Jelle Vergeer
@jelleverg
Followers
484
Following
4K
Media
38
Statuses
626
Red Teamer / Specialist Leader @DeloitteNL. Hacking, reverse engineering, racing & drifting, @jelleverg.bsky.social
Joined November 2010
Red Team Revelations: Discover how we uncovered vulnerabilities in Ivanti Workspace Control, elevating privileges & lateral movement within networks. -
0
0
5
RT @M4yFly: New Active Directory Mindmap v2025.03! 🚀. 📖 Readable version: 🔧 Now fully generated from markdown file….
0
329
0
RT @fr0gger_: #100DaysOfYara Day 16: Do you like automatically generating Yara rules based on opcode? 💻. Well me too and I've got you cover….
0
11
0
RT @YunZhengHu: I just published dissect.cobaltstrike v1.0.0. It now supports parsing and decrypting C2 traffic from PCAP files and also ad….
github.com
This release mainly introduces support for parsing and decrypting Cobalt Strike C2 traffic from PCAP files and also adds Beacon Client support which allows you to connect to a Cobalt Strike Team Se...
0
89
0
Some none-technical wisdom on the Saturday morning ;). "Perhaps the most anti-mimetic attitude of all is an openness to wonder and a desire to let reality surprise you. It rarely disappoints." -
psyche.co
From career choices to new purchases, use René Girard’s mimetic theory to resist the herd and forge your own path in life
0
0
1
New blog! Reverse engineering and decrypting CyberArk Vault Credential files -
3
86
200
Released version 1.1 of StreamDivert. Added logic to support forcing redirected streams to be sent over a specific network interface and added verbosity command line flags.
github.com
Release v1.1 contains the following changes: Added -v verbosity command line flag. StreamDivert will not output (modified) packet details, drastically improving performance. Added packet interface...
0
0
3
Volatility 2020 results are in! Got 2nd place with my plugin to dump SSH session keys + project to parse and decrypt SSH traffic :).
3
13
62
RT @volatility: And the @volatility #PluginContest First Place Winner is: Gustavo Moreira for Netfilter! . Read the full contest results:….
0
26
0
RT @volatility: Volatility #PluginContest #Contender: @jelleverg submitted a #volatility3 plugin to extract SSH session keys from #OpenSSH….
0
17
0
Just published my research about recovering OpenSSH session keys and decrypting and parsing SSH network traffic using those: @volatility.
blog.fox-it.com
Author: Jelle Vergeer Introduction A while ago we had a forensics case in which a Linux server was compromised and a modified OpenSSH binary was loaded into the memory of a webserver. The modified …
2
90
182
RT @FSDominguez: Patience, understanding & empathy, they seem to be on the fast track to become forgotten virtudes.
0
1
0
Submitted my research for recovering OpenSSH session keys and decrypting and parsing SSH traffic using those to the @volatility plugin contest yesterday. I hope to publish some more about this soon!.
1
9
41
RT @_RastaMouse: I think this is the easiest way to spoof cmdline args if you don't worry about changing allocated memory size. It just mea….
0
47
0
RT @foxit: In our latest blog (by @jelleverg) we release and opensource a new tool: StreamDivert. StreamDivert is a tool to man-in-the-mid….
0
11
0
RT @NCCGroupInfosec: Tool: StreamDivert: Relaying (specific) network connections on Microsoft Windows -
nccgroup.com
0
14
0