IT Guy

@T3chFalcon

Offensive Security Engineer

Navigating Digital Labyrinth

Joined November 2022

552Following

3KFollowers

Pinned

IT Guy@T3chFalcon · Jun 25

New attack vector: FileFix. A phishing trick that executes PowerShell straight from your browser no Run dialog, no pop-ups. Just a fake file path + clipboard + File Explorer. Red teamers, this one’s wild. 📽️ PoC + write-up: medium.com/@t3chfalcon/fi…

IIT Guy@T3chFalcon · Jun 24

Great work 👏@mrd0x I'll try to replicate this "FileFix Attack Simulation" 💪

250

1.0K

93.0K

IT Guy@T3chFalcon · 2 h

Nice explainer on OAuth consent phishing, and even better news, users will no longer be able to consent like this by default (already started rolling out) mc.merill.net/message/MC1097…

IIT Guy@T3chFalcon · 13 h

The replies to this blew me away 😅 lots of sharp minds here. The real answer? OAuth Consent Phishing + Token Replay APT-grade tradecraft used by the big dogs like APT29. Even Microsoft got hit with this. 🧵Here’s how it works:

2.0K

IT Guy@T3chFalcon · 4 h

Sharp guy...that's why you're the falcon here. I've never thought of it this way. Thank you chief🙌

IIT Guy@T3chFalcon · 13 h

105

IT Guy@T3chFalcon · 5 h

Did you know… certutil.exe can: Download remote payloads Base64 decode files Write to disk All using a signed Microsoft binary? This LOLBin is trusted by Defender. Attackers love it. Blue teams often miss it. 👊🏾

759

IT Guy Retweeted

IT Guy@T3chFalcon · 13 h

Thanks for reading to the end. I'll post more scenarios like this Stay tuned. #RedTeam

306

IT Guy@T3chFalcon · 19 h

Ross Ulbricht was the founder and operator of the Silk Road, a darknet marketplace launched in 2011 on the Tor network. It allowed people to buy and sell illegal goods primarily drugs anonymously using Bitcoin. Ulbricht was arrested on October 1, 2013, at a public library in…

NNwokedi Chukwuebuka@Deep2times1 · 20 h

Wow! I like your story and i also wonder what the man Ulbritch has to do with the darkweb creation. Are there differences between freenet,darknet and the darkweb? Just curious

2.0K

IT Guy@T3chFalcon · Jul 23

I sell hacking tools. I’ve been selling since. Any Pentester or Redteamer who needs a hardware for their operations. You can dm.

NNana Sei Anyemedu@RedHatPentester · Dec 30, 2023

The wireless adapter successfully got to Nigeria after 2 days shipment. From Ghana to Delta State. Thank you @Phosenterprise for trusting me. Please if you’re in Nigeria and you need a wireless adapter let me know. @IamTheCyberChef @akintunero @marshalwahlexyz…

3.0K

IT Guy Retweeted

Ghost St Badmus@commando_skiipz · Jul 23

Ethical Hacker / Offensive Security Specialist role. If you fit the JD or know someone who is qualified, forward it to them to apply. Good luck.

4.0K

IT Guy Retweeted

David@dmcxblue · Jul 23

Here we go 😄sorry for the delay 😋 github.com/dmcxblue/WSL-P…

1.0K