I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange
Orlando, FL
Joined November 2008
- Tweets 19,311
- Following 237
- Followers 13,672
- Likes 12
Hal Pomeranz retweeted
Bullies and abusers take advantage of power dynamics in terms of job position, social capital, and societal biases.
11
35
2
471
Hal Pomeranz retweeted
Could Unix Happen Today? Brian Kernighan Looks Back … and Forward ift.tt/WokIq5S
2
1
Hal Pomeranz retweeted
The results are in! We're proud to announce the Top 10 Web Hacking Techniques of 2021!
portswigger.net/research/top…
6
376
16
805
Hal Pomeranz retweeted
Keys for Egregor, Maze, and Sekhmet ransomware have been released. I always advise clients who don't pay to keep your encrypted data as long as the decrypted data would still provide any value. This is why. bleepingcomputer.com/forums/…
6
24
Hal Pomeranz retweeted
Paging @Ben0xA....
Has anyone done active deception by replacing the whoami binary w/ a Rick roll that alerts the SOC when run on systems that don't tend to have admins that would regularly use whoami?
3
5
27
Hal Pomeranz retweeted
Introducing my new, tweetable universal Linux privilege escalation exploit:
$ alias whoami='echo root'
$ export PS1='# '
# whoami
root
120
520
62
3,670
Hey loan originator, I don't want to spend time working on our relationship goals right now. I just want you to quote me.
2
Wow. Feeling lonely? Start researching home refinance rates via the Internet. My phone has been blowing up all morning.
1
1
3
Thanks for the kind words, Tyler! Your check is in the mail…
Last week I took @hal_pomeranz Linux Forensics course on @Antisy_Training. Amazing course and well worth every cent. Highly recommended!
1
16
So let me get this straight, @McDonalds. The chicken is the “air” portion of this horror show?
4
1
2
15
Red Team is always learning from the Blue. All you Blue Teamers take note.
Finished @Antisy_Training workshop "Linux Forensics" with @hal_pomeranz. I've done forensics in Win, but this was my first time doing with Linux. As an offensive person, learning about the artifacts and things left behind by attackers in linux, has made more well-rounded. A++
6
25
Hal Pomeranz retweeted
Is it possible to start a process as SYSTEM using only CreateFile and WriteFile? Yes
Spoiler: Write a custom RPC client and create a temporary service using \\.\pipe\ntsvcs 🙂
x86matthew.com/view_post?id=…
13
316
1
917
GIF
Hal Pomeranz retweeted
One more I'll add: document who discovered each IOC and from where. The documentation often slows down jumping to conclusions and if you need to unravel a chain of false IOCs, it will be MUCH easier.
If you're investigating a security incident - do everyone a favor a ensure you do/don't do these two things.
DO read all the log events in their entirety
DONT make logic jumps assumptions to tie pieces of evidence together when there is no evidence.
You will save so much time.
2
17
Comment from one of my Linux Forensics students— “Goal: find someone who looks at me like Hal looks at Linux file systems 🙂”
2
1
42
Psst. Nobody tell Michael about the upcoming filesystem mounting challenge...
When my brain hurts, I know I've learned alot, and it's about to explode! Day 1 of @Antisy_Training course, Linux Forensics with @hal_pomeranz, was insane! Memory dumps with Volatility and more. Spotting adv. rootkits. Learning to be better at my Offensive, and still have 3 days!
1
4
I’m excited about this partnership and Spyderbat’s technology. If you have significant Linux infrastructure, you should try out their product (for free)!
** Breaking News ** Spyderbat is pleased to announce Hal Pomeranz (@hal_pomeranz) joins our Board of Advisors, adding his Linux security expertise to help realize Spyderbat's truly game-changing technology. buff.ly/3uculkI
1
2
11
Hal Pomeranz retweeted
I'm happy to announce a new tool I just published: mandrake!
It's essentially a debugger written in Rust that'll execute shellcode (or part of an ELF binary), and output each instruction, in order, with registers/memory, as JSON
github.com/CounterHack/mandr…
4
56
2
135
Hal Pomeranz retweeted
It's practically hard coded into hacker DNA that forbidden knowledge is desirable knowledge.
image via @BrooklynBalmer
2
65
1
212
Hal Pomeranz retweeted
I post this regularly, and many express surprise.
This is the current childhood immunization schedule. Many childhood vaccines are three+ doses, sometimes a booster.
This is one reason why, unlike earlier centuries, we don't have cemeteries full of children. We've forgotten.
310
6,676
474
17,528
My first in-person training event since the pandemic started. Looking forward to being back in Omaha!
TRAINING: Today's feature is Introduction to Linux Forensics with the always awesome @hal_pomeranz!
Hal will provide the background and information to teach you to properly conduct Linux forensic examinations in this two-day hands-on course.
Register ➡️ kernelcon.org/training#linux…
2
5
13