.
JaeRyoung Oh

JaeRyoung Oh

@h4z3dic

Tweets30.3k
Followers683
Following2.2k
Likes199

Blackfort Security, Inc. Co-Founder & CEO

Seoul
Joined on June 2009

Statistics

We looked inside some of the tweets by @h4z3dic and here's what we found interesting.

Inside 100 Tweets

Time between tweets:
56 minute
Average replies
1
Average retweets
67
Average likes
171
Tweets with photos
50 / 100
Tweets with videos
0 / 100
Tweets with links
140 / 100

Last Seen Profiles

@_entanglements_ @_entanglements_
@dcobner @dcobner
@sezerruzun @sezerruzun
@MunCorpGurugram @MunCorpGurugram
@Antsysh @Antsysh
@creepiepanda @creepiepanda
@0bhkgv @0bhkgv
@turbula @turbula
@BDBicer @BDBicer
@nuriyeongor @nuriyeongor
@ileri_kayra @ileri_kayra
@NataliaZard @NataliaZard
@uk_yildiz @uk_yildiz
@FitSidney @FitSidney
@dJDEEPOISE @dJDEEPOISE
@Ali_hsen_kurdi @Ali_hsen_kurdi

WMI 101 for Pentesters by @OsandaMalith https://www.ethicalhacker.net/features/root/wmi-101-for-pentesters/ 

1
7
35

CVE-2020-0688 - Exchange Server - https://github.com/random-robbie/cve-2020-0688  https://github.com/Ridter/cve-2020-0688  https://github.com/Jumbo-WJB/CVE-2020-0688  https://github.com/Yt1g3r/CVE-2020-0688_EXP 

0
9
18
Catch a sneak peek via @44CON of Max Kamper's upcoming HeapLab GLIBC Exploitation class at #44Con in March.  https://youtu.be/s-GJ-buCGio Then join Max at #Ringzer0 in August to learn over 11 different heap exploitation techniques ⚡️http://bit.ly/ringzero-heapexploitation …

Catch a sneak peek via @44CON of Max Kamper's upcoming HeapLab GLIBC Exploitation class at #44Con in March. https://youtu.be/s-GJ-buCGio 

Then join Max at #Ringzer0 in August to learn over 11 different heap exploitation techniques ⚡️ http://bit.ly/ringzero-heapexploitation 

0
6
6
Sentinel-ATT&CK v.1.2 released! This version brings huge additions to the #ThreatHunting workbooks. @olafhartong's amazing threat hunting drilldowns from his Splunk app have been ported to #AzureSentinel 🚀🚀🚀Find out more: https://github.com/BlueTeamLabs/sentinel-attack … and https://github.com/BlueTeamLabs/sentinel-attack/wiki/Deploying-hunting-workbooks …

Sentinel-ATT&CK v.1.2 released! This version brings huge additions to the #ThreatHunting workbooks.

@olafhartong's amazing threat hunting drilldowns from his Splunk app have been ported to #AzureSentinel 🚀🚀🚀

Find out more: https://github.com/BlueTeamLabs/sentinel-attack  and https://github.com/BlueTeamLabs/sentinel-attack/wiki/Deploying-hunting-workbooks 

1
84
171

A collection of several IOT/firmware fuzzers, https://github.com/zyw-200 

0
28
79
New #ATM #Malware for your zoo. No AV-detection so far. First uploaded to VT in December 2019 from Brazil. #YARA rule is here: https://raw.githubusercontent.com/fboldewin/YARA-rules/master/ATM.Malware.DispCashBR.yar … Hash 7cea6510434f2c8f28c9dbada7973449bb1f844cfe589cdc103c9946c2673036 #DFIR

New #ATM #Malware for your zoo. No AV-detection so far. First uploaded to VT in December 2019 from Brazil. #YARA rule is here: https://raw.githubusercontent.com/fboldewin/YARA-rules/master/ATM.Malware.DispCashBR.yar  Hash 7cea6510434f2c8f28c9dbada7973449bb1f844cfe589cdc103c9946c2673036 #DFIR

4
58
110
A post-exploitation powershell tool for extracting juicy info from memory.#infosec #pentest #redteam https://github.com/putterpanda/mimikittenz …

A post-exploitation powershell tool for extracting juicy info from memory.

#infosec #pentest #redteam
https://github.com/putterpanda/mimikittenz 

6
296
783
Want to start to fuzz like a boss?--> Materials of the "#Fuzzing with #AFL" workshop - An excellent intro ! by @michael_macnair Material: https://github.com/mykter/afl-training …Slides: https://drive.google.com/file/d/1g78GgmMtxn_Aei2L1K6UzaCQmjaqiUNj/view?usp=sharing …

Want to start to fuzz like a boss?
--> Materials of the "#Fuzzing with #AFL" workshop - An excellent intro ! by @michael_macnair
Material: https://github.com/mykter/afl-training 
Slides: https://drive.google.com/file/d/1g78GgmMtxn_Aei2L1K6UzaCQmjaqiUNj/view?usp=sharing 

1
167
421
A bit deeper dive into containers. We look at some Linux Kernel sources and learn about the nsenter command.https://www.youtube.com/watch?v=sHp0Q3rvamk …

A bit deeper dive into containers. We look at some Linux Kernel sources and learn about the nsenter command.

https://www.youtube.com/watch?v=sHp0Q3rvamk 

5
58
312
In the early days of #bugbounty I always had a hard time with massDNS to use it effectively on a daily basis and always wanted something around it to make the process simpler and finally, at @pdiscoveryio we are open-sourcing #shuffleDNShttps://github.com/projectdiscovery/shuffledns …#bugbounty

In the early days of #bugbounty I always had a hard time with massDNS to use it effectively on a daily basis and always wanted something around it to make the process simpler and finally, at @pdiscoveryio we are open-sourcing #shuffleDNS

https://github.com/projectdiscovery/shuffledns 

#bugbounty

6
140
387
I recently ported @osxreverser excellent UEFI DXE emulator to Windows. Now you can build the emulator from within VS and then use it to trace through your favorite DXE-phase driver.https://github.com/assafcarlsbad/efi_dxe_emulator …Contributions are welcome 🙂

I recently ported @osxreverser excellent UEFI DXE emulator to Windows. Now you can build the emulator from within VS and then use it to trace through your favorite DXE-phase driver.

https://github.com/assafcarlsbad/efi_dxe_emulator 
Contributions are welcome 🙂

0
30
69

Tool Release: Pleased to announce @gadhiyasavan’s tool UDP-Hunter which quickly scans for UDP services along with guidance as to what can be done with those open ports. PS: works for IPv4 and IPv6. Blogpost: https://www.gadhiyasavan.com/2020/02/udp-hunter.html  & Code: https://github.com/NotSoSecure/udp-hunter 

0
55
98
Small @GHIDRA_RE script that colors executed instructions to ease the debug procedure. Hope soon will add regs state to it :))https://github.com/alephsecurity/general-research-tools/tree/master/ghidra_scripts/ColorInstructions …

Small @GHIDRA_RE script that colors executed instructions to ease the debug procedure. Hope soon will add regs state to it :))
https://github.com/alephsecurity/general-research-tools/tree/master/ghidra_scripts/ColorInstructions 

0
17
51
YARA rule to detect Exchange servers vulnerable to CVE-2020-0688Rulehttps://github.com/Neo23x0/signature-base/blob/master/yara/vul_cve_2020_0688.yar …Blog post by @thezdihttps://www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys …

YARA rule to detect Exchange servers vulnerable to CVE-2020-0688

Rule
https://github.com/Neo23x0/signature-base/blob/master/yara/vul_cve_2020_0688.yar 

Blog post by @thezdi
https://www.thezdi.com/blog/2020/2/24/cve-2020-0688-remote-code-execution-on-microsoft-exchange-server-through-fixed-cryptographic-keys 

1
121
241

📝New Research: "Weaponizing a Lazarus Group Implant": https://objective-see.com/blog/blog_0x54.html 

On repurposing Lazarus APT group's (🇰🇵) 1st-stage implant, to execute custom 2nd-stage payloads directly from memory! 😁😈

....also @cylanceinc code (ab)used in the malware?! 😂

1
83
158

Set up your own #Malware analysis lab with VirtualBox, INetSim and Burp https://blog.christophetd.fr/malware-analysis-lab-with-virtualbox-inetsim-and-burp/ 

1
89
241

Multiple Ways to Exploit Windows Systems using Macros https://www.hackingarticles.in/multiple-ways-to-exploit-windows-systems-using-macros/ 

0
27
63

BlueGate vulnerability internals (CVE-2020-0609 & CVE-2020-0610)
https://blog.rop.la/en/vulnerabilities/2020/02/25/bluegate-internals.html 

0
18
45

I will be releasing my tool at @nullcon

https://nullcon.net/website/goa-2020/ammo/chirag-savla.php 

#infosec #Nullcon2020 #redteam #csharp

4
11
50

FRIDA-DEXDump - a simple script to search & dump dex file on memory
#MobileSecurity #AndroidSecurity https://github.com/hluwa/FRIDA-DEXDump 

0
48
83
Next Page