#WebDeveloper #Malware researcher. #Senior developer. React, Python, C , C#, VB, Java, Php. 🇮🇹 WannaBe #redteamer. ✏️ thesphinx@xmpp.jp
Joined November 2017
- Tweets 2,435
- Following 675
- Followers 904
- Likes 7,761
130 Photos and videos
TheSphinx retweeted
6 Jun 2023
The MOVEit Transfer exploitation is not just SQL injection(👀)
We uncovered the very last stage of the attack chain to drop human2.aspx ultimately ends up gaining remote code execution ‼
We fully recreated the attack chain with a demo achieving a reverse shell & ransomware!
30
462
1,661
236,648
TheSphinx retweeted
3 Dec 2022
I asked GPT3 to rewrite one of my LPE exploits in Perl, Python, Rust and Fortran. It did a remarkably good job when the C code is clear and concise, original: github.com/hackerhouse-opens… GPT3 in screens below.
4
48
253
TheSphinx retweeted
9 Oct 2022
Cobalt Strike 4.7 by uCare (custom license)
Download: mega.nz/file/nxkglKyT#NtabGL…
Pass: uCare@Pwn3rzs
38
330
1,205
TheSphinx retweeted
2 Aug 2022
Chinese hackers use new Cobalt Strike-like attack framework - @billtoulas
bleepingcomputer.com/news/se…
1
48
96
TheSphinx retweeted
11 Jul 2022
Empire Ops: Tactics is a hands-on course at this year’s @defcon. We will teach how to recreate aspects of the #APT28 Prime Minister Attack while learning advanced #redteam techniques. #defcon30
Register: defcontrainings.myshopify.co…
1
29
91
TheSphinx retweeted
8 Jul 2022
How to send a tweet with #Python and TweePy in under 10 lines of code
🐍🔥
19
123
688
TheSphinx retweeted
5 Jul 2022
JPCERT/CC's @shu_tom writes about the Lazarus VSingle malware that has recently been updated to retrieve C2 server information from GitHub. blogs.jpcert.or.jp/en/2022/0…
20
44
TheSphinx retweeted
1 Jul 2022
Kicked off my "MalDev for Dummies" workshop successfully yesterday, which means the repo is now public! Slides, exercises, example code and resources to get you started on your malware development journey. C# and Nim supported for now. Enjoy!!
github.com/chvancooten/malde…
15
186
582
TheSphinx retweeted
26 Jun 2022
Poking at my toy C2, godoh, I managed to add #cobaltstrike's external C2 support. This is a beacon staged using DNS-over-HTTPS. It's nothing novel, but I had fun gluing together TCP sockets and DoH.
3
3
60
TheSphinx retweeted
22 Jun 2022
Now you know that Mega is not really a privacy company. It’s important to understand that those who control the code can create backdoors to defeat encryption. I know the lead developers. They lack morality. I recommend not to use Mega for sensitive files: arstechnica.com/information-…
40
153
648
TheSphinx retweeted
1 Jun 2022
A new version of the XLoader #botnet malware has been discovered that uses a probability-based approach to camouflage its command and control (C&C) infrastructure.
Read details: thehackernews.com/2022/06/ne…
#infosec #cybersecurity #hacking #malware
41
65
TheSphinx retweeted
23 May 2022
Lockbit ransomware group has named Lockbit 3.0 as "Lockbit Black".
8
95
287
TheSphinx retweeted
17 May 2022
Italy 🇮🇹 : the Italian #police website is accessible again but only from #Italy.
The site had been unavailable since May 16 following a #DDoS #cyberattack claimed by the pro-Kremin #Killnet hacker group.
#Ukraine #Russia
Via @giornalettismo
17 May 2022
Tutto (quasi) come prima.
Ma ci è voluto molto tempo.
Il sito della #Polizia è di nuovo online, dopo l'attacco rivendicato da #Killnet e #Legion
giornalettismo.com/sito-poli…
4
2
TheSphinx retweeted
17 May 2022
In Japan, the school board is equipped with an electronic scanner. It erases what is written and at the same time stores it so that the students can get later copies if they want
Credit: Jousef Murad
#innovation #science #technology #engineering #education
@Fabriziobustama
1
25
91
TheSphinx retweeted
A custom #PowerShell #RAT uses to target German users using #Ukraine crisis as bait
securityaffairs.co/wordpress…
#securityaffairs #hacking #malware
1
2
TheSphinx retweeted
16 May 2022
Who are you? Here we go again.
This work belongs to @_Blue_hornet #ATW and was released on April 3 on Doomsec telegram channel t.me/DoomSec/117
#AgainstTheWest #DoomSec
@YourPolandAnon @DeepNetAnon @arks414
#Killnet
3
8
18
TheSphinx retweeted
13 May 2022
This #WEBSITE listens to your #keyboard by @DigitalTrends
#100DaysOfCode #CyberSecurity #AI #Python #ArtificialIntelligence
Cc: @Nicochan33 @jblefevre60 @chboursin @Ym78200 @mvollmer1 @PawlowskiMario @Shi4Tech @FrRonconi @sebbourguignon @sallyeaves @MargaretSiegien @kalydeoo
5
47
56
RT @_odisseus: Intervista #esclusiva di @matricedigitale al gruppo hacker che ha attaccato l'Italia.
"Sono il fondatore di Killnet e di Leg…
9
TheSphinx retweeted
11 May 2022
2
9
15