Mike Weaver

Are you joining us for RedRocks?! Buy tickets here: buff.ly/46z0hQ1 Wanna speak? Call for Content ends this Thursday, 11/9!

@dgi_DE @defcon I missed the demo room too. Way more people in line that there were seats. Glad to see such excitement around very cool projects!

Many thanks to everyone that attended my @DEFCON 31 demo and talk! The interest in the demo was exceptional and I am sorry for everyone that could not join the demo on Friday due to overcrowding. Also, I was really impressed how full the room was on a Sunday morning at 10am :)

Finished in 1st place at the Red Team CTF @ #DEFCON 31. @RedTeamVillage_ Started off playing the event solo, but I was joined in the finals by my fellow teammates from Team Europe, @sijsu and @s3np41k1r1t0 to get the win. Thank you ThreatSims and @hackthebox_eu for the event!

Snake Yara detections have been added to MemProcFS memory forensics! Detect snake implants and other evil (such as cobalt strike) in notime with MemProcFS FindEvil! Thank You @msuiche 💙 github.com/ufrisk/MemProc…

Can't wait to see everyone on Friday for LinuxCTF at @801labs #linux #ctf #dc801

Join me next Friday at @801Labs for LinuxCTF! meetup.com/801labs/events…

@hashtopolis To learn a bit more about it, take a look at this reddit post: reddit.com/r/codes/commen…

If you hadn't heard about this: There is a debug build of some OG Xbox game that was found in an encrypted RAR. This password only took the small community less than a week to crack. The @hashtopolis server peaked at 7517.92kh/s. That's equivalent to 75 Nvidia 3090 GPUs.

@BsidesSLC Who is teaching this one?

Workshop highlight: Intro to Web App Pentesting with Burp. Join us for this hands-on training, where we will walk you through how to use Burp Suite in common scenarios to pop your first shells on a remote web server! Tickets: buff.ly/40lVAqz

Join us in Moab Jun 23rd! eventbrite.com/e/hackercamp-9…

Today, I went looking for love 💕🥰 I ended up finding (what appears to be) a new macOS backdoor/updater component: 'iWebUpdate' ...which has been around, undetected for 5 years! 🍎👾👀 Read: "Where there is love, there is ...malware?" objective-see.org/blog/blog_0x72…

📚 FREE Offensive Security & Reverse Engineering Course 🗒️ Slides github.com/ashemery/explo… 🧪 Labs github.com/ashemery/explo… 📺 Videos youtube.com/playlist?list=… By @binaryz0ne #infosec #cybersecurity #pentesting exploitation.ashemery.com

@defcon The end result was this! We successfully MITM-ed the badge communication and were able to reverse engineer the badge-badge communication. We were then able to emulate the badges with Python.

#defcon #badgelife #defcon29

See you in Moab folks. Mark your calendars for June 23rd-25th!🔥

CircleCI Security Alert [4 Jan. 2023] We strongly recommend all CircleCI customers rotate secrets stored on our system. Read more: circleci.com/blog/january-4…

The @lmgtfy site is currenty dead. Their cert expired on Nov 21 and they use HSTS. An era has ended.... or has it? Let's hope it comes back soon.

@Zevlag @bettersafetynet It's Intel based and not a ton of cores.

@bettersafetynet I think @_bashNinja might have found a good small for factor proxmox box.

Hey PC makers out there... I'd love to have an AMD Threadripper based NUC sized (6"x6"x3" or thereabouts) sized system. Ideally with 128 GB RAM. No need for fancy GFX. Basically I need a baller ProxMox system that is *ultra* portable. Any ideas?

I wrote an IDA plugin that queries #ChatGPT and explains decompiled functions. It's still very bleeding edge, but you can find the code here and try it out: github.com/JusticeRage/Ge… (Yes, the video was performed on a very basic case for simplicity's sake.)

I'll be teaching this tonight. Should be fun. Everyone will be able to walk away able to scan for this exploit in their environment and then show how it can be weaponized to help give you the ability to patch for it.