1.
BenHeise
@benheise
[Tooling ] Updated DInjector with 'RemoteThreadKernelCB' technique for shellcode invocation by spoofing the fnCOP… twitter.com/i/web/status/1…
Retweet of status by @snovvcrash
12 Jan 22
copy & paste +upvote -downvote [Tooling ⚔️] Updated DInjector with 'RemoteThreadKernelCB' technique for shellcode invocation by spoofing the fnCOP… https://t.co/LLHfkcb2KQ
2.
BenHeise
@benheise
Updated the reflective loader to work with Cobalt Strike v4.5! Only took ~25 hours and 3 rebuilds to find the bug
github.com/boku7/BokuLoad…
github.com/boku7/BokuLoad…
31 Dec 21
copy & paste +upvote -downvote Updated the reflective loader to work with Cobalt Strike v4.5! Only took ~25 hours and 3 rebuilds to find the bug 😅
https://t.co/At0dcvYZF0
3.
4.
5.
6.
7.
BenHeise
@benheise
Yikes. pic.twitter.com/aZ5ImSOAKk
18 Nov 21
copy & paste +upvote -downvote Yikes.😬 https://t.co/aZ5ImSOAKk
21 Aug 21
copy & paste +upvote -downvote @j0nh4t @Razer I just tried spoofing the vendor id to 0x1532 and product id to 0x0084 and it works great 👍
BenHeise
@benheise
It's not Anxiety unless its from the Anxiety region of France, otherwise it's just Sparkling Stress
06 Jul 21
copy & paste +upvote -downvote It's not Anxiety unless its from the Anxiety region of France, otherwise it's just ✨🌟Sparkling Stress 🌟✨
BenHeise
@benheise
New blog post!
Following the release of "Perfusion", my exploit tool for the RpcEptMapper registry key vulnerabi… twitter.com/i/web/status/1…
Following the release of "Perfusion", my exploit tool for the RpcEptMapper registry key vulnerabi… twitter.com/i/web/status/1…
21 Feb 21
copy & paste +upvote -downvote New blog post! 🤓
Following the release of "Perfusion", my exploit tool for the RpcEptMapper registry key vulnerabi… https://t.co/TZDPVJyKRm
BenHeise
@benheise
Bye-bye botnets Huge global operation brings down the world's most dangerous malware.
Investigators have taken co… twitter.com/i/web/status/1…
Investigators have taken co… twitter.com/i/web/status/1…
27 Jan 21
copy & paste +upvote -downvote Bye-bye botnets👋 Huge global operation brings down the world's most dangerous malware.
Investigators have taken co… https://t.co/WHP6dYnf94
8.
9.
10.
11.
BenHeise
@benheise
Nice. Super simple to combine Nim DLLs with sRDI for shellcode injection pic.twitter.com/M1yUsVRSBx
15 Jan 21
copy & paste +upvote -downvote Nice. Super simple to combine Nim DLLs with sRDI for shellcode injection🐚 https://t.co/M1yUsVRSBx
BenHeise
@benheise
lsassy v3.0.0 𝗯𝗲𝘁𝗮 available for testing
️If you want to try it out, feel free to report any bug you find
* Rewr… twitter.com/i/web/status/1…
️If you want to try it out, feel free to report any bug you find
* Rewr… twitter.com/i/web/status/1…
Retweet of status by @HackAndDo
25 Aug 20
copy & paste +upvote -downvote 🔥 lsassy v3.0.0 𝗯𝗲𝘁𝗮 available for testing
🏗️If you want to try it out, feel free to report any bug you find
* Rewr… https://t.co/jCXmsP6WaS
BenHeise
@benheise
Really excited about this integration:
Use C3, Donut, and Covenant together seamlessly
twitter.com/FSecureLabs/st…
Use C3, Donut, and Covenant together seamlessly
twitter.com/FSecureLabs/st…
10 Mar 20
copy & paste +upvote -downvote Really excited about this integration:
Use C3, Donut, and Covenant together seamlessly 🔥🔥🔥
https://t.co/zYkhMPVRGI
B⬡nH⬡is⬡
@benheise
\\live.sysinternals.com\tools\notmyfaultc64.exe /accepteula bugcheck 0x37
You are welcome pic.twitter.com/Au17MKkT3b
You are welcome pic.twitter.com/Au17MKkT3b
14 Feb 20
copy & paste +upvote -downvote \\https://t.co/1FtqpjbG0c\tools\notmyfaultc64.exe /accepteula bugcheck 0x37
You are welcome 😎 https://t.co/Au17MKkT3b
...but wait! There's more!
1.
fakhright
@fakhright
astaghfirullah peng.krim guaaaaaaaa..............a *salto sambil solat*
14 Jan 13
copy & paste +upvote -downvote astaghfirullah peng.krim guaaaaaaaa..............a *salto sambil solat* 🙈🙈🙊