Darren McDonald

105 posts

Darren McDonald

Darren McDonald

@R3n5k1

Currently into Rust, phishing, redteaming, and hardware.

London, UK Katılım Eylül 2011
96 Takip Edilen148 Takipçiler
Darren McDonald retweetledi
AmberWolf
AmberWolf@AmberWolfSec·
AmberWolf and @MDSecLabs are jointly disclosing technical details on CVE-2026-40639, a weakness found in how some Dell platforms store BIOS passwords.
English
1
9
23
2.9K
Darren McDonald
Darren McDonald@R3n5k1·
@abubakar_AIE @Fried_rice You didnt need to wait for the leak to do this. Its a client app, the code was always on your hard drive. People have been reading and modifying their Claude executable for months. Its not even compiled/decompiled C. It's literally javascript.
English
0
0
1
208
Darren McDonald
Darren McDonald@R3n5k1·
ebe03aece5de2239f878035866e388790c51ddb128eb7ce9833204c8fcd588a0 c34dd768764db06718b4df94b6df9b6d9a4d25cd146d0b59f8ccfeb319397bca af3de94412f6279ac85531b62a95aa426f05e3917ff17f4bf8e7c01e6e5f7a13 8e67aee7310678e7b0d55ddc17433e8fca0813f9423911954fe16ea23adc5664
Português
0
0
1
99
Darren McDonald
Darren McDonald@R3n5k1·
c7ca929278b6715ae82ca7a5c12f611cc1bc8b6c2542dbdee329ad1f6bff5bdd 23b6e279ab7942983928a1859d59f9541e4c5f95c7fb142ca2d4eea6e58f205a 06d51f77075a475e196ec9f13ce2c884bb96e6459b3e37cfcfebfe8f42604f85
HT
0
0
1
83
Craig S. Blackie
Craig S. Blackie@craigsblackie·
Managed to get BitPixie exploit working in VM and hardware with @R3n5k1 . Cool hack, specially with an fTPM.
English
1
0
4
121
Darren McDonald retweetledi
LaurieWired
LaurieWired@lauriewired·
shocking photo taken seconds before tragedy
LaurieWired tweet media
English
19
49
929
24.5K
BSides Basingstoke
BSides Basingstoke@BSidesBSK·
Friday 25th July, save the date 👀
English
5
13
23
3.3K
Luke Rogerson
Luke Rogerson@NullMode_·
My only measure of success is how many people I know start to say m8 on their own
English
2
0
3
331
Darren McDonald retweetledi
Luke Rogerson
Luke Rogerson@NullMode_·
Just released a few new courses - the start of my "Code Review & Architecture Fundamentals" series. 33% off on two of the courses until EOD 2nd Dec. Big thanks to @getCourseStack for their support in making this possible! 👉 ogsec.co.uk/2024/11/13/cod…
English
0
6
6
1.7K
Darren McDonald
Darren McDonald@R3n5k1·
We've been looking at FortiWeb Cloud IaaS WAFs. There's a very easy bypass which allows attackers passed all your logging and WAF rules if you've not implemented the origin lock feature. youtu.be/XtAOpiKu3u0?si…
YouTube video
YouTube
English
0
1
2
320
Darren McDonald
Darren McDonald@R3n5k1·
@NullMode_ Darren Dev mode: the function is about a thousand lines long but refactoring and splitting it up doesn't feel like progress. Eventually it's so complex that further work is impossible, only then finally I'll admit defeat and write something that resembles good code.
English
1
0
1
20
Luke Rogerson
Luke Rogerson@NullMode_·
Luke dev mode: Writing seemingly basic test A helper function would be good but it would be better to edit some actual code to support this 3 hours later still added more actual code
English
1
0
2
149
Darren McDonald retweetledi
Dmitrii Kovanikov
Dmitrii Kovanikov@ChShersh·
Docker is stupid. “Sorry, we can’t deploy a single statically linked executable of size 10 MB, so LET’S JUST SHIP GIGABYTES OF DATA CONTAINING AN ENTIRE OS WITH ALL DEPENDENCIES FOR EVERY SINGLE SERVICE”
English
538
368
8.2K
910.4K
Rasta Mouse
Rasta Mouse@_RastaMouse·
Did you know that the AWS CLI tool stores your access and secret keys in plaintext? Because I sure as hell didn't.
English
18
12
162
38.5K
spencer
spencer@techspence·
There’s almost ZERO reason to ever include credentials in a pentest report. And in the small amount of cases where it’s useful to show poc or impact, they should always be properly redacted.
English
21
8
122
18.1K