I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange
Orlando, FL
Joined November 2008
- Tweets 19,311
- Following 237
- Followers 13,672
- Likes 12
Hello Chicago, you toddlin’ town. Spending the week on the Riverwalk and free most evenings if folks want to meet up.
Hal Pomeranz retweeted
Whatever today holds for you, may you be well-prepared to meet it, and be well-supported by people who wish you health & happiness in doing so.
Here’s a well-wish from me, to start.
Go get ‘em, tigers!
#MondayMotivation
3
4
46
Hal Pomeranz retweeted
Folks, I am teaching my next Pay What You Can class next week. It is SOC Core Skills.
Please share with someone who is trying to get into security.
antisyphontraining.com/soc-c…
Thanks!
19
314
25
701
Hal Pomeranz retweeted
and then we looked
into /proc
there was a /proc/lobster
/PROC/LOBSTER
/PROC/LOBSTER
23
199
8
1,223
Oh I like this very much!
6
13
Hal Pomeranz retweeted
"Arguing on social media is a sign of weakness."
Great quote!
Leave the trolls be. Proper debate is different, but easy to devolve. Be careful. Don't get sucked in.
2
1
12
Hal Pomeranz retweeted
This is the deep truth.
Get some basic tools and administer the shit out of them.
These companies you lionize have all that cool shit you dream of – that nobody even knows how to use.
I can tell you this and you trust me but until you see it in real life you do not understand. You just don't. You will.
1
18
Hal Pomeranz retweeted
The 10th annual @volatility plugin contest is now open! Submissions are due December 31st, and thousands of dollars in prizes will be awarded!
#DFIR #infosec
The 10th annual @volatility #PluginContest is officially OPEN! Gain visibility for your work and have a chance to win cash prizes! Submission deadline: 31 December 2022. Read the contest announcement here: volatility-labs.blogspot.com…
#dfir #memoryforensics
6
6
Hal Pomeranz retweeted
I’m no monster, so I won’t make you wait in fervent anticipation for the debut post discussing a popular technique in local linux kernel priv escs: overwriting modprove_path 😇
sam4k.com/like-techniques-mo…
1
13
42
Hey Chicagoland friends, I’ll be in town next week working for a client in the Loop. Evenings should be free if anybody is down for a meet-up.
Hal Pomeranz retweeted
Why are people from Norway so good at editing files in Linux?
Their ancestors are vi-kings.
215
1,477
166
9,558
Hal Pomeranz retweeted
This is amazing.
My student @h3xduck spent the last few months studying offensive capabilities enabled by eBPF. I helped him design and write a Linux eBPF rootkit with some cool features. Meet TripleCross! /1
github.com/h3xduck/TripleCro…
7
31
Hal Pomeranz retweeted
☆。 🔐。 ☆ 🔐
。☆🗝☆🗝☆
🔐。\|/。🔐
if you liked it
then you should
have put some
crypto on it
🔐。/|\。🔐
。 ☆🗝☆🗝☆
☆。 🔐。 ☆ 🔐
51
95
12
533
Hal Pomeranz retweeted
I really hated Linux auditing until I found this. Couple it with Laurel and it becomes really easy to ingest these types of logs. Best of all, logging on linux is so rare most adversaries won't see it coming and get caught instantly. Demo here: youtube.com/watch?v=lc1i9h1G…
For #auditd on #Linux you can use my best practice auditd configuration, which is still actively maintained and gets frequent updates via PR
If you've found ways to improve it, please provide them as pull request to help everyone else
github.com/Neo23x0/auditd
9
133
3
509
Happy Bobby Bonilla Day to all the Mets (and Orioles) fans out there! nypost.com/2022/07/01/happy-…
