Joined November 2017
- Tweets 1,598
- Following 398
- Followers 3,066
- Likes 681
102 Photos and videos
28 Oct 2022
Anyway, since i'm back i figured i might as well sign up for a Developer Account. But for sme reason it seems to be forbidden, what gives @elonmusk ?
I mean i could hijack an API key or two, but i'd prefer to have my own.
28 Oct 2022
Anyway, haven't been on twitter for a while but that doesn't mean i haven't been active in the scene. For one private #research is something i am more or less always working on.
I Also still maintain public projects.
1
1
28 Oct 2022
A relatively new initiative on my part is a repo with a focus on low level #security, think firmware, #rootkits, #bootkits, reverse engineering.
Check out my resource compendium with regards to that. If you're interested.
github.com/NullArray/WinKernโฆ
2
28 Oct 2022
A new era has begun, the righteous flame, carefully built, lit and taking form illuminates the path. A brighter tomorrow. May these times be blessed.
.@elonmusk
9 Sep 2020
Only just noticed this, but it would appear that i'm included in this year's list of TechBeacon's AppSec Pros as well. ๐
14 Aug 2020
@Real__Vector has been included on TechBeacon's #AppSec 50: Top application security pros to follow on Twitter! jpmellojr.blogspot.com/2020/โฆ
2
1
5
9 Sep 2020
I wanted to write something to automate a number of encryption related operations but i think i may have gone a bit overboard. The tool is in beta, but you can find it on my Github.
github.com/NullArray/l0ck3r
3
9 Sep 2020
Vector Security. A brand you can trust.
3 Sep 2020
Right after a successful SSH login attempt, the attacker downloads and executes an obfuscated version of "RootHelper", an open-source tool for privilege escalation on Linux machines, created and maintained by @Real__Vector :) Then comes the #cryptominer >>
gist.github.com/NullArray/f3โฆ
1
5
9 Sep 2020
In all seriousness though, when you create OSS Red Team tools, there's always going to be bad actors that will include it in their TTPs.
1
2
30 Jul 2020
I've been thinking of setting up a honeypot. Make it look like a vulnerable server or hidden service belonging to a Black Hat organization of sorts. Have a directory with 'Tools', trojanize said tools, sit back and watch the carnage unfold. ๐ค๐
1
6
30 Jul 2020
Set a good chunk of time aside today to work on this. This project involves a lot of automation, payloads for instance will come in multiple langs as well. The question is, do i facilitate everything with Bash including user interaction. Or do i write a Py3 wrapper around it also
17 Jul 2020
Been working on a new tool today. I'm calling it BlitzBuilder. It's designed to automate #payload generation, #Shellcode operations, and help with #exploits and compiling them.
Here's some screenshots. I heard you like ASCII art, 1st pic is the logo. ๐
#OffSec #Security
1
6
VectorSEC retweeted
23 Jul 2020
We are proud and excited to release DeimosC2. A C2 built in Golang for cross-compatibility and a frontend built in Vue. This has been a year in the making. Great work from @CharlesDardaman, @paragonsec, @BlaiseBrignac, and the entire TeamARES team!
github.com/DeimosC2/DeimosC2
42
77
23 Jul 2020
REMnux 7 just released. Reverse engineering and analysis oriented Distro. As far as reversing on Linux is concerned i like it a lot.
REMnux v7 is now available! REMmnux.org
2
23 Jul 2020
Thoughts on Data Brokers [Thread]
23 Jul 2020
Not all Blackhat Enterprises are created equal. Sophisticated threat actors will often employ innovative and impressive TTPs to complete their objectives. And while i do not condone nor endorse anything illegal. I can at least respect those that know their craft. [1/4]
1
3
23 Jul 2020
Not all Blackhat Enterprises are created equal. Sophisticated threat actors will often employ innovative and impressive TTPs to complete their objectives. And while i do not condone nor endorse anything illegal. I can at least respect those that know their craft. [1/4]
1
1
23 Jul 2020
If i had the resources, i'd set a number of data broker websites up. Infrastructure and assets to monitor data breaches, gather samples and based on those samples generate bogus dumps. The more the better, if we poison the data pool enough. [3/4]
1
1
23 Jul 2020
Sooner or later with any luck buyers come to realize that it's not worth the money or trouble to acquire data dumps due to the unreliability we introduced into the ecosystem
Should their business model become unsustainable we will have successfully undermined these shenanigans |4
1
17 Jul 2020
ETA Will be a while. But i'll keep you posted.
17 Jul 2020
Been working on a new tool today. I'm calling it BlitzBuilder. It's designed to automate #payload generation, #Shellcode operations, and help with #exploits and compiling them.
Here's some screenshots. I heard you like ASCII art, 1st pic is the logo. ๐
#OffSec #Security
1
2
17 Jul 2020
Been working on a new tool today. I'm calling it BlitzBuilder. It's designed to automate #payload generation, #Shellcode operations, and help with #exploits and compiling them.
Here's some screenshots. I heard you like ASCII art, 1st pic is the logo. ๐
#OffSec #Security
1
1
18
17 Jul 2020
It is a well known fact that cyber security tools don't work without cool ASCII logos.
Also, i know my project development directory is messy, been testing some stuff out. I'll clean it i promise๐
1
4