JMP RSP

@jsecurity101 @_xpn_ Exactly this! The ROI on c2 detections is super low. You need a lot of data, a lot of time and detection effort, and still are guaranteed to miss a lot of things. Detecting bad behavior has a waaay bigger ROI.

Detection has to move off of brittle C2 detections. Detect behaviors. I’m sorry but Merlin, Havoc, etc isn’t special. C2s are just containers to execute actions. Service creation is service creation. Process injection is process injection. The list goes on.

Sponsor Spotlight | @falconforceteam We would like to thank FalconForce for being a Silver Sponsor for Deadwood 2023! Check out all about their company and services here: falconforce.nl/?utm_campaign=…

@Flangvik @HackingLZ Congrats man! Epic car 😎

Might have to ask that AI to generate me some GODLIKE arguments if I’m ever to convince my misses i am keeping it 😂😂#PLAID trackday Norway in the near future @HackingLZ ?

Having an implant running undetected on an edr protected machine is all cool, but detecting TAs is just ~20% about detecting their implant. Detecting the stuff they do with their implant is what matters way more. Local priv esc, cred dumping, lateral movement, etc. Just saying 🤷‍♂️

@N7WEra @Jean_Maes_1994 #expats" target="_blank" rel="nofollow noopener">expatica.com/pt/finance/tax… 🤷‍♂️ Tl;dr very low tax rates for expats.

@Jean_Maes_1994 What’s wrong with Belgium? :X

Well it's official filled in the paperwork to change tax residency from Belgium *BOO* to Portugal *ayyyyy* in 2023. Cya Belgium, you will not be missed xoxo

@GayzeMay I’m still waiting for @KLM to respond. Same ‘no response’ on social media…

Hey @KLM, i’m waiting for 6 months already for a claim to be handled. Don’t you think it’s about time to fix this? Already called you a few times and you keep saying ‘it’s busy’. So taking the shaming route now…

@KwyjiboUK @UK_Daniel_Card @LisaForteUK @AppSecBloke @brechtcastel does this kind of magic as well.

Cyber friends, I need your help to locate a missing person. They sent this photo at 5:30 this morning, maybe in the mid Kent area. There's awesome folks in the hacking community that can pinpoint stuff like this.@UK_Daniel_Card @LisaForteUK @AppSecBloke any ideas who can help?

@pati_gallardo Build a random go project as lib and statically link into your project? 🤷‍♂️😋

@yarden_shafir Red and black trees with a few green nodes?

Getting into this field I thought I'd be doing cool hacker shit but instead I'm sitting here reading about the differences between different types of binary trees

Does anyone have a working .NET core gadget for a deserializing vulnerability with json.net? The documented .NET framework gadgets don’t work in core. #SharingIsCaring

@ChenCravat / Raymond Chen is a genius! Every time i encounter something weird in windows, he has documented it 10+ years ago 🤷‍♂️😎

It’s #FalconFriday and summer is here! Take a refreshing dive into our newest blog, where we will shed some light on how Certipy and Rebeus work with UnPAC-the-hash and shadowing creds, and how to detect these techniques with our free #Kusto detections. medium.com/falconforce/fa…

@n0x08 It’s more nuanced! Dependens on country/airport. Amsterdam allows you to leave everything in your bag. While many other eu airports require you to take stuff out. US is famous for shoes off, but was flying from SAN recently, and was allowed to leave liquids in the bag go figure🤷‍♂️

@alisaesage Just wanted to say thanks for offering 10 spots for free for those who’re not fortunate enough to have an employer pay for it.

Okay all, you win. I reserved 10 seats in the 4-day online class at the price 1500 Euro, only for those who are eager to make the most of it. How to ask: write a comment here explaining why you think you're the right person to get it. Keep DM opened so I could send you the link

@chvancooten @olafhartong @DebugPrivilege @DebugPrivilege no pressure…👀👀 when do you want to drop by? We’ll still off you a drink if you don’t want to share - promise!

@0xffhh @olafhartong @DebugPrivilege I'll suit myself to @DebugPrivilege's agenda 😁

Does anyone know what the status is of API Monitor? Is in dead? Will it ever get an update or be open sourced? I have so many usecases and/or feature requests…🤯 Cc: @rohitab

@chvancooten @olafhartong @DebugPrivilege Awesome! Can you forward me the invite as well, so I can make sure to be there? 😋 (i.e. when do you want to drop by?)

@olafhartong @0xffhh @DebugPrivilege I hereby invite myself kthx

@tijshofmans @defcon Check! Ik ben er + nog stapel collega’s.