Julian

"It's the duty of every citizen to stick a finger into big brothers eye!" - Dr Richard Stallman #appseceu

@securityweekly @SW_Samii Perfect! Maybe you could drop me a message. After recouping as far as Vegas lets you ;)

@xs3cure You could ping @sw_samii AKA "just ask Sam" and she should be able to help you out with that ;) just give her some time to recoup from Vegas first!

@securityweekly how do I get 'Hack Naked' - stickers in germany? I need them for .... reasons. :D

Dschingis Khan organized his troops without using IDs, while still having an overview over every asset he owns, thus creating the first MongoDB in history.

Hey hackers! You get a low priv shell on a linux box. 🎉😀 You have 10 minutes before blue detects you. ⏱🥶 After you've done the quick & basic whoami/pwd type stuff... 🐣🐒 What are any TWO of the next ten commands you run to get the most gains/enum in your 10 minutes? 🗜🤑

Copy your payload into %userprofile%\AppData\Local\Microsoft\Teams\current\ Then %userprofile%\AppData\Local\Microsoft\Teams\Update.exe --processStart payload.exe --process-start-args "whatever args" Trusted signed binary will run the payload for you 😊 #RedTeam #Pentesting

Tech buzzwords explained: AI- bunch of IF statements Blockchain- database Cloud- Somebody else’s computer IoT- Internet of Toasters Big data: Slightly too tedious for MS Excel. Data science: MS Access. Algorithm: Probably something about terrorists.

Das P-NP Problem, ordentlich syncbare Kalender und funktionierende Software für Videotelefonie. Die drei großen, ungelösten Probleme der Informatik.

I wrote a small scanner utility to check if systems are vulnerable to CVE-2019-1040, the NTLM Mic vulnerability that allows for Active Directory takeover. Published here: github.com/fox-it/cve-201…

Without field research, it's difficult to get an accurate picture of user workflows.

And here's "Sekurŝranko", a Threema Safe backup server written in Rust 🦀 github.com/dbrgn/sekursra…

Symlinks.

This is bad: even LESS(1) is affected by CVE-2018-19409.

TIL : Chrome has a remote debugging port ... that will give you ALL THE COOKIES without even considering who you are. Great writeup : mango.pdf.zone/stealing-chrom… ... TL;DR Trust boundaries are a thing. Data crosses a trust boundary? You got risk.

No matter how often you do it: when a regex finally works, it always looks like witchcraft.

If you are a new programmer I just want you to know me and all of my colleagues with years of experience Google the most basic things _daily_

Kollege: "Das Problem sitzt meist 30cm vor dem Bildschirm." "Und verstößt damit grob gegen die Bildschirmarbeitsverordnung (BildscharbV). Vorgeschrieben sind 60-70cm!"

Let’s play a game: what is the deadly bug here?