📂 #Opendir Alert — SysInternals EXE Collection 📂. An exposed directory found:.🔗 eli[.]xir[.]no/SysInternals/.💾 Contains 151 .EXE files. ⚠️ Handle with caution — may include potentially malicious samples. A good source for #Malware analysts & researchers. #CyberSecurity

@Tsutsui0524 Aの場合、アシタカのアカウントで意図せずファイルが開かれている可能性が高いです。.そこで、sysinternalsからprocess explorerをダウンロードして来て、開いているプロセスを特定しましょう。.対策はプロセスを特定してからの検討となります。.続く.

@deadvolvo @HackingLZ oh its funny. kali linux in the microsoft store is rather funny to me. just pointing out some more fun software to download if you find yourself on a box with some app control but microsoft store access ;).but Sysinternals Suite on microsoft store is my fave. Blends in well.

@deadvolvo @HackingLZ Sysinternals Suite is also on the store. As well as kali linux (for WSL). I'm sure there's other neat stuff, but I've used those on actual ops, where they had app control, but blanket allow for microsoft store.

@devnetsecops @jordimash Són, d'esquerra a dreta, en Mark Russinovich (sysinternals ara a Microsoft), Bill Gates (Microsoft), Linus Torvalds (Linux) i Dave Cutler (sistemes operatius pel PDP-11 i VMS a DEC i Windows NT a Microsoft, fa uns mesos encara estava fent codi als 83).

If 7 minutes is enough for you 😼, you can preimage the hash instantly (2-6 close values). Edit your serial via NtWriteFile("C:",buf,0x200), or via Sysinternals VolumeId.exe. But we can detect tampered serials! Only 0x7F80094B values are "genuine" (out of the full 2⁶⁴ space).