jsoncrack - Seamlessly visualize your #JSON data instantly into graphs; paste, import or fetch! bit.ly/3BsrsiP

/1 How do Apple Pay and Google Pay handle sensitive card info? The diagram below shows the differences. Both approaches are very secure, but the implementations are different. To understand the difference, we break down the process into two flows.

Fox-IT just open sourced their enterprise forensics tooling dissect. This is a big project that some of the smartest people I know have worked on. It supports many filesystems and file formats, all as Python libraries. Docs: docs.dissect.tools / code: github.com/fox-it/dissect

Microsoft Defender has been updated to block 15 different methods of LSASS dumping Microsoft Security AV-Comparatives microsoft.com/security/blog/…

Slides also detail an 0day in Parallel's macOS installer, that affords a local unprivileged attacker or malware, root privs! 🔓👀

"Hello World under the microscope" - an article we wrote together with Gynvael Coldwind and j00ru//vx! Originally published in issue 100 (1/2022) of the Programista magazine, now available online in Polish and English. asawicki.info/articles/Hello…

With more than two months to go of 2022 I can say with certainty that this is THE tip of the year: Shortcuts to Microsoft admin and user portals + deep shortcuts to Azure AD sections. aka.ms/commands

🧵We are excited to share that The Zeek Network Security Monitor is now a component of Microsoft Windows ! An incredible development that truly establishes Zeek as the de facto standard for #networkevidence: corelight.com/company/zeek-n… 1/4

#Emotet’s operators were busy updating their systeminfo module, with changes that enable malware operators to improve the targeting of specific victims and distinguish tracking bots from real users. #ESETresearch 1/7

Linux kernel WiFi stack bugs exploitable over the air are always worth following up with! CVE-2022-41674 (RCE) CVE-2022-42719 (RCE) <<< CVE-2022-42720 (RCE) CVE-2022-42721 (DoS) CVE-2022-42722 (DoS) openwall.com/lists/oss-secu…

A good writeup of the flaw here by Horizon3 Attack Team , which has left me shaking my head wondering how this code passed any inspection horizon3.ai/fortios-fortip…

This is absolutely insane github.com/wssheldon/osin…

Here's a finding I had in Defender earlier this year that I thought was neat. Not cool enough for a blog post, so here's a 🧵: Azure VMs have a component called 'Serial Console', which allows commands to be passed via COM1. The commands are limited, but one stood out: procdump

I was today many days old when I discovered that ASCII contains a vertical tab character (0x13) as well.

3 subdominios de Microsoft (aka bypass) están siendo utilizados para distribuír #phishing dirigo al robo de credenciales corporativas 🤯 /ecv.microsoft.com/Wk7OBC6cRW /ncv.microsoft.com/fVgfvmUTpN /customervoice.microsoft.com También DigitalOcean y Skynet Labs ⚠️

Source advisory: vmware.com/security/advis…

Sneak preview of Volumeiser. Final version will allow listing and extraction of OS files from common hard disk image formats. My favourite so far is AWS EBS snapshots. Extracting registry hives now takes seconds + a few MB of data instead of unworkable 100G images.

Today, we're excited to launch GitHub code search - a new way to search and navigate code. We’re introducing a brand new search and code navigation view and they are jam packed with new features. Here are some I’m excited about.... 🧵 1/6

Intending to leave (and close) my Twitter account soon. Find me on infosec.exchange/@0xducky or at github.com/mkorman90

"Regipy MCP: Natural Language Registry Forensics with Claude" Six years ago, I wrote a blog post introducing regipy, a Python library I built because I was frustrated with existing registry forensic tools. I needed a tool that could parse registry hives… ift.tt/3oyxnkb