Hal Pomeranz @hal_pomeranz

I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange

 Orlando, FL
deer-run.com/~hal/
Joined November 2008
  • Tweets 19,311
  • Following 237
  • Followers 13,672
228 Photos and videos
Load newest
Hal Pomeranz retweeted
Katie Nickels @likethecoins
7 Dec 2021
I'm hiring for three positions!! Check out the job descriptions and apply if you're interested. US-based candidates only. 1. Intelligence Analyst: jobs.lever.co/redcanary/4f56… 2. Manager, Intelligence: jobs.lever.co/redcanary/a740… 3. Senior Intelligence Engineer: jobs.lever.co/redcanary/bf6b…
12
98
8
182
Hal Pomeranz retweeted
Joseph Marks @Joseph_Marks_
6 Dec 2021
Tight reporting timeframes may also produce difficulties. “Smaller organizations will struggle to comply within the timeframes...Larger organizations may struggle to comply based on complexity of the investigation," said @k8em0
1
5
5
Company where a friend works is looking for a Senior Security Engineer care.com/vis/careers/job/363…
3
1
Let’s call the whole thing off?
1
Replying to @LitMoose @absolutez3
Likewise!
2
Hal Pomeranz retweeted
Chad Tilbury
 @chadtilbury
3 Dec 2021
The most important skill to ultimately learn in digital forensics is how to research new artifacts and perform necessary testing. The field moves too fast to expect everything to have already been accomplished for you.
Heather Marie @charpy4n6
3 Dec 2021
Forensic pet peeve of the day. "Forensic guessing". If you don't know what an artifact means put in the work to figure it out! Ask colleagues, reach out on groups, test it yourself, but please please please stop guessing and presenting your guess as fact.
1
18
61
Hal Pomeranz retweeted
Moose @LitMoose
2 Dec 2021
Linux forensics will always be my favorite thing, because inevitably I end up building a findings table named "angry admin or hacker?" which is just a series of cmds and args filled with profanity that could go either way.
15
30
2
353
Replying to @absolutez3 @LitMoose
Start here archive.org/details/HalLinux…
2
5
Hal Pomeranz retweeted
Rural Tech Fund @RuralTechFund
1 Dec 2021
We've got big news today! We've hired our first full time COO and are expanding our mission. Read all about it in this letter from @chrissanders88 here: ruraltechfund.org/2021/12/01….
4
16
3
30
I was today years old when I learned this
Alexander Monakov @_monoid
1 Dec 2021
Replying to @moyix
What's even nicer, readline alt-# (alt-shift-3) combo does move-to-start-input-#-press-enter in one swift step!
1
Hal Pomeranz retweeted
Ange @angealbertini
1 Dec 2021
By appending a VBScript to a DLL signed by Microsoft, you get an HTA (Html Application) polyglot that can bypass Applocker. This is still used in the wild.
This tweet is unavailable
74
2
230
Replying to @diami03
Heh. I was often told I had a “bad attitude” and “was not a team player” when I expressed frustration at the stupid decisions company management was making. They just didn’t like people pointing out the emperor had no clothes.
Hal Pomeranz retweeted
Jake Williams @MalwareJake
1 Dec 2021
Fun for targeting threat actors using Cobalt Strike servers with the leaked private keys. Also potentially fun for messing with the red team.
Didier Stevens @DidierStevens
29 Nov 2021
I made a small PoC. cs-mitm. py is a mitmproxy script that intercepts Cobalt Strike traffic, decrypts it and injects its own commands. In this video, a malicious beacon is terminated by sending it an exit command. The beacon uses one of the leaked private keys.
3
10
Hal Pomeranz retweeted
Mike Murray @mmurray
1 Dec 2021
Exploitation gets cooler every year.
chompie @chompie1337
1 Dec 2021
Linux kernel exploit technique idea: if you have an arbitrary kfree and need a leak - Use @vnik5287’s setxattr technique and block on the last byte of the copy. then, free the buffer and reallocate another object, unblock the copy and leak contents of the object using getxattr
1
1
Hal Pomeranz retweeted
Jake Williams @MalwareJake
1 Dec 2021
This is the best "from the trenches" thread you'll ever read on practically using AI.
Rich Harang @rharang
29 Nov 2021
WELL HELLO THERE I HAVE SOME OPINIONS! "Why the hell even use Deep Learning?" -- You Asked for a Sentence But You're Getting a Thread edition. 1/
5
19
Never be afraid to raise your voice for honesty and truth and compassion against injustice and lying and greed. If people all over the world...would do this, it would change the earth. William Faulkner
6
211
5
540
Very kind words @bettersafetynet, thank you. I’d like to mention @strandjs — great practitioner, great human being, doing a lot of good in the community.
Mick Douglas 🇺🇦🌻 @bettersafetynet
30 Nov 2021
Replying to @brysonbort @wendynather
@hal_pomeranz is a stone cold killer on the keyboard, but is a legit boon to multiple fields of computing.
1
3
In an unexpected twist, I'm looking for a new role in #Intelligence/#OSINT, #Investigations, or #Cybersecurity/#Infosec & would appreciate any intros or leads. Please RT for reach. I'm open to Full-Time, Part-Time, Temp, or Contract. I prefer remote. I'm also open to travel.
17
135
5
142
Replying to @elpie
“We can make it to the road in a homemade boat. It’s the only thing we got left that will float…” youtube.com/watch?v=5mf-BI…
1
Hal Pomeranz retweeted
First Book
 @FirstBook
30 Nov 2021
There’s still plenty of time to spread the joy of giving this #GivingTuesday! The Mo and Cher Willems Foundation (@The_pigeon) is matching every dollar you give to our #GiveaMillion campaign today, up to $50,000. Turn $1 into 2 books for kids in need ➡️ bit.ly/30TIerb
6
26
0
Load more