Discover and read the best of Twitter Threads about #ShadowBrokers

Most recents (2)

Profile picture
FarmPoet
@F4rmP0et
Inspired by @osxreverser analysis of NSA BPF port-knocking implant, I decided to take a 2nd look at #ShadowBrokers leak of windows implants. Lo and behold, a couple of hardly mentioned kernel drivers (#DoormanGauze and #FlewAvenue) caught my attention. (1/11)
Information publicly available on these drivers is scarce and for the most part flat out wrong. Instead of going for the usual deep-dive blog post, lets try a light-speed tweeter thread analysis. In this thread we'll take a brief look at #DoormanGauze. (2/11)
So, what is #DoormanGauze... In a nutshell, its a plugin for #DanderSpritz / #ExpandingPulley implants implementing an in-kernel mailslot server, allowing for stealthy inter-process communication. This can replace the usual named pipes/windows sockets IPC. (3/11) Image
Read 11 tweets
Profile picture
Edward Snowden
@Snowden
NSA just lost control of its Top Secret arsenal of digital weapons; hackers leaked it.
1) github.com/x0rz/EQGRP
2) medium.com/@shadowbrokers…
For those who have never heard of the hacker group behind today's leak of NSA's cyberweapons, last year's story: nytimes.com/2016/08/17/us/…
Quick review of the #ShadowBrokers leak of Top Secret NSA tools reveals it's nowhere near the full library, but there's still so... (1/2)
Read 4 tweets

Related hashtags

#ShadowBrokers #DanderSpritz #DoormanGauze #FlewAvenue #ExpandingPulley

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!