Make the Blue Team think you've owned the entire environment without shell!
cat ips.txt | % {New-EventLog -LogName Security -ComputerName $_ -Source mimikatz.exe}
I’m such a creep. I got a text from a random number, 5mins of OSINT later I know who they are where they’re from and what they’re doing. Why am I like this?
I absolutely despise password age requirements! I just updated a password adding 1 to the end of it. It's insane that people in their right minds think that this makes systems MORE secure!
The truth is the reverse. It incentivizes a downward drift in password strength over time.
A treatise on Neutering Windows Defender:
"C:\Program Files\Windows Defender\MpCmdRun.exe" -RemoveDefinitions -All Set-MpPreference -DisableIOAVProtection $true
Taking a GIAC certification exam soon? Checkout a test taking strategy guide based on my experiences as an instructor, course author, and
@SANSInstitute
Masters alumnus.
Welcome to Texas where my Uber driver just learned me something new right off of the flight in. Didja know that Dr Fauci invented the coronavirus in order to make money off of the vaccine?
I don’t even know what to say anymore. What the actual fuck!
I'm certain this was done by accident so I'll tell you what. Unfollow
@jonathandata1
and I (and I'm sure many others) would be happy to follow you back. He's a menace and you are (likely unwittingly) elevating his toxic message.
Please RT
#UnfollowTheCharlatan
#IStandWithMick
@jschelert
But we could still harden and segment. One of the most common and yet bananas issues I’ve seen regularly is doctors checking personal email from lab equipment. 🤯
These people (REDACTED) are NOT all police. The mail domain is for ALL city employees. Social workers, public health personnel, etc... do NOT need this right now.
Please RT since this trash seems to be going viral.
The OSINT
@TraceLabs
CTF isn't just epic. It doesn't just make a real difference finding missing persons. It takes the most talented people in the world and challenges them to build their skills for good.
I've never seen a game save lives. Until now.
@WebBreacher
#OSINTForGood
I spent yesterday coding in Go, Node, and Python. It made me feel like a failure.
Today, I cleaned my kitchen and lifted heavy things. I feel like a boss.
#RedTeamFit
Moral of the story. Computers suck.
These videos by
@gaywonk
are absurdly insightful and entertaining.... despite the subject matter. Give it a look.
Why We're Afraid To Abolish The Police via
@YouTube
I love working incident response. It's a terrible, terrible thing to need, but as the security expert, you KNOW you're making a difference getting the victim back to 100%.
Funnily enough if I’d made a tweet like this while still working with SANS my Slack would have exploded with demands to delete it, insults, and ad hominem attacks. It’s refreshing not to have that.
Need to expose a port listening on the loopback interface? Use netsh!
netsh interface portproxy add v4tov4 listenport=31415 connectport=31415 listenaddress=10.0.0.10 connectaddress=127.0.0.1
I've never had to cut a
@SANSInstitute
class short. It feels like an unfinished story, concluded with a cliffhanger, the invevitable climax waiting to crescendo.
My apologies to the class and many thanks to
@SANSAPAC
for getting me home while it's still possible!
I just got ambushed by 3
@delta
employees on a flight. I was asleep and didn’t know what was going on. They told me that I was on drugs and thsy they were going to kick me off of the plane. Wtf?
Let's build an open-source vulnerability together!
2 weeks ago hundreds of you all participated in a discussion on what features a vulnerability scanner needs. I built some of those. I'll be hosting a discussion every week or two so that we can keep building!
Please RT!
This is officially the dumbest video I've ever done. Here's a teaser (audio encouraged).
#RedTeamFit
P.S. This is intended to be comedy... Should I quit my day job?
Here’s the math: (character-set)^(length)
26^32 = 1.901722457268e45
72^12 = 1.940840996177e22
The complex password is mathematically weaker than the long password by 23 orders of magnitude 😎
@reprise_99
@lomifeh
@malleableware
quick question: is a 32 character all lower case password less secure than a 12 character with upper, lower, number, and symbol? i would think no, but have been wrong before.
So I wanna talk about keyboards today. In infosec we live by them, and for so many years I was using a crappy one (that I thought was good). I can NOT describe how life changing it has been for me to build my own.
@bettersafetynet
Yeah, this is a negative security policy. It makes things worse by incentivizing weaker password selection. It’s kind of like password complexity in that way. Common to see and bad every time.
Further it operates under the assumption that key loggers aren’t a thing.
One of the things I love with
@SANSInstitute
courses is the focus on being vendor/product agnostic. So I figured... why talk one vulnerability scanner when we can dive into all of them!
@MalwareJake
I found reading this thread highly worrysome. As a community we need to realize that just because a criminal does something doesn't mean we have the green light to do it too.
1/
This kind of sentiment grinds my gears. I’ve had panic attacks when getting in front of a 1k+ in person audience and I speak professionally.
When you go into a presentation at DC note that the presenter doesn’t do this for a living. They’re terrified… and excited.
8 hands on exercises on day 1? Let's go!
The SEC665 ranges (yep multiple unique environments for every day of the class) are orchestrated with a full SOC. For every exercise we do we also take a look at what a good blue team should see. Then we go farther!
Penetration testing is an outstanding tool to prove that the level of risk assessed by our VM function is accurate.
Don't have VA/VM practices in place? Don't waste your money on a Pentest.
@sanssec460
@SANSPenTest
I am really excited to add this segment of content to the new version of
@SANSInstitute
#SEC460
!
The
@CISAgov
#KEV
list is a boon and a half for vulnerability assessors and managers!
#Voltaire
is the best tool I’ve ever written. I consistently get on consulting calls where there are straight up fans on the zoom. It’s the coolest most humbling thing ever.
#OpenSource
I was an absolute DICK on the call I just got off of. I really don't want this to be who I am in the long term. You can be correct and not a jerk at the same time.
Can you hack my....?
@tarah
"It's the equivalent of asking somebody who spent three years perfecting their karate to beat someone up for you."
#SANSHackFest
This has been a… day.
@delta
legit screwed me in Seoul and their reps either didn’t care or couldn’t do anything about it.
@KoreanAir
cared so much that they randomly found me in the airport 3hrs later (idk how). It’s a worse seat, but at least I’m headed home.
My running fitness is continuing to crush my expectations. Broke 7mins / mile on mile 5 today and kept the pace sub 8 throughout. Didn’t think I could
#RedTeamFit
I was about to run ransomware on a machine that I'm in the middle of using for an engagement when I realize that that may not be the best idea I've ever had. Can we all take a moment to acknowledge how smart I am?!?
Doing an IR and the attacker left their privatekey on the target with ssh keys set up on their C2 server... I know I can't, but... I really wanna use it...
I’ve only ever heard bad things about Ohio, but in my short time here it’s been lit 🔥 Good weather (maybe lucky), Great people, Cool places, Comfortable vibe. Thanks for showing me your city
@flakpaket
@bettersafetynet
! I’ll definitely be back!
Want to know my most successful privilege escalation technique? Lateral movement.
We often get so stuck into our phases that we fail to look beyond them.
@MalwareJake
I would rarely say no to something of this sort, but with one of the primary problems affecting society today being fear, uncertainty, and doubt related to coronavirus... I'd say anything exacerbating that would be unethical. Certainly from a consequentialist perspective at least
With the return of Anonymous and pain and oppression a daily gut punch to our world view. I’m going to be doing a YouTube series on hactivism. The first video will be out today. Stay tuned.
#BLM