John Hammond
@_JohnHammond
Followers
262,014
Following
2,507
Media
2,393
Statuses
7,745
Hacker. Cybersecurity Researcher @HuntressLabs ||
San Francisco, CA
Joined March 2015
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
#خلصوا_صفقات_الهلال1
• 679538 Tweets
ラピュタ
• 400960 Tweets
Atatürk
• 378690 Tweets
#พรชีวันEP15
• 262598 Tweets
Johnny
• 211552 Tweets
Megan
• 208387 Tweets
Sancho
• 144476 Tweets
MEGTAN IS COMING
• 124393 Tweets
RM IS COMING
• 117515 Tweets
olivia
• 116132 Tweets
namjoon
• 113028 Tweets
#初音ミク誕生祭2024
• 99083 Tweets
#4MINUTES_EP6
• 78959 Tweets
#バルス祭り
• 60562 Tweets
Labor Day
• 47215 Tweets
كاس العالم
• 45542 Tweets
CHERISH TWENTY WITH WONYOUNG
• 45148 Tweets
ミクさん
• 44503 Tweets
ムスカ大佐
• 40176 Tweets
#フロイニ
• 30348 Tweets
ŹOOĻ記念日
• 23985 Tweets
ミクちゃん
• 21751 Tweets
Día Internacional
• 19189 Tweets
滅びの呪文
• 17882 Tweets
Javier Acosta
• 16877 Tweets
Ramírez
• 16338 Tweets
ロボット兵
• 13588 Tweets
ナウシカ
• 13577 Tweets
Lolla
• 13199 Tweets
Lo Celso
• 11040 Tweets
Fuck.
Don't worry everyone, the Internet is still a safe place.
109
408
4K
122
433
7K
Luke shared the URL from the original phishing email with me, so I'd like to showcase it a bit.
Planning to record a video to walk through it, but don't have a chance to record for the next few hours... so will roll with a Twitter/X thread for now 🧵
**BEWARE** The main LTT Twitter account has been hijacked.
4 minutes after I received this email I tried to log in, but the password had already been changed. By the time I could update the password, the 2FA had been deactivated/reactivated.
I have contacted Twitter support.
422
842
11K
80
652
6K
Today I got a notification on my phone that YouTube had sent me a copyright report, claiming one of my videos violated copyright and my channel was going to receive a strike.
Except, my video didn't violate copyright. And YouTube didn't really send me a copyright report.
168
2K
5K
Don't worry everyone, the Internet is still a safe place.
109
408
4K
CrowdStrike Falcon agents are imploding right now and causing a Blue Screen of Death boot loop on every endpoint. Reports of massive outages globally.
79
1K
4K
This is CrowdStrike's Director of Overwatch, so I hope to help spread the word. I believe CS stopped these changes from being pushed out so machines late to the party wont get the faulty driver.
Command in Safe Mode:
del "C:\Windows\System32\drivers\CrowdStrike\C-00000291*.sys"
54
996
3K
Jumped onto CNN to chitchat about the CrowdStrike shenanigans -- cheesy picture but quite a treat, thank you for letting me join you 🙏
Hug ops to all the folks still fighting fires for this thing. 🫂
132
184
3K
I've prepared a
@RealTryHackMe
room to demonstrate
#log4j
#log4shell
CVE-2021-44228, explaining the vulnerability, attack vector, and more importantly, detection, mitigations and patching. Working with THM staff to get this in your hands -- it should be available soon.
101
516
3K
I'm on a 6-hour flight with Starlink, and I am using my GPD Pocket tiny laptop, to Parsec home to my desktop and access all my virtual machines and home lab server. Honestly I just think it is funny. 😂
91
84
2K
If you say "documentation" three times in front of a mirror, it still won't appear.
61
286
2K
⚠️Stay safe everybody! If you use a Crest or Colgate toothbrush, please update to KB-133769420 and install the latest kernel bugfixes for any external devices like your floss and mouthwash.
76
192
2K
The MOVEit Transfer exploitation is not just SQL injection(👀)
We uncovered the very last stage of the attack chain to drop human2.aspx ultimately ends up gaining remote code execution ‼
We fully recreated the attack chain with a demo achieving a reverse shell & ransomware!
34
505
2K
Does this outage count for cybersecurity awareness month festivities?
59
270
2K
A thread of new domains following the CrowdStrike catastrophe: 🧵
30
241
2K
Session hijacking a Microsoft 365 account! Stealing their credentials and bypassing MFA prompt with Evilginx: a reverse-proxy phishing framework! We stage a phishing domain and email pretense, and gain full access to the victim account!
28
319
2K
Don't forget, 0-days wouldn't happen if you had just bought that one vendor's EDR, MDR, XDR, NDR, RDR, NXDR, ODR, PDR, LDR, QDR, VDR, JDR, KDR, IDR, 1DR, 4DR, DDR, ZDR, YDR, ⧫DR, 🟋DR, 🙻DRR, DRDRDR, AIDR solutions they emailed you about after you got stickers from their booth.
74
181
2K
Bro you literally just have to click on the red line????
215
25
1K
THANK YOU so much for _literally sending_ a birthday cake
@Hacker0x01
!!!🎂 ♥️ 🥰🎉
A good light snack while we hold down the fort for the
#hacktivitycon2021
CTF 😎
THANK YOU!!! 😍
117
42
1K
Does anyone else make a directory, change into that exact directory, and then list files in the newly created directory... knowing the directory is empty, because you literally JUST created it?
158
93
1K
🚨 BLACK FRIDAY SPECIAL 🚨
Today and today only, you can find all of my free education and content, online FOR FREE! After today's sale, everything will return to normal asking price: $0.00! 😱
63
101
1K
"Download failed: Virus detected"
... I know. That's why I want it. 😠
27
87
1K
With that said, I am very grateful for the actor actively trying to send me the exact same phish. 😂
With a special note for me 🤣
30
52
1K
This might be the creepiest thing I have ever been pinged for, but uh, yes, that is me? 🙃
127
17
1K
curl/libcurl HIGH CVE-2023-38545 seemed to have a patch diff out early?
26
311
1K
For
@ScammerPayback
's People's Call Center event, it was
@0dayCTF
and I's personal project to write code to fool scammers into removing their webcam cover and showing their face.
It was such an adrenaline rush to see it work.
58
152
1K
Want to know what a YouTube channel with half a million subscribers looks like behind the scenes?
As we're cruising into 2023 and the new year, I'd like to peel back the curtain.
I want to be as transparent as possible here, in the hopes that this might help other creators. 🧵
49
91
1K
It has been a real treat seeing this post blow up and I am super flattered 😊 Seriously, thank you. After NahamCon CTF ends at the end of this month, I hope to finally showcase some Active Directory content and then start a "journey to OSEE" style thing. Hopefully.🤞
18
62
1K
I live to serve
.
@_JohnHammond
we'll mail you a complete copy of vx-underground if you promise to load all the malware samples onto a computer and bring it GeekSquad for repair
44
64
2K
29
53
1K
People tend to say "work smarter, not harder", and I absolutely agree with that.
But I do think there is some magic that happens when you do both... work smarter AND harder.
Thank you for your support.
70
24
1K
diSaBLE SIgNAL LINK pReVIEWS aS FAST as HuMANLY POSSIBLE TO MITIGATE thiS ExtREME CRITICAL ZERO DAY VULNERABILITY ThAT NO ONE knOWS LITERALLY ANYTHING ABOUT
UNPLUG INTERNET & THROW YOUR PHONE IN THE OCEAN BEFORE IT HACKS UR WHOLE LIFE
NO CVE THO, NO DETAILS, DONT WORRY ABOUT IT
51
97
992
CrowdStrike Preliminary Post Incident Review (PIR) is released:
35
270
992
Fun fact: Windows stores Wi-Fi passwords in plaintext! You can extract passwords with netsh.exe, but that's a child process that might be observed -- we can improve our tradecraft to extract Wi-Fi passwords with native Win32 API functions... in Rust 😎😈
18
177
968
What if you ran an nmap scan and ALL 65535 ports were open? You can waste a hacker's time by spoofing your attack surface and simulating real services so the adversary has no idea what to target. Cyber deception!
24
172
963
Alright who has a copy of the CrowdStrike driver, is that on VirusTotal yet?
47
50
962
This was a pleasant surprise to have in the mail after getting back home from DEFCON -- thanks again
@offsectraining
!!
45
25
936
24
28
893
Active Directory content will slowly trickle out on my YouTube channel over the next many days. We will build a local VM environment, stage out our domain at will with PowerShell, and bounce back and forth between "building" and "breaking" AD concepts
26
126
881
You can use some bash expansion tricks to do a crazy fast port scan. Super helpful if you are an internal network (because nmap through proxychains is horrific). No nmap? No problem.
24
163
871
celebrate national cybersecurity awareness month with a four week vacation in the woods
21
72
852
I record a lot of videos that I think are complete garbage, with mistakes and rabbit holes and wasted time, and I don't think it will be useful for anyone or no one would watch.
But I try to remind myself... doing it in the first place is better than not doing it at all.
78
28
850
Hey boss really sorry I'm not working this week but damn you should see this sunset
53
9
837
"Isn't it great when the security tool is vulnerable to the security problem"
24
74
806
Lotta chatter around
#ScreenConnect
vulnerabilities now as folks are getting spun up.
Fellow
@HuntressLabs
researchers and I were up all night to recreate the auth bypass and RCE exploit.
I'm not a huge fan of giving a PoC to threat actors, but I do dig snazzy video demos 😜
24
158
819
AHAHAHAHAHAHA
Offensive Security has banned ChatGPT from the OSCP exam
32
248
1K
27
60
793
My video showcasing the
#log4j
#vulnerability
CVE-2021-44228 in Minecraft is up. This demonstrates the
#Minecraft
exploit but only uses that as a springboard to discuss more of the widespread risk and threats across the security landscape.
#cve
20
190
794
I got the most obnoxious and hideous ski jacket as possible.
I'm here to meme and troll. I unironically love it.
134
11
775
Hey Twitter, forgive me for my crowdsourcing -- what do you think is wrong in the infosec industry? From any perspective.
362
62
743
If you see a /cgi-bin directory on a webserver, don't forget to gobuster inside that directory looking for extensions like .sh, .cgi, (and even .py, .pl, or more).... you might be able to find a Shellshock vulnerability. That bug is... still around...
6
149
744
i FiNaLlY DiD iT
aFtEr a LoNg HaRd TiMe
i HaVe SuCcEsSfULlY CoMpLeTeD a OnE-DaY StReAk On THM!1111
42
14
740
I won't show the full URL, but here's the big link redacted and defanged.
Cutesy that it is from a SendGrid tracking link. Obviously a juicy treat for attacker to be able to mass spam emails with a trusted/common delivery service like SendGrid, and a perk of click tracking.
8
13
751
Hi yes hello Twitter I am going to tell you my deep dark secret please don't tell anyone
I have no idea what I'm doing
44
31
713
I think am too late for the CounterStrike XSS party :(
25
30
688
Hey folks, big project for me at `var dayjob` —
@HuntressLabs
is hosting a free online CTF, releasing new challenges EVERY SINGLE DAY of October for Cybersecurity Awareness Month😱Malware analysis, DFIR, hacker tradecraft... game starts next Monday 10/2!
5
202
676
🤩view from my office this morning 🥰😊💫
remote lyfe
#blessed
#workfromanywhere
#blessedagain
#remotelyfe
#views
#goals
🌈
41
50
662
Just observed APT activity using the "cd" command, be sure to add these TTPs to your detection logic 🚨
39
46
674