I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange
Orlando, FL
Joined November 2008
- Tweets 19,311
- Following 237
- Followers 13,672
- Likes 12
Our perspective is colored by being third-party IR teams. Orgs that have good network telemetry are generally mature enough to have working IR capability in-house and so would never call us.
1
4
Psst. Nobody tell Michael about the upcoming filesystem mounting challenge...
When my brain hurts, I know I've learned alot, and it's about to explode! Day 1 of @Antisy_Training course, Linux Forensics with @hal_pomeranz, was insane! Memory dumps with Volatility and more. Spotting adv. rootkits. Learning to be better at my Offensive, and still have 3 days!
1
4
I’m excited about this partnership and Spyderbat’s technology. If you have significant Linux infrastructure, you should try out their product (for free)!
** Breaking News ** Spyderbat is pleased to announce Hal Pomeranz (@hal_pomeranz) joins our Board of Advisors, adding his Linux security expertise to help realize Spyderbat's truly game-changing technology. buff.ly/3uculkI
1
2
11
Fear no more! I'll be teaching a new Linux Command-Line class at Wild West Hackin Fest in May -- antisyphontraining.com/linux…
1
Hal Pomeranz retweeted
I'm happy to announce a new tool I just published: mandrake!
It's essentially a debugger written in Rust that'll execute shellcode (or part of an ELF binary), and output each instruction, in order, with registers/memory, as JSON
github.com/CounterHack/mandr…
4
56
2
135
Hal Pomeranz retweeted
It's practically hard coded into hacker DNA that forbidden knowledge is desirable knowledge.
image via @BrooklynBalmer
2
65
1
212
Hal Pomeranz retweeted
I post this regularly, and many express surprise.
This is the current childhood immunization schedule. Many childhood vaccines are three+ doses, sometimes a booster.
This is one reason why, unlike earlier centuries, we don't have cemeteries full of children. We've forgotten.
310
6,676
474
17,528
You remember that impromptu demo I did about recovering the deleted *.c code? I’ve codified that into a lab that follows a new module on EXT data recovery. Download latest material from archive.org/details/HalLinux…
My first in-person training event since the pandemic started. Looking forward to being back in Omaha!
TRAINING: Today's feature is Introduction to Linux Forensics with the always awesome @hal_pomeranz!
Hal will provide the background and information to teach you to properly conduct Linux forensic examinations in this two-day hands-on course.
Register ➡️ kernelcon.org/training#linux…
2
5
13
Remember I said, "Never low-bid sushi!" Well apparently people are low-bidding IR work. Neither is going to have a good outcome.
9
9
1
65
Hal Pomeranz retweeted
HEY, I'M HIRING.
Do you have way too much infosec experience and get lost talking about the swath of it to anyone who will listen?
Have you built workshops and/or given instructional talks and would love to finally get paid for it?
COME WORK WITH ME
jobs.lever.co/grimm-co/8431a…
2
52
2
91
To heck with editing tweets, what is needed is the “deliver massive electric shock to sender” feature
You can’t just say “Slack” or “Discord” we have to talk specific servers and channels. LinkedIn has signal-noise issues with too much self-promotional wool gathering and little hard content.
1
9
I went the consulting route because there was no path to being a senior technical contributor within an org. But it’s not for everyone.
1
1
