Haidar Kabibo (@haider_kabibo) 's Twitter Profile
Haidar Kabibo

@haider_kabibo

Wine tester at Kaspersky :)

ID: 797600049266098176

linkhttp://sud0ru.ghost.io calendar_today13-11-2016 00:40:45

18 Tweet

51 Followers

50 Following

Haidar Kabibo (@haider_kabibo) 's Twitter Profile Photo

It's not for the faint-hearted :) I decided to start an ICS security series on my personal blog. I started with HTB's Challenge "Watch Tower" . I have explained it in a very deep way and the write-up will be the official write-up of the challenge soon sud0ru.ghost.io/ics-security-s…

Haidar Kabibo (@haider_kabibo) 's Twitter Profile Photo

Do you know NMAP? I don't think so. There are three types of users: the script kiddies who just run commands, those who think they understand it by knowing how port scans work, and the experts who know what's under the hood. Be a part of the elite. Dive in sud0ru.ghost.io/do-you-really-…

Haidar Kabibo (@haider_kabibo) 's Twitter Profile Photo

Excited to announce that I'll be speaking at this year's PHDays festival! I've found a new way to gather info from domain controllers, including enumerating domain users. The best part? This technique can not be stopped and hard to detect. Stay tuned!

Excited to announce that I'll be speaking at this year's PHDays festival!  I've found a new way to gather info from domain controllers, including enumerating domain users. The best part? This technique can not be stopped and hard to detect. Stay tuned!
Eugene Kaspersky (@e_kaspersky) 's Twitter Profile Photo

A journey into forgotten Null Session and MS-RPC interfaces. We challenged ourselves if we can bypass policies and restrictions today, after 24 years of Microsoft restricting null sessions, and bring the idea of anonymous access back to life 👉 kas.pr/nj9c

A journey into forgotten Null Session and MS-RPC interfaces.

We challenged ourselves if we can bypass policies and restrictions today, after 24 years of Microsoft restricting null sessions, and bring the idea of anonymous access back to life 👉 kas.pr/nj9c
Haidar Kabibo (@haider_kabibo) 's Twitter Profile Photo

Yesterday was a special day for me. It was the first time I gave a public talk in English, presenting my latest research at PHDays. You can watch the full talk here: pt.comdi.com/watch/rpscd6as

Yesterday was a special day for me. It was the first time I gave a public talk in English, presenting my latest research at PHDays.
You can watch the full talk here: 
pt.comdi.com/watch/rpscd6as
Haidar Kabibo (@haider_kabibo) 's Twitter Profile Photo

This is how I solved the execution hang using dcomexec against Windows 10. It seems that some objects have no permission to write in the ADMIN$ share. The repo is part of research against DCOM that will be published soon with very interesting results. github.com/sud0Ru/impacke…

Haidar Kabibo (@haider_kabibo) 's Twitter Profile Photo

I released a tool, which I called "NAuthNRPC." It applies a new method for enumerating domain users. The tool is simple to use—just enter domain controller's IP address and the users file, and wait for some magic. Metasploit module will be available soon. github.com/sud0Ru/NauthNR…

Metasploit Project (@metasploit) 's Twitter Profile Photo

This week's wrap-up includes an unauth command injection in the Netis Router, and a MS-NRPC Domain Users Enum. Get it here: rapid7.com/blog/post/2024…

Haidar Kabibo (@haider_kabibo) 's Twitter Profile Photo

Excited to announce that I'll be speaking at the POC Conference in Seoul, South Korea! I'll be presenting my latest research on MS-RPC interfaces and introducing part two of the study. Stay tuned!

Haidar Kabibo (@haider_kabibo) 's Twitter Profile Photo

I'm excited to announce that I will be speaking at the DefCamp conference in Bucharest, Romania, on November 27-28th this year! I will be sharing my experiences with Bluetooth assessments, gathered from numerous engagements across various projects. def.camp/speakers/#

I'm excited to announce that I will be speaking at the DefCamp conference in Bucharest, Romania, on November 27-28th this year! I will be sharing my experiences with Bluetooth assessments, gathered from numerous engagements across various projects.

def.camp/speakers/#