You might like
🙌 @tijme
A recap of @tijme from #NullconGoa2025 1️⃣ Kong Loader 🍌 keeps malware undetectable in memory. 2️⃣ Outperforms sleep masks. 3️⃣ A new challenge for defenders YouTube link: youtu.be/K3OY-ZNmMxo?fe… #kongloader #offensivesecurity
youtube.com
YouTube
Nullcon Goa 2025: The Hidden ART Of Rolling Shellcode Decryption -...
I’ve started the development of a #Nimplant C2 beacon in truly position independent pure C-code. It’s a PoC, highly opsec unsafe, but hopefully it inspires some people and sparks creativity! 👨💻 github.com/tijme/nimplant…
Our @BSidesLondon Ivanti & Pulse Secure VPN kernel exploitation talk is live! The presentation is about shared research of my colleague Alex and me. CVE-2023-38043, CVE-2023-35080 & CVE-2023-38543 youtube.com/watch?v=hmYK5y…
youtube.com
YouTube
Elevate & Conquer: A Journey Into Kernel Exploitation - Tijme Gommers
👏👏
#BSidesLondon2023 was fun! Had the opportunity to present a kernel exploit for PulseSecure VPN and Ivanti Connect Secure VPN. Shared research of my colleague Alex and me. northwave-cybersecurity.com/ivanti-pulse-v…
Truly an honor to be amidst such brilliant minds and passionate red teamers. 🔥 And those stroopwafels are simply the cherry on top! 🍒 Together with @tijme and @royrndrs 🥳
A TLP RED conference for red teamers. 👌 quality content, some of the best red team firms present, and a group sized small enough so you can speak to everybody and discuss your ideas. This is 🔥af and what we think confs should be like. We need more like this. #redtreat23
Check out the insightful blog posts by @tijme , our respected Adversary Simulation lead and esteemed colleague.
My new blog is live (tij.me)! 🚀 • Fully open source (github.com/tijme/blog-v2). • Automated SVG generation of IDA Pro graphs. • Automated deployments via GitHub Pages. • Support for all Jekyll plugins, even plugins unsupported by GitHub Pages.
Releasing a complete rewrite of "Understanding Windows Lateral Movements" - 71 more slides - Better explanations - Less errors and bad assumptions If you liked the 2019 version, you should check this one out Available at attl4s.github.io
Highly recommended to join my awesome colleagues in this workshop!
Thrilled to announce that I'll be giving a 2-hour Kernel Driver Exploitation lab at @HITBSecConf, together with my colleague Jan-Jaap. 🥳 If you want to develop your first malicious kernel driver (exploit), join us the 21st of April in Amsterdam!
After some months of very enjoyable research, I'm happy to release: "Understanding a Payload's Life (featuring Meterpreter & other guests)" Only slides are available at this time. You can find them at: attl4s.github.io/assets/pdf/Und…
Awesome research and writeup!
We've just released the first post in the Cobalt Strike reflective loader blog series! 🥷This one took allot of effort and I am excited to share it with you! The better it does, the better i'll make the next ones 😉 securityintelligence.com/posts/defining…
2022 Year in Review ➡️Most common TTPs we saw in 2022 ➡️Trends around IAB's ➡️Top detections ➡️Ransomware propagation methods ➡️and more! thedfirreport.com/2023/03/06/202…
Awesome work @chvancooten !!
After almost 2 years of working on NimPlant as a personal side project, I’m proud to release it to the public! NimPlant is a light-weight, first-stage C2 implant written in Nim, with a supporting Python server and Next.JS web GUI. Available here now! 👇 github.com/chvancooten/Ni…
Northwave has conducted research into the psychological effects of a ransomware crisis on people involved in mitigating a ransomware attack. The findings reveal the deep marks that a ransomware crisis leaves on all those affected. northwave-security.com/wp-content/upl…
Cobalt Strike BOF to bypass UAC via the CMSTPLUA COM interface. It masquerades PEB and utilises COM Elevation Moniker on the CMSTPLUA COM object to execute commands in an elevated context. github.com/tijme/cmstplua…
Very nice elaboration of detections, bypasses and the fundamental why-question. Must read!
The difference between signature-based and behavioural detections. As well as a little philosophy. 😎 s3cur3th1ssh1t.github.io/Signature_vs_B…
Didn't see this coming. Congratulations @OutflankNL! Very curious about what the future will bring us.
Yeah!🤘@OutflankNL joins the @HelpSystemsMN family! We're super excited about the new possibilities that lay ahead. Here's to even more R&D for our community, awesome offensive tools in OST and the most exciting red teaming gigs. Details: outflank.nl/outflank-2.0/
Super valuable to get acquainted with basic attack paths within Azure Active Directory. Thanks @nikhil_mitt !
Congratulations to @Expl0itabl3 for clearing our Certified Az Red Team Professional exam! #AzADLab #CARTP #PentesterAcademy cc @nikhil_mitt bit.ly/3tT4M4v
United States Trends
- 1. Good Thursday 25.7K posts
- 2. Happy Friday Eve N/A
- 3. #thursdayvibes 1,962 posts
- 4. #thursdaymotivation 1,197 posts
- 5. #Talus_Labs N/A
- 6. #ThursdayThoughts 1,235 posts
- 7. Lakers 84.2K posts
- 8. #River 4,419 posts
- 9. ESPN Bet N/A
- 10. Wemby 28.4K posts
- 11. Vatican 11K posts
- 12. Unplanned 6,252 posts
- 13. Captain Kangaroo 1,242 posts
- 14. Marcus Smart 6,792 posts
- 15. Blazers 9,774 posts
- 16. Russ 11.9K posts
- 17. Richard 46.9K posts
- 18. shabbat 7,256 posts
- 19. Ayton 18K posts
- 20. Shroud 5,922 posts
You might like
-
Kuba Gretzky
@mrgretzky -
offensivecon
@offensive_con -
Orange Cyberdefense's SensePost Team
@sensepost -
Outflank
@OutflankNL -
Panos Gkatziroulis 🦄
@netbiosX -
Melvin langvik
@Flangvik -
Scott Sutherland
@_nullbind -
Spiros Fraganastasis
@m3g9tr0n -
Rich Warren
@buffaloverflow -
James Hooker
@g0blinResearch -
Vincent Yiu
@vysecurity -
_leon_jacobs(💥)
@leonjza -
Markus Vervier
@marver -
Marc Smeets
@MarcOverIP -
Octavian
@0xtavian
Something went wrong.
Something went wrong.