Hacker of Things, Maker of Tools, Breaker of Stuff
Tinfoil Cowboy (DEFCON 2019)
I break, make, program and create things.
There are many projects that I am involved in that keep me always busy. Some of my primary focused projects are listed on the Projects page. Other projects and scripts that I create can be found on GitHub.
You will always find me at my local BSides, BSidesLV, BSidesDC, BSidesDE, BSides Charm or other security conferences such as Shmoocon, Defcon and Blackhat. I am usually running around Las Vegas (or sometimes other conferences) in a crazy looking tinfoil hat.
To find out more about me, visit the About page.
Twitter Activity
- RT @dcskytalks: There's no easy way to say this, our friends. Unfortunately, Skytalks has made the very difficult decision to not do an in-person event for 2021. Our full announcement is at https://skytalks.info. We are still discussing what, if any, virtual event we might do instead. 1/4@dcskytalks
- RT @defcon: DC29 - The Signal https://open.spotify.com/playlist/77Xyr83sBuorUDdbqD4vTW?si=AyyaPUuPTtqzU8mghm9Hwg #NowPlaying@defcon
- Just added DLL injection support to the #windows side of my #golang malware framework XMT!
Update will be pushed to git soon @ https://github.com/iDigitalFlame/xmt@iDigitalFlame
- RT @jansendotsh: If Amazon really wanted to avoid unionization, they could easily offer better working conditions to employees... You don’t need to try spinning up a misinformation campaign.@jansendotsh
- RT @MalwareTechBlog: Black Kingdom ransomware is by far the worst I’ve ever seen. It doesn’t exclude exe, dll, or sys files so in cases bricks the system. It doesn’t track if it’s been run previously, so every victim I’ve seen has been recursively encrypted at least 4 times. And it’s coded in python.@MalwareTechBlog
- RT @RSnake: If you use Express VPN you definitely need to read this: https://www.strikesource.com/2021/03/09/chinese-vpns-are-recording-world-data-on-a-massive-scale/@RSnake
- RT @SwiftOnSecurity: Exchange on-prem (likely) sees your password when you sign in from your phone. Every employee's password.
It has permissions to AD with its own implicit unmonitored service accounts, basically 1 step to Domain Admin.
It's often unmonitored for assumed performance reasons.@SwiftOnSecurity
- RT @SwiftOnSecurity: ・ *゚
・ ゚*
・。
*・。
*.。
。・
°*. ゚
Android phones
are unmaintained
Linux distributions
you carry around
゚*.
。。 ・
。 ・゚
。°*.
。*・。@SwiftOnSecurity
- RT @0dayCTF: https://revshells.com
#ctf #reverseshell #revshell #bugbounty #tryhackme #hacktricks #bugtips #rce #netcat #xss #hackerhashtags #cybersecurity #cybersecuritytips@0dayCTF
- RT @runasand: Cyber war will be fueled by headlines, not 0days.@runasand