Jean-Pierre GARNIER
@codeyourweb
Adversary Hunter && Threat Researcher - ♥infosec, code and mojitos - Opinions are mine
คุณอาจชื่นชอบ
#Fastfinder v2.0.0 just released! cross-platform #DFIR #IOC / #YARA file finder. Now with triage mode, logger, enhanced UI and linux/windows builder to deploy this awesome scanner on every host (even with ciphered rules and config file) github.com/codeyourweb/fa…
New blog post: Tear Down The Castle - Part 2 dfir.ch/posts/tear_dow… I analyzed 250 PingCastle Reports, grouping the findings along the categories I used for my 10 AD Commandments series. The number of affected domains is stated within each finding, i.e., in how many domains we…
Many missed this on #BadSuccessor: it’s also a credential dumper. I wrote a simple PowerShell script that uses Rubeus to dump Kerberos keys and NTLM hashes for every principal-krbtgt, users, machines. no DCSync required, no code execution on DC.
And here's a little project to monitor network traffic and logging directly over endpoints interfaces. First proof-of-concept with local pcap and HTTP API forwarder (fully tested on #SEKOIA plaftform). github.com/codeyourweb/lp… #soc #cybersecurity #networksecurity
github.com
GitHub - codeyourweb/lpacketcapture: Local endpoint packets capture and netlog forwarding
Local endpoint packets capture and netlog forwarding - codeyourweb/lpacketcapture
Microsoft has released its own document parser for LLM use! . . Introducing MarkItDown, a 100% open-source, one-stop solution for effortlessly converting any file to Markdown—perfect for text analysis, indexing, and more! Here’s what makes it special: ↳ Converts PDF, Word,…
Reviews are MOSTLY NEGATIVE - Gray Zone Warfare vid is up on yt #GZW #GrayZoneWarfare
![codeyourweb's tweet card. Commandement de la Cyberdéfense (COMCYBER) recrute un(e) Developpeur d’applications spécifiques CYBER-LID [Statut militaire] H/F à Rennes !](https://pbs.twimg.com/card_img/1999223683873923072/Clhy0Btt?format=jpg&name=orig)
Kudos to @DragosInc for sharing details of a recent event. The adversary compromised a new employee's personal email address and impersonated them to get access. How would you protect against that?
It's time to destigmatize security events. Yes it happens at security companies and here's why we need to talk about it. #cybersecurity #icscybersecurity #otcybersecurity #industrialcybersecurity #criticalinfrastructureprotection hubs.la/Q01Pj-S60
I remember a time when people here in Europe still had issues storing their corporate emails on US mail servers - nowadays you store the master keys to your company on their servers 🎵 … for the times they are a-changin'
Did you know that Microsoft recommends creating your Global Admin accounts in the cloud to protect Microsoft 365 from on-premises attacks? See aka.ms/protectm365 for all the details.
[Android] Une trentaine de "Privacy Friendly Apps" proposées par @SECUSOResearch qui : - are Open Source (GPLv3) and their source code can be viewed an Github by anybody - used minimal permissions - do not neither tracking mechanisms nor advertisement secuso.aifb.kit.edu/english/105.php
![framaka's tweet image. [Android] Une trentaine de "Privacy Friendly Apps" proposées par @SECUSOResearch qui :
- are Open Source (GPLv3) and their source code can be viewed an Github by anybody
- used minimal permissions
- do not neither tracking mechanisms nor advertisement
secuso.aifb.kit.edu/english/105.php](https://pbs.twimg.com/media/FRm-Q6qXEAksAF4.jpg)
Unable to extract credentials via DPAPI or Mimikatz? Don't worry. Microsoft got your back. Just use 'rundll32 keymgr.dll, KRShowKeyMgr' to extract all the stored passwords on the host, be it a target server, FTP or chrome's HTTP creds, microsoft has you covered. #redteam
Possibly #Lazarus related #maldoc: "LMCO_Senior Systems Engineer_BR09.doc" virustotal.com/gui/file/8e2fb… CnCs: https://monitorr.jamdown[.]co[.]nz/assets/data/css/custom.php http://13.88.245[.]250/admin/install/custom.php http://mantis.binarysemantics[.]com/extra/map/map.php
GitHub - claroty/arya: Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA. github.com/claroty/arya
github.com
GitHub - claroty/arya: Arya is a unique tool that produces pseudo-malicious files meant to trigger...
Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA. - claroty/arya
New: North Korea has taken a page out of China's cyber playbook to reorganize and consolidate its threat groups within the government - making them “extremely mobile now that they’ve consolidated.” Here's a first look at their new org structure 👇 mandiant.com/resources/mapp…
The 2022 Threat Detection Report is out! Join us in counting down the most prevalent threats we encountered in our customers' environments last year. We'll reveal a new threat every hour in this thread (Or just download the report & see them all now) redcanary.com/resources/guid…
#Lazarus #APT #maldoc: JD.docx 854903e0b284ef78322082de46dcd160 Remote template: https://pvacek[.]cz/wp-content/plugins/akismet/control/en/en.jpg
![h2jazi's tweet image. #Lazarus #APT #maldoc:
JD.docx
854903e0b284ef78322082de46dcd160
Remote template:
https://pvacek[.]cz/wp-content/plugins/akismet/control/en/en.jpg](https://pbs.twimg.com/media/FOZC8PwXIAEIrBN.jpg)
Our statement in regard to the warning of German Federal Office for Information Security (BSI) Unser Statement zur Warnung des Bundesministeriums für Sicherheit in der Informationstechnik (BSI)
[détournement d'IA] Pour le choix de la photo d'avatar, il suffit d'aller sur ce genre de sites : this-person-does-not-exist.com/fr
![framaka's tweet image. [détournement d'IA] Pour le choix de la photo d'avatar, il suffit d'aller sur ce genre de sites :
this-person-does-not-exist.com/fr](https://pbs.twimg.com/media/FOEf3UUWYAU3Veo.png)
United States เทรนด์
- 1. Good Thursday 31.6K posts
- 2. #NicolandriaxGlamour 2,657 posts
- 3. #DareYouToDeathEP1 494K posts
- 4. Happy Friday Eve N/A
- 5. #thursdayvibes 1,952 posts
- 6. Cartoon Network 1,951 posts
- 7. Disturbed 7,070 posts
- 8. #thursdaymotivation 2,012 posts
- 9. Ally 31.7K posts
- 10. #ThursdayThoughts 1,914 posts
- 11. Newt 3,491 posts
- 12. Garfunkel N/A
- 13. Davido 289K posts
- 14. Nickelodeon 2,047 posts
- 15. Approve 32.1K posts
- 16. Cardinal Dolan 1,330 posts
- 17. Keith Richards 8,269 posts
- 18. TOP CALL 12.3K posts
- 19. Warrior Dividend 35.8K posts
- 20. Richard Pryor N/A
คุณอาจชื่นชอบ
-
[email protected] / EDRmetry / PurpleLabs
@cr0nym -
The Banshee Queen👑
@cyberoverdrive -
French
@notareverser -
Nicko
@Disrupt_Degrade -
Antonio Pirozzi
@_antoniopirozzi -
Keith KorbenD Wingo
@KorbenD_Intel -
Jared Wilson
@JWilsonSecurity -
Kyle Eaton
@0xkyle -
Brian Kime
@BrianPKime -
bc1qwr30ddc04zqp878c0evdrqfx564mmf0dy2w39l
@idontkn85445458 -
Aragorn Tseng
@Aragorntseng -
karttoon
@noottrak -
Andreas Klopsch
@hackingump1 -
Boik
@boik_su -
𝕯𝖍𝖆𝖎𝖜𝖆𝖙 ✪
@0xDha
Something went wrong.
Something went wrong.