Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.

n00/py
Joined March 2015
Pinned Tweet
Come to Twitter to learn InfoSec techniques and research? Here is how you do it: - Do the usual, follow people, retweet, etc. - Every time you read a good blog, add it to an RSS feed Eventually you end up with a solid RSS feed, that is near 100% signal.
10
59
382
Show this thread
I have to say @zoom_us & @KeybaseIO I am extremely disappointed in your decision to ban the Open Source Hardware 3D Printed Firearm community from Keybase. This is an OSH project that in my experience is largely apolitical, free of extremism, and had no ties to recent events.
6
29
141
n00py retweeted
A story on how I gained RCE against Microsoft Exchange Online using CVE-2020-16875 and bypassed their patches twice over. Latest patch bypass is unpatched against on-premise deployments! Making Clouds Rain - Remote Code Execution in Microsoft Office 365: srcincite.io/blog/2021/01/12…
12
372
776
Omg we did it! 🤩 Thanks to the community feedback (and ya, bad press) Apple decided to remove the ContentFilterExclusionList (in 11.2 beta 2) Means socket filter firewalls (e.g. LuLu) can now comprehensively monitor/block all OS traffic!! Read more: patreon.com/posts/46179028
In Big Sur Apple decided to exempt many of its apps from being routed thru the frameworks they now require 3rd-party firewalls to use (LuLu, Little Snitch, etc.) 🧐 Q: Could this be (ab)used by malware to also bypass such firewalls? 🤔 A: Apparently yes, and trivially so 😬😱😭
Show this thread
20
473
1,394
Nice phishing email I just received. I like the green safe senders bar they added.
1
3
17
n00py retweeted
My write-up for the SANS #HolidayHack challenge is now available. @KringleCon 3: French Hens. 🐔 PDF here📄: jaiminton.com/assets/PDF/Kri… Post here📝: jaiminton.com/HHC/2020/ Another year, another great learning opportunity as always. Thanks again @edskoudis and team!
3
7
50
n00py retweeted
Just released a new @OutflankNL Cobalt Strike BOF project which uses direct system calls to enumerate processes for specific loaded modules or process handles. E.g. to find open handles to LSASS or processes with CLR loaded for execute-assembly spawnto. github.com/outflanknl/FindOb…
2
111
229