John Hammond @_JohnHammond Twitter profile

Pinned Tweet

John Hammond

@_JohnHammond

13 hours

bae

27

3

478

Last Seen Profiles

@blakesamic

@ToliverLuke

@yajiumafighter1

@RACIONAISCN

@stwmaniax

@ahmedalmuhaysni

@njakatu

@OlaSuworow_Wawa

@pwnEIP

@Adnaanali2

@NAFOmama_chook

@mchlhess

@Nickcboy

@CompanyNelson2

@HEADBUSTAondeck

@bokeplokalmalam

@ymitaaop

@bradley_tindall

@phatboy42873775

@kawamura_domo

@chiefhobblefuck

@Money_GII

@CoachJBix

@realbluedoor

@OBdi0

@LondonLitTours

@mithRTV

@EaYoruba

@teckaikatsu

@ChoiChoux

@LM1531

@bbbrrroooccc

@Ank1tKhanna

@A_Mehdi11

@initiald_commu

@TheCop55422669

John Hammond

@_JohnHammond

1 year

OUR AIRPLANE CAN'T FIND THE MYSQL DATABASE 😱😱 @kaitlyn_devalk

247

794

9K

John Hammond

@_JohnHammond

6 months

Fuck.

John Hammond

@_JohnHammond

1 year

Don't worry everyone, the Internet is still a safe place.

108

407

4K

122

432

7K

John Hammond

@_JohnHammond

2 months

Luke shared the URL from the original phishing email with me, so I'd like to showcase it a bit. Planning to record a video to walk through it, but don't have a chance to record for the next few hours... so will roll with a Twitter/X thread for now 🧵

Linus LinusMediaGroup

@linusgsebastian

2 months

**BEWARE** The main LTT Twitter account has been hijacked. 4 minutes after I received this email I tried to log in, but the password had already been changed. By the time I could update the password, the 2FA had been deactivated/reactivated. I have contacted Twitter support.

418

833

11K

78

652

6K

John Hammond

@_JohnHammond

2 years

Today I got a notification on my phone that YouTube had sent me a copyright report, claiming one of my videos violated copyright and my channel was going to receive a strike. Except, my video didn't violate copyright. And YouTube didn't really send me a copyright report.

168

2K

5K

John Hammond

@_JohnHammond

1 year

Don't worry everyone, the Internet is still a safe place.

108

407

4K

John Hammond

@_JohnHammond

2 months

CrowdStrike Falcon agents are imploding right now and causing a Blue Screen of Death boot loop on every endpoint. Reports of massive outages globally.

From the crowdstrike community on Reddit

Explore this post and more from the crowdstrike community

www.reddit.com

78

1K

4K

John Hammond

@_JohnHammond

4 years

61

754

4K

John Hammond

@_JohnHammond

3 years

aaaaand then code execution?? #log4j #minecraft

55

625

3K

John Hammond

@_JohnHammond

2 months

This is CrowdStrike's Director of Overwatch, so I hope to help spread the word. I believe CS stopped these changes from being pushed out so machines late to the party wont get the faulty driver. Command in Safe Mode: del "C:\Windows\System32\drivers\CrowdStrike\C-00000291*.sys"

53

992

3K

John Hammond

@_JohnHammond

2 months

Jumped onto CNN to chitchat about the CrowdStrike shenanigans -- cheesy picture but quite a treat, thank you for letting me join you 🙏 Hug ops to all the folks still fighting fires for this thing. 🫂

130

184

3K

John Hammond

@_JohnHammond

3 years

🤯🤯🤯 @offsectraining 🥇🩸?

228

168

3K

John Hammond

@_JohnHammond

3 years

I've prepared a @RealTryHackMe room to demonstrate #log4j #log4shell CVE-2021-44228, explaining the vulnerability, attack vector, and more importantly, detection, mitigations and patching. Working with THM staff to get this in your hands -- it should be available soon.

100

513

3K

John Hammond

@_JohnHammond

4 months

the moment i realized i made a grave mistake

88

93

3K

John Hammond

@_JohnHammond

10 months

𝗧𝗵𝗮𝗻𝗸 𝘆𝗼𝘂. 🙂

142

47

2K

John Hammond

@_JohnHammond

3 months

I'm on a 6-hour flight with Starlink, and I am using my GPD Pocket tiny laptop, to Parsec home to my desktop and access all my virtual machines and home lab server. Honestly I just think it is funny. 😂

91

78

2K

John Hammond

@_JohnHammond

3 years

If you say "documentation" three times in front of a mirror, it still won't appear.

60

286

2K

John Hammond

@_JohnHammond

3 years

👁️👄👁️well alrighty then

60

280

2K

John Hammond

@_JohnHammond

8 months

⚠️Stay safe everybody! If you use a Crest or Colgate toothbrush, please update to KB-133769420 and install the latest kernel bugfixes for any external devices like your floss and mouthwash.

76

191

2K

John Hammond

@_JohnHammond

2 years

u sure?

115

145

2K

John Hammond

@_JohnHammond

3 years

Meta... sploit?

72

198

2K

John Hammond

@_JohnHammond

1 year

The MOVEit Transfer exploitation is not just SQL injection(👀) We uncovered the very last stage of the attack chain to drop human2.aspx ultimately ends up gaining remote code execution ‼ We fully recreated the attack chain with a demo achieving a reverse shell & ransomware!

34

502

2K

John Hammond

@_JohnHammond

1 year

cybersecurity

68

42

2K

John Hammond

@_JohnHammond

3 years

Does this outage count for cybersecurity awareness month festivities?

59

268

2K

John Hammond

@_JohnHammond

1 year

exposing this scammer at #PCC23

73

84

2K

John Hammond

@_JohnHammond

2 years

Merry Christmas. 🎄 Here's to many more.

54

12

2K

John Hammond

@_JohnHammond

2 months

A thread of new domains following the CrowdStrike catastrophe: 🧵

29

240

2K

John Hammond

@_JohnHammond

2 months

the CROWD has STRUCK

49

193

2K

John Hammond

@_JohnHammond

11 months

Session hijacking a Microsoft 365 account! Stealing their credentials and bypassing MFA prompt with Evilginx: a reverse-proxy phishing framework! We stage a phishing domain and email pretense, and gain full access to the victim account!

27

316

2K

John Hammond

@_JohnHammond

1 year

The desktop is malware

70

85

2K

John Hammond

@_JohnHammond

7 months

Wait, what?

87

83

2K

John Hammond

@_JohnHammond

2 years

Don't forget, 0-days wouldn't happen if you had just bought that one vendor's EDR, MDR, XDR, NDR, RDR, NXDR, ODR, PDR, LDR, QDR, VDR, JDR, KDR, IDR, 1DR, 4DR, DDR, ZDR, YDR, ⧫DR, 🟋DR, 🙻DRR, DRDRDR, AIDR solutions they emailed you about after you got stickers from their booth.

74

181

2K

John Hammond

@_JohnHammond

2 years

Thank you robot overlords

33

133

2K

John Hammond

@_JohnHammond

2 years

400k nerds watch this nerd thank u 4 ur support

68

26

1K

John Hammond

@_JohnHammond

1 month

Threat actor USDoD and his farewell to fellow cybercriminals after his identity has been published on Doxbin.

36

171

2K

John Hammond

@_JohnHammond

2 years

Bro you literally just have to click on the red line????

215

25

1K

John Hammond

@_JohnHammond

1 year

almost done setting up my computer🥹

227

70

1K

John Hammond

@_JohnHammond

8 months

CVE-2024-21413 sure does do the needful

24

185

1K

John Hammond

@_JohnHammond

3 years

THANK YOU so much for _literally sending_ a birthday cake @Hacker0x01 !!!🎂 ♥️ 🥰🎉 A good light snack while we hold down the fort for the #hacktivitycon2021 CTF 😎 THANK YOU!!! 😍

117

42

1K

John Hammond

@_JohnHammond

4 years

Does anyone else make a directory, change into that exact directory, and then list files in the newly created directory... knowing the directory is empty, because you literally JUST created it?

158

93

1K

John Hammond

@_JohnHammond

3 years

🚨 BLACK FRIDAY SPECIAL 🚨 Today and today only, you can find all of my free education and content, online FOR FREE! After today's sale, everything will return to normal asking price: $0.00! 😱

63

101

1K

John Hammond

@_JohnHammond

4 years

111

25

1K

John Hammond

@_JohnHammond

3 years

"Download failed: Virus detected" ... I know. That's why I want it. 😠

26

87

1K

John Hammond

@_JohnHammond

2 months

With that said, I am very grateful for the actor actively trying to send me the exact same phish. 😂 With a special note for me 🤣

29

52

1K

John Hammond

@_JohnHammond

2 years

"Would you like to earn millions of dollars $$$ ?"

39

198

1K

John Hammond

@_JohnHammond

2 years

This might be the creepiest thing I have ever been pinged for, but uh, yes, that is me? 🙃

Cyber Shen

@CyberShen

2 years

@_JohnHammond is that you!?

7

2

55

126

17

1K

John Hammond

@_JohnHammond

1 year

curl/libcurl HIGH CVE-2023-38545 seemed to have a patch diff out early?

26

309

1K

John Hammond

@_JohnHammond

1 year

For @ScammerPayback 's People's Call Center event, it was @0dayCTF and I's personal project to write code to fool scammers into removing their webcam cover and showing their face. It was such an adrenaline rush to see it work.

58

152

1K

John Hammond

@_JohnHammond

2 years

happy pres day

36

6

1K

John Hammond

@_JohnHammond

9 months

merry christmas

27

10

1K

John Hammond

@_JohnHammond

2 years

once again I have completed a trip around the sun

203

17

1K

John Hammond

@_JohnHammond

2 years

Halfway.

84

21

1K

John Hammond

@_JohnHammond

2 years

im verified now

121

18

1K

John Hammond

@_JohnHammond

2 years

Want to know what a YouTube channel with half a million subscribers looks like behind the scenes? As we're cruising into 2023 and the new year, I'd like to peel back the curtain. I want to be as transparent as possible here, in the hopes that this might help other creators. 🧵

49

91

1K

John Hammond

@_JohnHammond

1 year

imma bout to phish erry security researcher in da world

32

65

1K

John Hammond

@_JohnHammond

1 month

oh, wait, f&$% lmfao

93

31

1K

John Hammond

@_JohnHammond

11 months

I live to serve

vx-underground

@vxunderground

11 months

. @_JohnHammond we'll mail you a complete copy of vx-underground if you promise to load all the malware samples onto a computer and bring it GeekSquad for repair

44

64

2K

29

53

1K

John Hammond

@_JohnHammond

2 years

It has been a real treat seeing this post blow up and I am super flattered 😊 Seriously, thank you. After NahamCon CTF ends at the end of this month, I hope to finally showcase some Active Directory content and then start a "journey to OSEE" style thing. Hopefully.🤞

🇺🇦 Zer0F8th

@Zer0F8th

2 years

@ippsec & @_JohnHammond provide some of the best cybersecurity content

22

101

1K

18

62

1K

John Hammond

@_JohnHammond

5 months

People tend to say "work smarter, not harder", and I absolutely agree with that. But I do think there is some magic that happens when you do both... work smarter AND harder. Thank you for your support.

69

24

1K

John Hammond

@_JohnHammond

1 year

diSaBLE SIgNAL LINK pReVIEWS aS FAST as HuMANLY POSSIBLE TO MITIGATE thiS ExtREME CRITICAL ZERO DAY VULNERABILITY ThAT NO ONE knOWS LITERALLY ANYTHING ABOUT UNPLUG INTERNET & THROW YOUR PHONE IN THE OCEAN BEFORE IT HACKS UR WHOLE LIFE NO CVE THO, NO DETAILS, DONT WORRY ABOUT IT

51

96

989

John Hammond

@_JohnHammond

2 months

CrowdStrike Preliminary Post Incident Review (PIR) is released:

35

270

987

John Hammond

@_JohnHammond

8 months

Fun fact: Windows stores Wi-Fi passwords in plaintext! You can extract passwords with netsh.exe, but that's a child process that might be observed -- we can improve our tradecraft to extract Wi-Fi passwords with native Win32 API functions... in Rust 😎😈

18

177

966

John Hammond

@_JohnHammond

1 year

What if you ran an nmap scan and ALL 65535 ports were open? You can waste a hacker's time by spoofing your attack surface and simulating real services so the adversary has no idea what to target. Cyber deception!

24

172

962

John Hammond

@_JohnHammond

2 months

Alright who has a copy of the CrowdStrike driver, is that on VirusTotal yet?

47

50

959

John Hammond

@_JohnHammond

17 days

Well, this was a stupid insomnia project, but... 😂 Playground code is here:

Mohamed Aruham #boleh

@aruhamm

18 days

Interesting vector, ever seen this before @_JohnHammond ?

54

293

3K

22

143

971

John Hammond

@_JohnHammond

3 years

This was a pleasant surprise to have in the mail after getting back home from DEFCON -- thanks again @offsectraining !!

45

25

936

John Hammond

@_JohnHammond

9 months

I LIVE IN THE FUTURE

49

47

912

John Hammond

@_JohnHammond

9 months

2024 will be the year of linux on the desktop

81

79

894

John Hammond

@_JohnHammond

2 years

hey @BHinfoSecurity your booth looked lonely so i stole it sry @strandjs @debthedeb @BanjoCrashland

23

28

890

John Hammond

@_JohnHammond

2 years

you shut your mouth

37

55

871

John Hammond

@_JohnHammond

2 years

Active Directory content will slowly trickle out on my YouTube channel over the next many days. We will build a local VM environment, stage out our domain at will with PowerShell, and bounce back and forth between "building" and "breaking" AD concepts

ACTIVE DIRECTORY #00 Creating our Server + Workstation Virtual...

Check out Snyk to help bake security into your development process, find and fix vulnerabilities before the bad actors do! https://snyk.co/johnhammondHelp th...

www.youtube.com

26

126

880

John Hammond

@_JohnHammond

4 years

You can use some bash expansion tricks to do a crazy fast port scan. Super helpful if you are an internal network (because nmap through proxychains is horrific). No nmap? No problem.

24

162

867

John Hammond

@_JohnHammond

3 years

celebrate national cybersecurity awareness month with a four week vacation in the woods

21

72

848

John Hammond

@_JohnHammond

2 years

I record a lot of videos that I think are complete garbage, with mistakes and rabbit holes and wasted time, and I don't think it will be useful for anyone or no one would watch. But I try to remind myself... doing it in the first place is better than not doing it at all.

78

28

848

John Hammond

@_JohnHammond

11 months

@vxunderground Bet, I can record everything and upload it

27

8

851

John Hammond

@_JohnHammond

2 years

Hey boss really sorry I'm not working this week but damn you should see this sunset

53

9

837

John Hammond

@_JohnHammond

2 months

the end of an era 😭

117

16

823

John Hammond

@_JohnHammond

3 years

"Isn't it great when the security tool is vulnerable to the security problem"

24

74

804

John Hammond

@_JohnHammond

7 months

Lotta chatter around #ScreenConnect vulnerabilities now as folks are getting spun up. Fellow @HuntressLabs researchers and I were up all night to recreate the auth bypass and RCE exploit. I'm not a huge fan of giving a PoC to threat actors, but I do dig snazzy video demos 😜

23

156

814

John Hammond

@_JohnHammond

2 years

AHAHAHAHAHAHA

Ayub | whitecyberduck

@whitecyberduck

2 years

Offensive Security has banned ChatGPT from the OSCP exam

30

249

1K

27

60

793

John Hammond

@_JohnHammond

3 years

My video showcasing the #log4j #vulnerability CVE-2021-44228 in Minecraft is up. This demonstrates the #Minecraft exploit but only uses that as a springboard to discuss more of the widespread risk and threats across the security landscape. #cve

CVE-2021-44228 - Log4j - MINECRAFT VULNERABLE! (and SO MUCH MORE)

Timestamps (HUGE thanks to deetee in the comments for putting these together!!!): 0:00 - Introduction0:49 - Tweet on gaining RCE via Minecraft1:16 - Overview...

www.youtube.com

20

190

791

John Hammond

@_JohnHammond

1 year

damn they really got me good there

33

55

799

John Hammond

@_JohnHammond

3 years

oSiNt cHaLlEnGe wHeRe aM I?????????//////

201

37

781

John Hammond

@_JohnHammond

2 years

MS-MSDT "Follina" Office click-to-hack.

14

193

784

John Hammond

@_JohnHammond

7 months

I got the most obnoxious and hideous ski jacket as possible. I'm here to meme and troll. I unironically love it.

130

11

770

John Hammond

@_JohnHammond

2 years

pinned

47

33

747

John Hammond

@_JohnHammond

2 years

Hey Twitter, forgive me for my crowdsourcing -- what do you think is wrong in the infosec industry? From any perspective.

360

62

740

John Hammond

@_JohnHammond

10 months

oh fuck

51

13

742

John Hammond

@_JohnHammond

4 years

If you see a /cgi-bin directory on a webserver, don't forget to gobuster inside that directory looking for extensions like .sh, .cgi, (and even .py, .pl, or more).... you might be able to find a Shellshock vulnerability. That bug is... still around...

6

148

741

John Hammond

@_JohnHammond

2 years

Doomed to set up virtual machines my whole life.

53

38

732

John Hammond

@_JohnHammond

2 months

I won't show the full URL, but here's the big link redacted and defanged. Cutesy that it is from a SendGrid tracking link. Obviously a juicy treat for attacker to be able to mass spam emails with a trusted/common delivery service like SendGrid, and a perk of click tracking.

8

13

751

John Hammond

@_JohnHammond

3 years

i FiNaLlY DiD iT aFtEr a LoNg HaRd TiMe i HaVe SuCcEsSfULlY CoMpLeTeD a OnE-DaY StReAk On THM!1111

42

14

739

John Hammond

@_JohnHammond

2 months

25

76

739

John Hammond

@_JohnHammond

5 months

Sir, this is an entire career path 😅

11

34

724

John Hammond

@_JohnHammond

4 years

Hi yes hello Twitter I am going to tell you my deep dark secret please don't tell anyone I have no idea what I'm doing

44

31

713

John Hammond

@_JohnHammond

2 years

11

57

713

John Hammond

@_JohnHammond

1 month

THAT'S OUR BOY RYAN!!!! 🤩

PBD Podcast

@PBDsPodcast

1 month

"Hack ANY Cell Phone" - Hacker Shows How Easy It Is To Hack Your Cell Phone. @patrickbetdavid @0dayCTF

116

1K

5K

14

74

722

John Hammond

@_JohnHammond

4 years

OSEP labs finally complete. Exam in 5 hours. LFG

69

4

688

John Hammond

@_JohnHammond

10 months

I think am too late for the CounterStrike XSS party :(

25

30

683

John Hammond

@_JohnHammond

1 year

Hey folks, big project for me at `var dayjob` — @HuntressLabs is hosting a free online CTF, releasing new challenges EVERY SINGLE DAY of October for Cybersecurity Awareness Month😱Malware analysis, DFIR, hacker tradecraft... game starts next Monday 10/2!

5

202

675

John Hammond

@_JohnHammond

1 year

Thank you so much. Just four more! 😁

47

15

678