Krzysztof Marciniak

248 posts

Krzysztof Marciniak

@__0kami

Security Consultant interested in Reverse Engineering, Binary Exploitation and much more. Co-founder of the Poznań Security Meetup. Coffee++

เข้าร่วม Ağustos 2016

234 กำลังติดตาม94 ผู้ติดตาม

Krzysztof Marciniak รีทวีตแล้ว

Alex Plaskett@alexjplaskett·31 Tem

🔥 Like Windows Kernel exploitation? Your in luck! 10 items of Windows kernel exploit research from 2020/2021 🧵

English

130

409

Krzysztof Marciniak รีทวีตแล้ว

b1ack0wl@b1ack0wl·1 Ağu

I accidentally found a 0day within the latest firmware (v6_211111) for the TP-Link WR940N this afternoon and was able to dev out a quick exploit. ♥️

English

140

861

Krzysztof Marciniak รีทวีตแล้ว

Cube0x0@cube0x0·24 Tem

When you spend 2-months of your private time writing a full-featured C2 framework including C++ GUI, Backend, and a C++ PIC agent with custom functions only to end up clueless about what to do with it

English

154

1.1K

Krzysztof Marciniak รีทวีตแล้ว

Stephan Berger@malmoeb·25 Tem

1/ In one ransomware case, the attackers started an EXE file that dropped the vulnerable GIGABYTE driver to C:\Windows\System\gdrv.sys. The TA used the vulnerable driver to load a malicious driver as a kernel driver, who hunted and killed Symantec processes. 🧵 #CyberSecurity

English

252

706

Krzysztof Marciniak รีทวีตแล้ว

Nasreddine Bencherchali@nas_bench·19 Tem

A new Sigma rule to detect this new UAC bypass technique and a generic one to detect DLL side loading were added to the public repo. LINK - github.com/SigmaHQ/sigma/…

English

Krzysztof Marciniak รีทวีตแล้ว

Nader Zaveri@NaderZaveri·24 Tem

At @Mandiant we have put together a vulnerable-by-design Azure Lab to test your red team attacking and blue team detecting capabilities. Access the lab and instructions here: github.com/mandiant/Azure… #redteam #blueteam #Azure #azureAD #Pentesting #cloud #cloudsecurity

English

313

813

Krzysztof Marciniak รีทวีตแล้ว

Stolas@binpwn·25 Tem

Idk, but the happiness when I see I have code exec is so much greater then when I pop calc.

English

Krzysztof Marciniak รีทวีตแล้ว

Ivan Kwiatkowski@JusticeRage·25 Tem

New blog post about an UEFI firmware bootkit! securelist.com/cosmicstrand-u… Research was led by our dearly missed @_marklech_

English

122

253

Krzysztof Marciniak รีทวีตแล้ว

MDSec@MDSecLabs·25 Tem

In part 2 of the How I Met Your Beacon series, we look at some strategies for detecting Cobalt Strike mdsec.co.uk/2022/07/part-2… by @domchell

English

125

296

Krzysztof Marciniak รีทวีตแล้ว

Doug Bienstock@doughsec·24 Tem

🎉 This is a huge feature all orgs should be using. All of my recent M365 IRs (BEC, UNC and APT) have started with the TA registering the first MFA for a dormant 😴 account. #dfir #microsoft365

Merill Fernando@merill

A neat capability you unlock with combined registration is that you can now use conditinal access policies to control access to this page. For example you can limit MFA config to just trusted devices and locations or block access from countries where you don't have users.

English

131

Krzysztof Marciniak รีทวีตแล้ว

Tom Stokes@tomstokes·18 Tem

Close-up of the edge of a 35mm film print. Every last bit of space is used for audio data: Left: Sony Dynamic Digital Sound (SDDS) Between sprocket holes: Dolby Digital Waveform pairs on the right: Analog optical sound Right dashed lines: DTS time codes

English

260

1.2K

Krzysztof Marciniak รีทวีตแล้ว

Karsten Hahn@struppigel·25 Tem

Microsoft signed rootkit #FuRootkit 🌳 Created and submitted in May, still only 4/10 \\Device\\Projector_Pro1_deviced 🧬analyze.intezer.com/analyses/337ed… 🕵️virustotal.com/gui/file/0f5e3…

English

245

Krzysztof Marciniak รีทวีตแล้ว

diversenok@diversenok_zero·25 Tem

Welcome the new version of Token Universe - an advanced tool for experimenting with Windows security mechanisms! 🎉🌟 It supports viewing, creating, impersonating, and modifying access tokens, spawning processes, and much more. github.com/diversenok/Tok…

English

156

459

Krzysztof Marciniak รีทวีตแล้ว

Azeria@Fox0x01·23 Tem

I just found my first ever tweet (2015) and I’m not disappointed.

English

289

Krzysztof Marciniak รีทวีตแล้ว

ςεяβεяμs - мαℓωαяε яεsεαяςнεя & мαℓωαяε gεиεтιςιѕт@c3rb3ru5d3d53c·13 Tem

#Malware Code Challenge - What does it do?

ςεяβεяμs - мαℓωαяε яεsεαяςнεя & мαℓωαяε gεиεтιςιѕт tweet media

English

173

Krzysztof Marciniak รีทวีตแล้ว

Frank Boldewin@r3c0nst·26 May

#VMWARE #ESXi OpenSLP heap-overflow CVE-2021-21974 walkthrough + poc straightblast.medium.com/my-poc-walkthr… github.com/straightblast/…

English

105

242

Krzysztof Marciniak รีทวีตแล้ว

Marco Grassi@marcograss·19 May

#over-the-air-baseband-exploit-gaining-remote-code-execution-on-g-smartphones-23199" target="_blank" rel="nofollow noopener">blackhat.com/us-21/briefing… me and @0xKira233 at @BlackHatEvents - @keen_lab

English

239

Krzysztof Marciniak รีทวีตแล้ว

vessial@vessial·18 May

triggered Qualcomm QMI to baseband heap overflow vulnerability on my mi9 pro 5G based on checkpoint reported CVE-2020-11292

Zhejiang, People's Republic of China 🇨🇳 English

202

Krzysztof Marciniak รีทวีตแล้ว

Denis Skvortcov@Denis_Skvortcov·18 May

I’ve written my first blog post - write-up for CVE-2021-23874! How to enumerate COM-objects attack surface, explore implemented functionality and exploit it the-deniss.github.io/posts/2021/05/…

English

155

346

ค้นพบ

@Mandiant @_marklech_ @domchell @0xKira233 @BlackHatEvents @keen_lab @elonmusk @BarackObama