Peter Winter-Smith
@peterwintrsmith
Followers
6K
Following
8K
Media
205
Statuses
2K
Security researcher & implant developer @mdseclabs; developing SAST @wsastsupport; malware, code analysis, appsec, cryptography. Trying to follow Christ.
London, UK
Joined August 2010
Today I am pleased to announce the release of a code analyser Iโve been working in my free time - wSAST ( https://t.co/0B4bbvWzbV) wSAST aims to make code analysis easier for application security consultants by providing tools to graph relationships, find paths between functions,
12
162
436
Nice work @saab_sec ๐ฅ
Interested in an alternative approach to sleep masking for you malware? Check-out our latest blog post "Function Peekaboo: Crafting self masking functions using LLVM" by @saab_sec
https://t.co/CTaydmHZi5
1
1
5
Amazing work from the team!
This release is probably going to be one of our biggest and most impactful! Kudos to the team @peterwintrsmith @modexpblog @s4ntiago_p @GigelV41464 @saab_sec ๐
1
0
5
In our latest blog post, we detail how you can leverage the Nighthawk API to streamline your Red Team Ops.... Automating Operations with Nighthawk - https://t.co/9hKMT9HM8A
0
18
66
If itโs true that @irsdl is looking for a new full-time position I recommend anyone wanting to hire an elite-level web/.NET researcher or consultant reach out to him immediately as he wonโt be looking for long!
NEED YOUR HELP! My Friend/Teacher Soroush (@irsdl) Is looking for a new company to join, you know him as the .NET-God, the guy who has popped exchange, sharepoint, has maintained ysoserial_.net for years, contributed to the exploitation scene numerous times, taught all of you
1
1
4
She waited two hours for a word. God told her she already had it. Listen to this lesson about hearing God. It could change your life.
0
42
445
I have launched YSoNet ( https://t.co/9BofGcFaWh) and added #SharePoint CVE-2025-49704 payload generator to it as the first thing. Here is how this can work: Running command: ``` ysonet.exe -p sharepoint --cve=CVE-2025-49704 -var 1 -c "calc" ``` Running C# code: ``` ysonet.exe
github.com
Deserialization payload generator for a variety of .NET formatters - irsdl/ysonet
4
125
475
Taha always working on something new ๐ช๐ป๐ฅ
Iโve released ๐๐๐๐จ, a C library (with CLI and Python bindings) to unpack .NET assemblies from an ๐ฎ๐๐๐ฒ๐บ๐ฏ๐น๐ถ๐ฒ๐.๐ฏ๐น๐ผ๐ฏ file. https://t.co/hy13RdUhof
#xamarin #mono #dotnet #assemblies #reverseengineer
1
0
4
Only a couple more weeks left on the early bird discount for our @BlackHatEvents training with myself, @_batsec_ and @__invictus_ - Lots of fresh new material for 2025. This course isn't just about tradecraft, the focus is on building capabilities that will help red teams succeed
0
7
44
Kept this one under wraps for a while, but happy to finally say @saab_sec and @GigelV41464 are joining @peterwintrsmith, @modexpblog, @_batsec_ and @s4ntiago_p in the @MDSecLabs R&D team next week... big things are coming ๐ฅณ
5
7
61
Stumbled on ServiceNow during a red team? If not you might want to check our latest post on Red Teaming with ServiceNow by @__invictus_
https://t.co/pkCVT851X0
8
100
322
What if DeepSeek is just ChatGPT o1 rebranded and this entire thing is just a move to make US tech stocks fall so the Chinese can buy up at bargain prices
2
0
10
January 27th 15:30 GMT. Join us for a live webinar showcasing some of Nighthawk's key features and evasive capabilities. Orgs can apply to register here: https://t.co/lIz4Jhp3KV
0
5
29
I am excited to share with you my latest research - "DCOM Upload & Execute" An advanced lateral movement technique to upload and execute custom payloads on remote targets Forget about PSEXEC and dive in! https://t.co/ruQJlXgLqV
https://t.co/Yp25P6pZvH
github.com
DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely - GitHub - deepinstinct/DCOMUploadExec: DCOM Lateral movement POC abusing the IMsiServer interf...
12
247
599
Lots of stuff squeezed into this release, hopefully worth the wait!
Some awesome work from @peterwintrsmith @modexpblog and @s4ntiago_p for this latest release ๐ฅ๐ฅ๐ฅ
1
1
28
Ready for some Thanks Giving reading? Nighthawk 0.3.3 Evanesco is now live for customers https://t.co/ySi9buZfWe
#happythanksgiving
5
29
79
Code name: Invisiwiener ๐ญ๐ซฅ
Here's a sneak peak of a new feature we have coming up in the next #Nighthawk release https://t.co/JrNk0kph5b
@peterwintrsmith
#goodbyeyara
1
0
19
Our activation server had a problem updating which may have made activation of wSAST fail - if you encountered this please try again it should all be fixed now!
0
1
1
Having a great time and enjoying the talks at Redtreat ๐
0
1
34
My @IOActive hack::soho talk on wSAST is finally online! If static code analysis interests you then you may enjoy hearing a little about the journey, trials and tribulations of building a SAST engine from scratch!
2
23
66