Samuel Hunter

1.1K posts

Samuel Hunter

@Trowalts

Segfaulting through life

Within 30 hops Katılım Nisan 2009

701 Takip Edilen635 Takipçiler

Samuel Hunter retweetledi

Daniel Cuthbert@dcuthbert·19 Kas

In an age when most turn to LLMs to create content, it fills my heart with glee to see @thinkst using stunning photographs of Africa as taken by their people, for their 2025 Q3 report into the security research they love thinkst.com/ts/ Great paper. Great company

English

724

Samuel Hunter retweetledi

Grafana@grafana·26 Ağu

🔍 The placement of canary tokens across our systems helped us spot a recent intrusion and respond quickly. Learn more about canary tokens, and find out how you can use them to prevent serious security incidents in the future. grafana.com/blog/2025/08/2…

English

1.5K

Samuel Hunter retweetledi

_leon_jacobs(💥)@leonjza·19 Tem

If you're in Vegas next month for @defcon 33, come check out my main stage talk on Saturday 1630, Track 4¹ where I'll break my silence on this and some more shenanigans. :P ¹ #content_60380" target="_blank" rel="nofollow noopener">defcon.org/html/defcon-33…

Rasta Mouse@_RastaMouse

@leonjza getting a shoutout in this @GamersNexus video youtu.be/Vy_KWP04pfs?si… 👏🏻

English

4.9K

Samuel Hunter@Trowalts·13 Eyl

@leonjza

GIF

QME

_leon_jacobs(💥)@leonjza·11 Eyl

A sneak peek at the new gowitness v3 report server UI. Technically an optional feature, but that's no reason it can't also get an overhaul!

English

1.8K

Samuel Hunter retweetledi

_leon_jacobs(💥)@leonjza·11 Tem

We have a long history of yearly artworks @sensepost, and this year I got to carry the baton forward. I'm excited to reveal our 2024 artwork: "make pr's, not war". An art piece almost literally from my heart. 🧵

English

Samuel Hunter retweetledi

Aurélien Chalot@Defte_·5 Eki

So far this is probably the most redteam-ish research I have done. Hope it will be useful for your redteam delivery phases ;)!

Orange Cyberdefense's SensePost Team@sensepost

Cashing in on browser behaviour to silently download executable files. A blog post by @defte_: sensepost.com/blog/2023/brow…

English

10.2K

Samuel Hunter retweetledi

haroon meer@haroonmeer·31 May

Keeping up with security research is tough. Theres a bunch of noise (& not nearly enough signal). We release ThinkstScapes every quarter to help with this: Our picks of ~20-30 pieces of work that we found interesting (and why). Its worth checking out.. thinkst.com/ts

English

14.4K

Samuel Hunter retweetledi

Orange Cyberdefense's SensePost Team@sensepost·21 Nis

"Attack of the clones", or, read how Reino suppressed snitchware on a "suspense"-full red team by abusing a suspended Bitlocker state: sensepost.com/blog/2023/from…

English

22K

Samuel Hunter retweetledi

Quentin Rhoads-Herrera@paragonsec·27 Tem

This has been in the works for some time, and I am very excited to announce that @CharlesDardaman, @Trowalts, and I are starting our own company!

Vector0@Vector0Sec

Threats are everywhere, especially as attack surfaces continue to grow and evolve. We are proud to introduce our flagship product #DarkWave Attack Surface Management (ASM) which aims at protecting all your organizational assets and sensitive #data.

English

Samuel Hunter retweetledi

haroon meer@haroonmeer·17 Ara

Security papers/conferences are tough to keep up with. ThinkstScapes helps you with this by distilling and discussing talks that caught our eye for the quarter. Grab a copy, free at thinkst.com/ts (with no sign-up, and no paywall). twitter.com/ThinkstCanary/…

Thinkst Canary@ThinkstCanary

If you want some light(ish) reading (that doesn't mention Log4J at all) @JacobTorrey has released our Q4-Research-Roundup at thinkst.com/ts It's free, non-paywalled, covers over 300 confs and is a great read/listen. You can also (finally) subscribe to future releases.

English

Samuel Hunter retweetledi

Charl van der Walt 🌻@charlvdwalt·7 Kas

We're finishing work on our next 'Navigator' annual report. I'm excited about the chapter on cyber extortion and 'Routine Activity Theory'. I don't think anyone has done anything quite like this before, and I think it turned out pretty nicely...

English

Samuel Hunter@Trowalts·14 Eki

@dcuthbert Nooooo! You have to whisper it 3 times infront of a mirror.

English

Samuel Hunter retweetledi

Michael Kruger@_cablethief·16 Eyl

Awesome! My two tools berate_ap and wpa_supplicant have made it into Kali :D! kali.org/blog/kali-linu… My writeup from 2019 for some context: sensepost.com/blog/2019/peap…

English

Samuel Hunter retweetledi

Vlad@v1ad_o·13 Eyl

#CVE-2021-40444 for those that do not rely on IE JS, a simple temporary one-liner solution that should cover all scenarios - [ REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /t REG_DWORD /v 1400 /d 3 /f ] subj to IE zone policy management

English

Samuel Hunter retweetledi

AndrewMohawk⁽ⁿᵘˡˡ⁾@AndrewMohawk·31 Ağu

So I bought one of these to try take apart, I mean, its a safe.. for my passwords.. and it doesn't have a browser extension, even @taviso would approve

English

Samuel Hunter@Trowalts·20 Ağu

Multi-level Marketing - Ransomware edition

briankrebs@briankrebs

Scammers will try almost anything to get inside a company & launch ransomware. Apparently now that includes emailing employees directly & asking them to unleash ransomware inside their employer’s network in exchange for a percentage of any ransom paid. krebsonsecurity.com/2021/08/wanted…

Dansk

Samuel Hunter@Trowalts·19 Ağu

From tomorrow my age group is finally allowed to register to get a covid19 vaccine. I can't wait! staying up until 00:00 to get my registration in!!

English

Samuel Hunter@Trowalts·6 Ağu

Really enjoyed this talk, thank you for all the hard work and effort put into the explaining it so thoroughly @_cablethief and @singe!

Dominic White 👾@singe

🎉We're super excited to publicly release assless-chaps, our super fast MSCHAPv2 cracking tool github.com/sensepost/assl… Our DEF CON @rfhackers Village talk with @_cablethief & me explaining it is out youtube.com/watch?v=lm7Cuk… Our new hashcat modes 27000/27100 have been merged too!

English

Samuel Hunter retweetledi

Quentin Rhoads-Herrera@paragonsec·21 Tem

Put together a quick script that checks ACLs of hive files both on disk and in shadow copies, asks if you want to change ACLs or delete the shadow copies. It will only ask to delete shadow copies that are dangerous. #HiveNightmare #BlueTeam #redteamfit github.com/paragonsec/Hiv…

English

Samuel Hunter@Trowalts·16 Tem

@MegabitMeghan I've been using this as a pre-text for a phishing campaign for almost two years now, without a doubt it has been the most successful out of all the campaigns I've run. And yes @SlingRCX the doc payload on the landing page requires you to enable macros to "decrypt" ;)

English

Keşfet

@thinkst @defcon @leonjza @sensepost @CharlesDardaman @dcuthbert @taviso @_cablethief