#DFIR Analyst | Ex Red Teamer | CTF player with @tipi_hack | #OSCP | #GXPN | #GCFA | #LethalForensicator
Joined November 2012
- Tweets 1,636
- Following 719
- Followers 391
- Likes 1,353
11 Photos and videos
RT @BushidoToken: ⚠️ Use Microsoft Teams? Watch out for TeamsPhisher!
While it is not usually possible to send files to MS Teams users out…
141
Mr B0b retweeted
3 Aug 2023
I'm happy to introduce AC&CD!
You are detecting the wrong C2 beaconing traffic(and I was, too, long ago), so I've fixed it and put it in a Jupyter Notebook! Wanna detect Cobalt Strike, Sliver, Mythic, and all known C2 frameworks' beaconing?
#ThreatHunting
github.com/Cyb3r-Monk/ACCD
7
119
343
39,481
Mr B0b retweeted
1 Aug 2023
Microsoft has been published a #TokenTheft playbook which includes investigation checklist, hunting queries, response/recovery task list but also accompanying decision tree. A must read for every #AzureAD, #Entra, #SecOps admin and architect.
learn.microsoft.com/en-us/se…
3
186
471
43,004
Mr B0b retweeted
13 Jun 2023
🚨 Over 250,000 Fortinet firewalls publicly accessible on the Internet.
They just dropped a patch for a major Remote Code Execution vulnerability.
...and then announced the vuln may have been used in attacks already.
Lets dive in 👇
13
232
620
186,798
Mr B0b retweeted
13 Mar 2023
At @falconforceteam we love automation. We apply this to a lot of our processes, including Detection Engineering. We will be sharing our internal tooling for validation, deployments etc as open source software.
Enjoy our first blog, written by @gijs_h
medium.com/falconforce/deplo…
6
45
135
12,181
Nice blog post from @g3rzi (@CyberArk)
👉Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 1 cyberark.com/resources/threa…
1
1
88
Mr B0b retweeted
7 Jan 2023
MIT Introduction to Deep Learning - 2023 Starting soon!
MIT Intro to DL is one of the most concise AI courses on the web that cover basic deep learning techniques, architectures, and applications.
2023 lectures are starting in just one day, Jan 9th!
introtodeeplearning.com
35
568
2,415
218,793
Mr B0b retweeted
22 Dec 2022
Free cloud training workshops 🚨
AWS CIRT announces the release of five publicly available workshops | AWS Security Blog aws.amazon.com/blogs/securit…
71
219
25,736
Mr B0b retweeted
21 Dec 2022
I'm proud to announce that we've just open sourced a four day Rust course I've been working on! Read it here: google.github.io/comprehensi…
#rust #rustlang #android
6
66
250
32,678
Mr B0b retweeted
13 Dec 2022
Demonstrating CVE-2022-37958 RCE Vuln. Reachable via any Windows application protocol that authenticates. Yes, that means RDP, SMB and many more. Please patch this one, it's serious!
securityintelligence.com/pos…
68
996
3,521
Mr B0b retweeted
20 Nov 2022
THREAT HUNTING PLAYBOOK
LEARN HOW TO EMBRACE A PROACTIVE SECURITY POSTURE
github.com/blackorbird/APT_R…
12
329
1,054
Are you also preparing a way out on #Mastodon (just in case @elonmusk messes up) ?
He is a quick and dirty #mastodonmigration way to generate a csv file of your Twitter followings handles to be imported on Mastodon all at once. 🧵
1/6
1
1
7. Download the `twitter_to_mastodon.sh` gist.github.com/Mr-B0b/93faf… bash script and replace `<curl_bash_command>` with the modified curl bash command line
8. Run the bash script (you'll need the @TomNomNom amazing github.com/tomnomnom/gron tool to parse json files)
5/6
1
Mr B0b retweeted
23 Oct 2022
A lot has been said about removing hooks and kernel callbacks to stop an EDR from detecting malicious activity.
What if we could terminate the process completely?
Well ...we can.
Check this out:
spikysabra.gitbook.io/kernel…
4
109
333
Mr B0b retweeted
14 Oct 2022
Here we go, we are finally releasing all the materials of our workshop at @defcon and our talk at @BSidesLV on “CI/CD : The new Eldorado” 🔥🔥🔥
With this content, you will go through… 🧵
github.com/wavestone-cdt/DEF…
5
79
221
Chromium's application mode can be used to easily build realistic phishing desktop applications. Enjoy.
mrd0x.com/phishing-with-chro…
22
434
1,323