If you want a copy of the slides from my #CSides talk last night, How To Eat A Shell Backwards In 367 Bytes, then check out -> drive.google.com/open?id=1sZnxS… BSidesCanberra

Looks like Hex-Rays have published their 'Hex-Rays Plugin Contest Results 2018' #idapro #reversing bit.ly/2Q2sfwt

I’m sure there is a dad joke in there about enabling unsolicited remote access #0day threatpost.com/unpatched-micr…

Rule #1 of being a spy. Don’t get caught. washingtonpost.com/world/national…

GitHub - int3rrupted/resolveHashedFunctions github.com/int3rrupted/re…

VirtualBox E1000 Guest-to-Host Escape github.com/MorteNoir1/vir…

Reverse engineering

awww yisss rsaconference.com/events/us19/ag…

Now that looks like an interesting presentation. ;)

things you can do on a Saturday morning. 1. sleep in, 2. do washing, 3. write a Linux implant BSidesCanberra

things you can do on a Wednesday night. 1. put the kids to bed, 2. wash the dishes, 3. write a Linux implant controller BSidesCanberra

just wanted to say how much easier it is to dev with packer and vagrant in my toolchain. #malware BSidesCanberra HashiCorp

well I did say that I would share my slides and demo. i've got some time this month, so I might firm the attribution. slides -> tinyurl.com/y4edmjav demo-> tinyurl.com/y3ogfvf9 BSidesCanberra

How annoying is Windows shellcode packed with RTLDecompress buffer? Python to the rescue -> github.com/int3rrupted/Py…

Well there you have it.

how many more reasons do you need to port to ghidra -> github.com/justfoxing/ghi… #reversing sigpwn

Seeing EDR evasion is so hot right now, I just wanted to add my own. Call the victim and ask them to run the following at an elevated PowerShell prompt. Pow, Windows ATP bypassed -> Set-MpPreference -DisableRealtimeMonitoring $True #Bypass #GetARealJob #CyberDefence

"Advanced Windows Implant Development & Detection" by CG runs 2 days before BSides Canberra 2020 at the National Convention Centre. eventbrite.com.au/e/advanced-win…

What a week. Who would have thought my Australian Crowdstrike team would have set the Internet on fire by Wednesday. Now it’s time to pass out. #3CXpocalypse reddit.com/r/crowdstrike/…

Is it really necessary to go trawling through old commits of OpenSSH source just to understand what certain sshd messages actually mean in auth.log?