ippsec
@ippsec
Followers
111,207
Following
350
Media
583
Statuses
4,468
Explore trending content on Musk Viewer
seokjin
• 106987 Tweets
Rayados
• 48820 Tweets
MARTIN AL 9009
• 36966 Tweets
DAHYUN
• 36094 Tweets
Clippers
• 33752 Tweets
ネルフェス
• 24820 Tweets
Monterrey
• 23690 Tweets
Columbus
• 20182 Tweets
DwiTUNGGAL PRABOWOGIBran
• 18120 Tweets
FokusKERJA FokusSIAPKAN
• 17450 Tweets
ワンボタン瞬獄殺
• 14036 Tweets
Gerson
• 13006 Tweets
#デレステGWCP後半
• 12964 Tweets
Tigres
• 10720 Tweets
カード付き
• 10044 Tweets
Last Seen Profiles
Pinned Tweet
Looking for a video on a specific hacking technique/tool? Check out - Searches over 100 hours of my videos to find you the exact spot in the video you are looking for.
67
345
2K
Ever come across a file running on a Linux box that was deleted from the disk? Did you know you can likely use DD to recover the file without any non-standard tools?
28
612
3K
For the people that hate on "CTF". For what it's worth I have no college degree and prior to 2015, I never held a job in the "security realm". My job became security in 2015 and started my YT in 2016. Pretty much my entire understanding of "hacking" is from playing around on CTFs
49
225
2K
One of the recurring questions I get is "How do you learn all this stuff?". There is no shortcut, just tons of time. At the start of channel my every 30 minutes recorded was easily 4-5 hours of research and reading. That's not including solving the box.
43
178
1K
Inspired by
@TinkerSec
, I'll tweet out a "hack job" I recently did. I rarely pentest companies, I've always been a blue teamer. The pentest gigs I do are generally favors to other blue team friends to teach them. My rate was $50/h which is much lower than what I typically charge.
27
285
1K
Not the best cable management yet, but happy I finally got the home lab somewhat tidy.
74
28
1K
It always surprises me how much more accessible "hacking" training has become. Just read a story about a Dentist who got OSCP, for no reason other than it sounded fun. No plans to change professions or hack on the side, just wanted to learn the dark arts
14
136
889
How time flies! Today is my 2 year mark for uploading (almost) weekly videos. Now you can download digital copies of all 113 videos, or 200 hours of content for $10, it's around 200 gigs. . Sorry to charge, YouTube will always remain free.
54
180
855
One old motto I've thought a lot about recently is "Practice doesn't make perfect, perfect practice makes perfect".
When pursuing a career in video games, I thought about this a lot as if you just grind out games for 12 hours per day. You likely will hit a wall that would…
22
102
830
Starting to put together a Linux Privesc Video. Can anyone spot something non-network that I'm missing?
- Recon (linPEAS/LinEnum)
- Sudo
- Permission Overview (file writes - sshKey/cron)
- SetUID
- Kernel
- Cron
- Network [mysql, postgres, erlang cookie (couchDb)]
82
110
819
My first attempt at a Blue Team Video, configure a bunch of Windows Logging: (cmd line, powershell, taskhistory, sysmon) and send it to HELK for analysis/sigma rules. Not BlueTeam? Putting this in reports is sure to impress & helps improves evasion tactics
14
268
823
I get asked a lot about avoiding burnout, which is an incredibly tough question to answer because I think a lot of other issues get attributed to burnout. It seems people think a lack of motivation to start something == burn out, which isn't always the case. For me, it's more
27
138
748
HackTheBox is running a huge pro-lab discount this month. Use coupon code: "weloveprolabs22" and waive the setup fee ($95) of any pro lab. Each pro lab is $27/m, which makes this over 75% off.
The coupon expires at the end of the year.
13
211
751
One thing I get asked quite a bit is how to find a job. Certifications, bug bounty/HTB/TCM profile, cve list, etc. My answer always is to start a blog, yt, GitHub, etc. Having a social network is vastly underrated and the best way to find jobs is to get your name out.
19
118
745
Just uploaded my favorite way to detect Password Sprays and Kerberoasting on a budget by combining Event Log Filters, Scheduled Tasks, and CanaryTokens. The ability to create scheduled tasks that fire upon specific eventlog events is super powerful.
5
180
723
Man. After nearly 4 years of doing HackTheBox videos,youd think any video would be easy to record.This next video is going to have some tough concepts and I dont plan on just skimping out and doing the easier unintended!
@0xdf_
and I spent several hours this week understanding it
21
34
711
Made a video on modifying the Mimiakatz Source to avoid std AV Sig Based Detection. Its a pretty long video due to the repetitive process, and relatively simple up to the modifying a DLL Export to use ordinal loading vs named to remove a string.
15
251
679
The computer desk is pretty much setup in the new office! Just need to get some more lights and cabinets
58
16
674
To the people upset by public red team tools. If you cant detect open source tools than what chance do you have at detecting private one off tools. It’s much easier to automate a battle against 100 duck sized horses than it is to face off against a single horse sized duck.
16
125
671
Started working on the prep for the PrivEsc video. Can't wait to show it off.
21
65
663
The video on setting up an Android VM, Installing the Burp Certificate in the System Store, and proxying application traffic through BurpSuite is live now! Additionally, I go over using Frida to defeat certificate pinning.
10
149
664
I regret trying out . Didn’t think a computer would roast me harder than the internet 😂
40
16
652
Logged into youtube today, to find out it's been five years since I started publishing videos. For anyone that's seen every video, that is 284 hours or almost 12 days!
36
23
648
#HackTheBox
Video Hackback is now up and it is a doozy (4h30m). Probably doubled my previous longest video but tons of information about NamedPipes, Token Manipulation, Impersonation, AV Evasion, Diagnost Hub, etc.
18
134
606
Should go without saying - But please understand exploits before you throw them. If you throw the ZeroLogon variant that blanks out the machine account password in a production environment. You're gonna have a bad time.
10
122
615
Also for the people that think I’m an expert. I’m really just reading books then doing videos to help my understanding/retention. The best way to remember something is to figure out a way to explain it to someone else.
20
82
610
Unfortunately - There won't be a video today, had caught Covid for the first time last week and took some days off. All is fine, just taking it easy.
90
5
589
For the people on New Years Resolutions related to studying. Keep at it! I know at times it may feel like you are not improving but I promise you that you are. It's very difficult to measure progress in this field, which makes motivation tough (1/5)
10
106
587
Just started overhauling my YouTube Playlists! Now there is a separate playlist for each difficulty and OS!
26
101
577
Not to mention all the time I spend on google or reading books. This can be a tough field, but it is very rewarding and anyone is capable of doing it. I have next to zero college experience, not even an associates degree. And my high school didn’t really have IT classes.
26
60
574
Added playlist searching to , which means operating system and difficulty are now searchable. This allows you to filter the results when you see a technique that is applicable to both Windows and Linux machines. Example:
7
81
569
Really enjoyed reading the APT-29 Article from Unit 42. Decided to do a video talking about it and some light reversing at the malware. Its pretty sad that APT-29 has been doing the LNK in a ZIP TTP for 5+ years and remained succesful by swapping payloads
5
137
547
As I've said many times before, lots of us CTF Creators make boxes specifically to teach people how to be successful. This person went from never testing an API before, to earning over a grand within 48 hours of playing my box.
Just posted a video on the latest
@HackingEsports
UHC Box I made, Backend. I made this box with the intent to teach people about fuzzing backend APIs when the frontend isn't exposed. It's now playable on
@hackthebox_eu
2
38
195
14
53
538
Decided to finally do an OS Rebuild yesterday, will do my best to keep all OS Customizations to an Ansible Playbook, so you can build your own copy of the VM you see in my videos and document the critical pieces via a video series. Here's the first vid:
13
77
525
First
#HackTheBox
Battlegrounds game! Time to switch sides and play on the Blue Team for the remainder of the game. Definitely a fun and unexpected night!
13
37
505
I really hated Linux auditing until I found this. Couple it with Laurel and it becomes really easy to ingest these types of logs. Best of all, logging on linux is so rare most adversaries won't see it coming and get caught instantly. Demo here:
9
130
503
#HackTheBox
APT vidoe up. Ive been running Nmap for a decade+ and this is the first time I've looked into using port 135 for enumeration. Was pretty cool using impacket to pull the Hostname/IP Address. Also really unique way to use the *potato attack
7
78
476
Now is a great time to get started with HackTheBox! 8 of the best easy machines are now free. Some of them may even be Domain Controllers so you can play with that new PrinterNightmare thing everyone had been talking about
13
97
487
Moved my computer to a new room and installed some stuff that should improve the sound quality. Can’t wait to find time to record a new video
14
11
486
I’m always surprised when people starting out think they should avoid reading writeups or watching videos. Got with
@0xdf_
and wrote a blog post on the issue and how we’d create a training plan . If this sounds like you or you’re having trouble check it out
21
100
477
#HackTheBox
Rope2 retired. This was an insanely tough box and midway recording the heap stuff I decided to do start over and try to do justice on teaching exploiting the v8 JavaScript portion. Just that piece is 2 hours!
3
66
477
Lol. Recording another video for HTB and just said the password to my machine out loud as I typed it to unlock a VM. Can't imagine how many times I would have done that streaming.
17
6
461
Happy Leap Day. I'm going to raffle off 10 HackTheBox VIP Passes (1 month each), reply to this post with a link to your favorite IppSec video and why. Contest ends sometime tomorrow. Be sure to follow me, if I cannot DM You then I will just pick a different person.
183
66
449
HackTheBox Forest has been retired. A great box to learn some common misconfigurations in Active Directory (via Bloodhound). I even go down some rabbit holes and make password spraying lists using a few words and hashcat rules.
10
92
453
Converting the majority of my home networks to IPv6 Only. Can't wait to start testing tools/IOT crapware and seeing what ones break.
14
37
445
Just uploaded a video on creating a Malleable C2 Agent, the video is C++ with a little Python and pretty simple. Essentially, we just allocate a lot of space for an obfuscated string and then parse it via JSON at the start.
5
85
447
I’ve gotten over 20 DMs asking where the video for today is. I’m currently on a long staycation for the holidays. The next video is 1/9. If I finish my time away from the computer early, I may record something before then but I wouldn’t count on it.
20
6
441
Really liked
@Cyb3rWard0g
's OMIGod Detection rules but wasn't sure how to configure Linux Logging to utilize it. Spent a few hours learning Auditd and Laurel, so if you ever wanted to do more than default Linux logging. This is for you -
6
113
440
I can’t recommend the HackTheBox battle grounds enough. It’s an amazing resource for both blue and red teams. If you want more BT vids on this platform, be sure to like, comment, and share!
If it’s a hit I may show be able to show more of the blue side
12
68
443
Uploaded a video on DLL Hijacking - Talked about this topic a lot on stream today. The small nugget of info that I don't see people talking about is Explorer.exe exists in C:\Windows\, which makes it a good target.
3
100
433
People really baffle me, for the past five+ years I have seen people advocating moving away from SMS Based MFA. Then in the last 24 hours, a flip switched and everyone is complaining it is going away?
35
42
417
I think my new hobby may be asking OpenAI to write slam poetry. This thing is amazing.
25
41
405
Just put a tool up on to make searching through my videos a bit easier!
12
99
398
Just added Negative Searching into ! If there is a term you do not want to include just prefix the word with a hyphen (-).
2
66
391
Just got back from winning the
@BSides_NoVA
CTF put on by TheHackerGround, only to find my 🏆 from SANS Netwars came in the mail today. Today’s been a good day.
22
14
386
Ever curious about HTTP Smuggling? Check out HTB's Sink video, it abuses a bug between HAPROXY and GUNICORN to trick the server into writing someone else's HTTP Headers into your POST Request. Allowing you to steal the cookies!
1
83
377
This is great news! Now you can earn CPE Credits through HackTheBox, including retired machines. Even more of a reason to watch my videos and work through the backlog of HTB Machines. Be sure to enable the CPE Setting in your HTB account.
10
128
372
Think that may have been my last stream for a while, probably moving back to VOD only. Pretty annoying when trying to show off other CTF Sites and people mess with the boxes putting up redirects to pornhub.
66
12
372
HackTheBox Atom Video is up! A pretty fun box based around analyzing an electron app. But my favorite part is the unintended where I walk through PrintNightmare and some basic troubleshooting with it to get a reverse shell
4
73
370
This Sunday at 1pm UTC, I will plan to stream on Twitch for about 2 hours. Will try to make it a weekly thing. I'm not exactly sure what I will be doing the entire stream. However, I plan to start off with doing IR in an HTB ProLab to see if we can find a "live hack"
23
44
365
As much as I hate that
@LinusTech
got hacked. How he responded is pretty amazing, and shows how anyone can become the victim of social engineering/phishing. And kudos to him for taking responsibility himself, not easy for anyone to do especially publicly.
5
23
366
Woo! Gobuster 3.0 is out, and has pretty much every feature I used wfuzz for!
Finally
#gobuster
v3.0.0 is up! Thanks to everyone who contributed and for
@_FireFart_
putting so much into it.
Binaries can be found here:
Be sure to read the README, as a lot has changed, including the CLI:
14
307
603
9
102
368
If you like my videos, or just want written stuff. Check out: -
@0xdf_
does a great job writing things up, and will often edit his posts to include what I do in my videos. Sometimes even expanding on things where I got stuck!
8
125
358
Nothing like watching some hacking outdoors.
Meet the 10 players of tonight! 😎 We’re waiting for you. Come watch us and don’t forget that
@_johnhammond
and
@0dayCTF
will be with
@int0x80
commenting the CTF.
Broadcast, at 6PM CDT, here:
#HackingEsports
#UHCCTF
#CTF
#esports
#hacking
#pentenst
0
14
85
8
11
356
Did you know that on most Linux Distros if a user does a "su" without using the -P flag, it is possible for a poisoned profile to run codes as the user running su? If not, check out my video on Download from
#HackTheBox
where this was the root step.
2
64
352
Finally created a Linkedin. Will primarily be on Twitter, but figured I'd give cross-posting there a try as many say the engagement on posts is higher.
12
13
352
Just uploaded a video on parsing Bloodhound Data with JQ, which allows us to create a lot of interesting lists. My favorite one is looking at passwords that have a set time newer than their last logon time.
8
82
345
#HackTheBox
just launched Academy, which is their version of Guided Learning. I just published a quick intro video here . There aren't any videos in the courses (yet), but it is highly interactive with custom labs and using pwnbox/vpn to interact with them
6
59
344
#HackTheBox
Compromised video is now up!This was an insanely fun box that involves tracing the steps of the hacker to re-pwn a box. Tons of great tips for both IR and RedTeams here. I think everyone here will like the simple filesystem/timestamp forensics.
5
60
341
If you are curious about the ShellBind/ParanoidNinja or Sock Puppet account talk today. I summed it up here, I feel hesitant posting it but hopefully after watching you understand why I did. I really hope he was just telling lies about a backdoor in his c2
17
56
336
I've been super busy and haven't gotten time to record Smasher2, but I did record a video I've wanted to do for a while... Introduction into PHP Deserialization, hopefully it helps people understand other deserialization attacks too
8
96
333
Just uploaded "Advanced PHP Deserialization - PHAR Files", It's pretty much just me walking through the PHP Deserialization exploit
@_s_n_t
presented at
@BlackHatEvents
last year.
1
116
340
YouTube comments never seize to amaze me. The Yellow King, if you are out there, Gratz on the OSCP.
9
10
331
#HackTheBox
AI video is now online. A really cool "out of band" style of an SQL Injection using "Speech To Text". So you need to Verbally Speak out the injection. Once on the box do a pretty cool privesc via Java Debugging.
4
58
332
#HackTheBox
Reddish video is now up! If you have trouble with Network Pivots, this box is for you. It's the first video in which I scattered Powerpoint throughout the video to help understand what's going on. Enjoy!
11
109
330
Day late to the party but goals for 2020:
1. Do atleast 30 minutes of exercise for 70% of the days.
2. Come up with some actual rewards for the patreon tiers beyond 10/m
3. Keep doing the weekly HackTheBox videos.
8
8
333
This module is great. It always amazes me how powerful CrackMapExec really is, yet most people just use it for credential testing.
We released the
#Kraken
#CrackMapExec
module it's ready in
@hackthebox_eu
#Academy
Thank
@mpgn_x64
for building the baseline for this module, helping me out, answering questions, and providing feedback along the way.
@mpgn_x64
and
#CME
Rocks
5
62
304
5
35
329
Woo! Finally found time to record the HackTheBox video for tomorrow, was starting to think I'd miss a release. This should be a great video, did the box two different ways.
8
7
326
#HackTheBox
Bankrobber video is online. This one has a lot of user-side attacks. XSS to steal cookies, than a CSRF To force the user to make a POST Request.
8
69
323
People should really ask before downloading a persons entire channel and providing archives of their content. Kudos to keeping the content out there but I find it seriously disrespectful to not even ask the creator first.
13
29
326
If anyone wonders why I don't recommend iNE Certifications, it's because I cannot get behind their marketing tactics. This one is a new low, they took the OSCP/OSED name, created pages for them on their website, and then link to their own subscription.
39
48
326
Trying something new - Wrote a blog post on my thought process behind creating the Delivery Machine on HackTheBox. Let me know how you all like it, may do it for a few other boxes of mine.
6
58
325
In around 4,000 subscribers I'll be eligible to apply to allow YouTube Channel Memberships! Will probably start up another video series around then to allow for early watching of videos.
16
33
324
Notice a lot of the books there aren’t “red team books”. Heck there’s even a CISSP book mixed in that I learned from. The mistake I believe most people make is spending too more time finding the “optimal path” instead of just trying to learn from anyone, especially themself.
3
26
320
#HackTheBox
Doctors video is now up! A fun box where I had done user an unintended way (Command Injection in a Curl Command). I do a deep dive on the intended method after the box is solved (SSTI), looking at why it's vulnerable and howto patch the code!
9
38
323
#HackTheBox
Patents video is now up! This one is a doozy, just over 3 hours long. The foothold is an XXE Attack that involves modifying a word document, then gets into reversing a binary with Ghidra/GDB. I make tons of mistakes and show how to ID/fix them
5
55
318
Ever exploit a website and get a shell as "LOCAL SERVICE" without the SeImpersonatePrivilege? Turns out you may be able to restore this privilege through Scheduled Tasks (FullPowers automates this). Learned about it doing Visual from
#HackTheBox
4
58
321
For those that don’t think there’s enough time in the day to eat well and exercise — You should really change that. After realizing how much time the ppl I look up to spend afk, I started cycling and mealprepping. There’s less time in the day but I feel more efficient then ever.
18
25
315
My favorite way to clean up my timeline on Social Media sites is by using uBlock Origin to replicate the "muted" words feature. The reason why I like doing it on the browser is that if you don't tell the platform, it doesn't have a good chance to swap out the junk you don't want…
6
31
311
Bad&good news - I doubt I’ll be able to record Smasher2 tonight. The good news is I’ll be able to read some more writeups on the intended path very few took, and hopefully be able to explain it. Tons of material im still trying to figure out a good way to explain. Be up by xmas
9
11
308
This has been my favorite book of the year so far. When we take courses or study, we often only get to see the “path that worked”. In my opinion, knowing what didn’t work is more valuable as that’s where the time is spent fixing things.
10
23
307
#HackTheBox
Sharp video is now online! This box has a ton of windows specific dotnet analysis. The really unique thing about this video is sharing my VPN Connection from Linux to Windows via iptables/nat, so we can hack with both OS's simultaniously.
5
51
307
Everyone, please don’t forget to get some exercise while under quarantine. There’s plenty of workouts on youtube that don’t req equipment. I’ve biked daily and have limited alcohol to 1 day a week, and still managed to put on a few lbs, so time todo a 90 minute ride RIP my legs
20
9
306
#HackTheBox
Crossfit is now up! This box had a lot of small but fun steps. Had no idea about using the CORS Header to bruteforce some VirtualHosts. Also, for this video and onward, I'll be better at taking notes as I go. Really enjoyed obsidian+flameshot.
4
43
307