Tim Brown

icon indicating a website link https://www.nth-dimension.org.uk/

icon company @CiscoCXSecurity icon location London, United Kingdom icon location push(@github, "Adversarial Engineer"); # i hack in Perl

Results 258 issues of Tim Brown

[Intel]: https://github.com/DavidBuchanan314/dlinject

### Area Offensive tools ### Parent threat _No response_ ### Finding https://github.com/DavidBuchanan314/dlinject ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...

new
missing:tactics
missing:tag:T1005
missing:tag:T1048
missing:tag:T1057
missing:tag:T1071.001
missing:tag:T1491
missing:tag:T1567
missing:tag:T1573
missing:tag:T1574.006
missing:tag:T1548.003

[Intel]: https://github.com/creaktive/tsh

### Area Offensive tools ### Parent threat _No response_ ### Finding https://github.com/creaktive/tsh ### Industry reference _No response_ ### Malware reference TSH TINYSHELL ### Actor reference APT31 UNC2891 LightBasin ### Component...

new
missing:tactics

[Intel]: https://buzzchronicles.com/Mollyycolllinss/b/internet/7795/

### Area Offensive techniques ### Parent threat _No response_ ### Finding https://buzzchronicles.com/Mollyycolllinss/b/internet/7795/ ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...

new
missing:tactics
missing:tag:T1048
missing:tag:T1057
missing:tag:T1070.003
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1083
missing:tag:T1491
missing:tag:T1546.004
missing:tag:T1552.003
missing:tag:T1567
missing:tag:T1573
missing:tag:T1590
missing:tag:T1027.002
missing:tag:T1560
missing:tag:T1070.006
missing:tag:JavaScript
missing:tag:ProcessTreeSpoofing
missing:tag:T1055.008
missing:tag:T1622
missing:tag:PyPI
missing:tag:ProcessTreeSpoofingForking

[Intel]: https://grugq.github.io/docs/subversiveld.pdf

### Area Offensive techniques ### Parent threat _No response_ ### Finding https://grugq.github.io/docs/subversiveld.pdf ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...

new
missing:tactics
missing:tag:T1048
missing:tag:T1057
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1491
missing:tag:T1567
missing:tag:T1573
missing:tag:T1021.002
missing:tag:T1055.008
missing:tag:T1622
missing:tag:IRC

[Intel]: https://blog.blockmagnates.com/hunt-linux-malware-with-cgroups-497733095a94

### Area Defensive tools ### Parent threat _No response_ ### Finding https://blog.blockmagnates.com/hunt-linux-malware-with-cgroups-497733095a94 ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference _No response_ ### Component Linux...

new
missing:tactics
missing:tag:T1048
missing:tag:T1057
missing:tag:T1070.003
missing:tag:T1070.004
missing:tag:T1071.001
missing:tag:T1491
missing:tag:T1546.004
missing:tag:T1552.003
missing:tag:T1567
missing:tag:T1573
missing:tag:T1590
missing:tag:T1021.002
missing:tag:T1027.002
missing:tag:T1053.003
missing:tag:T1560
missing:tag:T1574.006
missing:tag:T1007
missing:tag:T1053.006
missing:tag:T1543.002
missing:tag:T1574.007
missing:tag:T1021.004
missing:tag:ProcessTreeSpoofing
missing:tag:T1037
missing:tag:ProcessTreeSpoofingForking

[Intel]: https://github.com/Gui774ume/ebpfkit-monitor

### Area Defensive tools ### Parent threat Persistence, Defense Evasion, Discovery, Command and Control ### Finding https://github.com/Gui774ume/ebpfkit-monitor ### Industry reference _No response_ ### Malware reference _No response_ ### Actor reference...

confirmed

[Intel]: https://github.com/aojea/netkat

### Area Offensive tools ### Parent threat Lateral Movement, Command and Control ### Finding https://github.com/aojea/netkat ### Industry reference uses:BPF ### Malware reference _No response_ ### Actor reference _No response_ ###...

confirmed

[Intel]: https://grugq.github.io/docs/ul_exec.txt

### Area Offensive techniques ### Parent threat Persistence, Defense Evasion ### Finding https://grugq.github.io/docs/ul_exec.txt ### Industry reference attack:T1055:Process Injection attack:T1055.008:Ptrace System Calls attack:T1055.012:Process Hollowing attack:T1134.004:Parent PID Spoofing ### Malware reference _No...

confirmed

[Intel]: https://magisterquis.github.io/2018/03/11/process-injection-with-gdb.html

### Area Offensive techniques ### Parent threat Persistence, Defense Evasion ### Finding https://magisterquis.github.io/2018/03/11/process-injection-with-gdb.html ### Industry reference attack:T1055:Process Injection attack:T1055.008:Ptrace System Calls attack:T1055.012:Process Hollowing attack:T1134.004:Parent PID Spoofing ### Malware reference _No...

confirmed

[Intel]: https://gist.github.com/timb-machine/6177721c3eafba3e95abdf112b2a5902

### Area Offensive techniques ### Parent threat Persistence, Defense Evasion ### Finding https://gist.github.com/timb-machine/6177721c3eafba3e95abdf112b2a5902 ### Industry reference attack:T1055:Process Injection attack:T1055.008:Ptrace System Calls attack:T1055.012:Process Hollowing attack:T1134.004:Parent PID Spoofing ### Malware reference _No...

confirmed