I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange
Orlando, FL
Joined November 2008
- Tweets 19,311
- Following 237
- Followers 13,672
- Likes 12
This week has seen me having multiple conversations about workplace cultures where people feel safe to admit mistakes. This is so important for the health of your people and your business.
2
9
Hal Pomeranz retweeted
I would encourage you apply if you think you’re a little under qualified. That way at least I have you on file for future positions even if you’re not a great fit. As always, less qualified people than you will!
7
5
51
Hal Pomeranz retweeted
Bullies and abusers take advantage of power dynamics in terms of job position, social capital, and societal biases.
11
35
2
471
Hal Pomeranz retweeted
Could Unix Happen Today? Brian Kernighan Looks Back … and Forward ift.tt/WokIq5S
2
1
Hal Pomeranz retweeted
The results are in! We're proud to announce the Top 10 Web Hacking Techniques of 2021!
portswigger.net/research/top…
6
376
16
805
Hal Pomeranz retweeted
Keys for Egregor, Maze, and Sekhmet ransomware have been released. I always advise clients who don't pay to keep your encrypted data as long as the decrypted data would still provide any value. This is why. bleepingcomputer.com/forums/…
6
24
Hal Pomeranz retweeted
Paging @Ben0xA....
Has anyone done active deception by replacing the whoami binary w/ a Rick roll that alerts the SOC when run on systems that don't tend to have admins that would regularly use whoami?
3
5
27
Hal Pomeranz retweeted
Introducing my new, tweetable universal Linux privilege escalation exploit:
$ alias whoami='echo root'
$ export PS1='# '
# whoami
root
120
520
62
3,670
Hey loan originator, I don't want to spend time working on our relationship goals right now. I just want you to quote me.
2
Wow. Feeling lonely? Start researching home refinance rates via the Internet. My phone has been blowing up all morning.
1
1
3
Thanks for the kind words, Tyler! Your check is in the mail…
Last week I took @hal_pomeranz Linux Forensics course on @Antisy_Training. Amazing course and well worth every cent. Highly recommended!
1
16
So let me get this straight, @McDonalds. The chicken is the “air” portion of this horror show?
4
1
2
15
Red Team is always learning from the Blue. All you Blue Teamers take note.
Finished @Antisy_Training workshop "Linux Forensics" with @hal_pomeranz. I've done forensics in Win, but this was my first time doing with Linux. As an offensive person, learning about the artifacts and things left behind by attackers in linux, has made more well-rounded. A++
6
25
Hal Pomeranz retweeted
Is it possible to start a process as SYSTEM using only CreateFile and WriteFile? Yes
Spoiler: Write a custom RPC client and create a temporary service using \\.\pipe\ntsvcs 🙂
x86matthew.com/view_post?id=…
13
316
1
917
GIF
Hal Pomeranz retweeted
One more I'll add: document who discovered each IOC and from where. The documentation often slows down jumping to conclusions and if you need to unravel a chain of false IOCs, it will be MUCH easier.
If you're investigating a security incident - do everyone a favor a ensure you do/don't do these two things.
DO read all the log events in their entirety
DONT make logic jumps assumptions to tie pieces of evidence together when there is no evidence.
You will save so much time.
2
17