Marcus
@MarcusDevPlus
Security, Coding, Debugging and what's in between 🎩 #SecDevOps #AppSec #InfoSec
You might like
Making sense of #PrintNightmare. A flowchart to help understand exploitation of CVE-2021-34527. Special thanks to @tiraniddo, @dez_, @gentilkiwi and @_f0rgetting_ for their test input and insights.
Javascript programmers should not call themselves Software Engineers... they only write scripts 🪠🌽
nice trick to avoid suspicious powershell command line
Due to issues with @gumroad and their slow support, I will push the updates manually to all clients
Best place is to start at docs.elementscompiler.com. And also remobjects.com/tv. Happy to help here or in talk.remobjects.com if you have more questions!
Time breakdown of a modern red team engagement. 😁
Niah Text Filter is an extension for #VisualStudio that filters and organizes your debug trace output, build output, and find-in-files results. Maintain organized histories of debug sessions, builds, and search results. Find out more at niahtextfilter.com. #coding
Here is an accurate depiction of red teaming. Happy Friday.
Huge revamp of the @HunterPlaybook project w/ @ProjectJupyter Notebooks, Mordor 👿datasets for analytics validation, interactive queries & output made available to the whole 🌎 through @mybinderteam #ThreatHunting @ApacheSpark @Cyb3rPandaH @MITREattack github.com/Cyb3rWard0g/Th…
I do set traps for recruiters to see if they actually hit on any (LinkedIn, website and GitHub)...they hit on nothing, yet they respond back with "we fully assessed your profile" 🙄
We discovered an issue with ADFS which allows brute-forcing all domain accounts from the external network, while bypassing the extranet lockout policy. This can easily lead to account compromise / massive accounts lockout. @YaronZi @eyal_karni blog.preempt.com/security-advis…
Trying to get Chrome users to run executable files? Send them benign phishing links to the domain a few days ahead of time. Then send them to a landing page on the same domain where they click to start the download. No more angry red "harm your computer" warnings.
Tools I recommend to Windows users - reply with your secret tip / tool Setup: Ninite ninite.com Personal FW: GlassWire @GlassWire glasswire.com Anti-Spy: ShutUp 10 @OOSoftware oo-software.com/en/shutup10
1/ A little more context on the Firefox 0-day reports. On Monday, Coinbase detected & blocked an attempt by an attacker to leverage the reported 0-day, along with a separate 0-day firefox sandbox escape, to target Coinbase employees.
Npcap 0.996 released. Fixes the "crash when upgrading" issue that some users were experiencing. github.com/nmap/npcap/rel…
github.com
Release Npcap 0.996 · nmap/npcap
Installer and debug symbols may be downloaded from https://npcap.org/#download Fix a crash when stopping the npcap driver service, such as when upgrading Npcap, DRIVER_IRQL_NOT_LESS_OR_EQUAL in N...
Awsome work as usual! I like the "light blue color"squares, it's P in TTP (I guess), lot of people misunderstand coverage of a MITRE Technique (i.e. simply by having schtask /create under the loop they think it's over, no that's just 1 of many Technique's Procedures), well done!
Some news: I’m writing a book for @nostarch titled “The Machine Learning Red Team Manual”. My aim is to provide a practical guide for anyone interested in adversarial ML and red teaming as it relates to in-production ML systems. A short thread on why this project matters:
United States Trends
- 1. Texas A&M 13.6K posts
- 2. South Carolina 13.3K posts
- 3. Marcel Reed 2,648 posts
- 4. Aggies 3,983 posts
- 5. Nyck Harbor 1,451 posts
- 6. College Station 2,071 posts
- 7. Elko 2,467 posts
- 8. Jeremiyah Love 3,250 posts
- 9. Malachi Fields 1,464 posts
- 10. Mike Shula N/A
- 11. Dylan Stewart N/A
- 12. Shane Beamer N/A
- 13. TAMU 5,727 posts
- 14. Michigan 39.6K posts
- 15. #GoIrish 3,034 posts
- 16. Sellers 9,625 posts
- 17. Northwestern 4,242 posts
- 18. Randy Bond N/A
- 19. Sherrone Moore N/A
- 20. Zvada N/A
Something went wrong.
Something went wrong.