Meese Enterprises

Performance improvements and other features may come down the road, but this was an essential for some internal development first.

Today we released fierce3, a modernized version of the fierce CLI tool. Functionality should be identical, just add the 3 to the end of all existing commands and look at it go! github.com/meese-enterpri…

Big things ahead @supabase 🤫

The U.S. Secret Service has announced that, following a monthlong investigation, it has carried out an operation which resulted in the dismantling of a network consisting of more than 300 SIM Servers and 100,000 SIM Cards at multiple sites across New York and New York City, all within a 35-mile radius of this week’s United Nations General Assembly.  According to officials, the network could interfere with emergency response services, conduct encrypted communication, jam cellular networks in New York, as well as disrupt official communication from and eavesdrop on the U.N. General Assembly, capable of sending over thirty-million text messages per minute, anonymously. The official said the agency had never before seen such an extensive operation. The Secret Service believes that the scale of the equipment discovered suggests the network could be part of a nation’s surveillance operation, with initial analysis of the data on some of the SIM Cards having identified ties to at least one foreign nation, as well as links to criminals, including the members of Cartels, already known to be operating in the United States. Cybersecurity experts have stated that only a handful of countries could pull off such an operation, including Russia, China and Israel.

Normalize research that takes place simply for the love of the game

Simplicity is a core tenant of all quality software

Why can AIs code for 1h but not 10h? A simple explanation: if there's a 10% chance of error per 10min step (say), the success rate is: 1h: 53% 4h: 8% 10h: 0.002% @tobyordoxford has tested this 'constant error rate' theory and shown it's a good fit for the data chance of success declines exponentially

Just made a Medium post on setting up Security Onion in Proxmox, I had some difficulties the first time so I hope this can help others avoid the same hurdles: medium.com/meese-enterpri…

Following up on this, I found another instance of the campaign yesterday and tracked down the IOCs. There is a lot of overlap, so it is likely being run by the same actors. x.com/ValidinLLC/sta…

Very interesting article in the #WSJ yesterday, it highlighted the work of "Metalplant" and their efforts to farm nickel using species of plants. Super interesting mission, worth a look for anyone interested in sustainable mining: metalplant.com

Today, @ajmeese7 breaks down a malicious redirection campaign, showing the tools and process used to connect to #ApateWeb, originally reported by @Unit42_Intel. You can follow his process and review his findings with thousands of indicators here: validin.com/blog/malicious…

This has the potential to be HUGE

Fantastic write-up by Microsoft on the creation and spread of Adversary in the Middle (AiTM) attacks, definitely recommend for anyone in an IT field: microsoft.com/en-us/security…

Fantastic read, seeing the creativity of independent devs on side projects like this is amazing! tinyprojects.dev/projects/mailo…

it's just sending one json from one service to another how hard can it be?

We revamped an aria2 file parser during our participation in the NCL 2023 game, now it's much more user friendly and provides additional information on the file's contents! Check it out below: github.com/meese-enterpri…

We're going to start posting open source Yara rules whenever we come across malicious traffic on our servers that's able to be fingerprinted. Stay tuned, and let us know your thoughts!

Just published a blog post on hunting down vulnerable Parallels Plesk Panel instances, use it to check your own company's infrastructure or to look for possible bug bounty targets! blog.meese.enterprises/exploiting-par…

New/Revamped #batch file deobfuscator in town! github.com/TargetPackage/… Nice job @ajmeese7. #deobfuscation cc: @dr4k0nia @herrcore @huettenhain

Developed this when I encountered a sophisticated sample using `%=exitcodeascii%` with subshells for obfuscation, and it works like a charm so far! Give it a look and share any thoughts, I'm opening to adding any missing functionality.