is paying things forward. So if you are a business who has implemented work from home and a bit concerned about the potential security risks, Fidus will complete a FREE VPN Security review. linkedin.com/posts/kurtisaba…
1
1
28 Feb 2020
Updated my HTA shell to support displaying file permissions. Hyperlink added to schedule tasks and file browsing to make it easy.
Also uploading and downloading files via HTTP. Saves having to use other tools that might be blocked.
@NCCGroupInfosec
github.com/nccgroup/OneLogic…
9
37
Liam retweeted
30 Oct 2019
📚 tl;dr sec #12
* SameSite ☠️ CSRF
* @MITREattack Cloud Matrix
* @owasp Global AppSec Amsterdam vids posted
* HTA shell for breakout assignments by @OneLogicalMyth
* r/websecurityresearch from @PortSwigger
* @trailofbits Fall Update
and more!
programanalys.is/blog/tldr-s…
1
4
8
Liam retweeted
29 Oct 2019
Updating passwords by using a hex editor on NTDS.DIT on the domain controller...
2
15
91
Liam retweeted
28 Oct 2019
If you like my #GTFOBLookup tool for querying #gtfobins and #LOLBAS offline, please consider giving it a star on GitHub (github.com/nccgroup/GTFOBLoo…) #infosec #pentesting #redteam #privesc #python
2
39
100
29 Oct 2019
I have released an update to OneLogicalShell. The HTA shell has had a code tidy and improvements. Thanks for the likes on my previous Tweet and support. Please give the repo a star if you use the tool even once, I would be grateful. @NCCGroupInfosec
github.com/nccgroup/OneLogic…
10
18
22 Oct 2019
Released a new tool today on the @NCCGroupplc GitHub. This tool helps with those breakout assessments where you are heavily restricted. Naturally, it all relies on mshta.exe not being blocked which in most cases it isn't. Grab it here;
github.com/nccgroup/OneLogic…
2
74
215
Liam retweeted
2 Oct 2019
Should be a great workshop tomorrow at @DC441392 with @OneLogicalMyth 👍
We are holding a small workshop for this Thursday nights meet. Bring a device that has kali.org/ installed. Also bring a wireless adaptor that supports packet injection such as amazon.co.uk/dp/B004Y6MIXS (optional).
See you on Thursday the 3rd at the Ship at 7.30pm.
1
1