Marc Maiffret @marcmaiffret Twitter profile

Last Seen Profiles

@StDallAglio

@iAMD_10

@Isaiah21P

@Mitchell_Kip

@PLowtho

@loca_stronza

@bytetysoncoins

@KianRaiX

@ethansfIavor

@TheDeFiList

@IvlevYorke

@Belinda3725

@LPP2014

@stwmaniax

@martinlidegaard

@3m1ly_r0s3

@Eurisy1

@Volkovvan

@remu_az

@juliannaelamb

@decimated_game

@alina_krt

@CabilderosCL

@frihedsbrevet

@jacquesdavesnes

@moixzz

@beafandraw

@AndrsFernn48256

@Ayari0907

@ibubohay2

@asdjgahtttt3

@cukienaknikmati

@lypmoon1

@Mesopos

@sqldbawithbeard

@JTDrake55

Marc Maiffret

@marcmaiffret

7 years

I recently joined SpaceX as CISO. We are hiring in Information Security.

81

305

771

Marc Maiffret

@marcmaiffret

11 months

Oct 2nd we prevented an attack on an Okta account. Forensics led us to believe that the point of entry was actually due to a compromise within Okta's Support environment. Okta has now confirmed that to be the case, other customers affected.

BeyondTrust Discovers Breach of Okta Support Unit | BeyondTrust

This blog shared details of the Okta support unit attack to educate other Okta users and infosec professionals. For BeyondTrust customers who leverage our…

www.beyondtrust.com

11

98

294

Marc Maiffret

@marcmaiffret

7 years

Insecure software continues to be the problem, not @taviso We are lucky to have him publishing his work.

1

37

98

Marc Maiffret

@marcmaiffret

8 years

#Vault7 Wikileaks did not redact binary embedded in .reg file from JQJSNICKER. Possible CIA implant code:

6

78

90

Marc Maiffret

@marcmaiffret

11 months

@KimZetter Our team prevented an attack on Oct 2nd and escalated within Okta the belief that the attack was made possible because Okta themselves had been compromised. Further technical details in our blog here:

0

15

59

Marc Maiffret

@marcmaiffret

3 years

"We don't have IIS so..." The issue is there if you have anything leveraging http.sys. E.g. Run netsh http show servicestate (check port/pid to find http.sys process mappings). Enterprises will have a variety of WinRm, FDResPub, WIA, Spooler, Razer, etc.

GitHub - 0vercl0k/CVE-2021-31166: Proof of concept for CVE-2021-31166, a remote HTTP.sys use-afte...

Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely. - 0vercl0k/CVE-2021-31166

github.com

1

20

41

Marc Maiffret

@marcmaiffret

9 years

@bill_billbill_ Fuzzer that found MS15-053 - CVE-2015-1686 http://t.co/BUO7RmNFm8

BeyondTrust Regex Smash - Pastebin.com

Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.

pastebin.com

0

31

37

Marc Maiffret

@marcmaiffret

10 years

Fuzzing for MS15-010 http://t.co/lvuZbIlh4k

0

37

36

Marc Maiffret

@marcmaiffret

8 years

Windows 10 attack surface, store malware in Bash env, containers. New win10 ssh server (command prompt) etc new ways to live off the land.

0

25

35

Marc Maiffret

@marcmaiffret

8 years

2016 and people are still blaming 3rd parties who discover software vulnerabilities vs. those that create them.

3

37

33

Marc Maiffret

@marcmaiffret

3 years

Reminder with #PrintNightmare you can drop your .dll to any valid Print\Environments. E.g. Windows NT x86 (W32X86) and then call RpcAddPrinterDriverEx with that path directly. Old/new copy will still take place in x64 but worth checking the nuance in case that is avoidable.

2

10

32

Marc Maiffret

@marcmaiffret

9 years

The year old NSA guide to not getting, as TAO chief implied, punked like Saudi Aramco and Sony: #enigma2016

0

24

30

Marc Maiffret

@marcmaiffret

8 years

Grab Dan Geer's 2003 paper on monoculture, find/replace Microsoft for Amazon; operating systems for cloud services.

1

19

26

Marc Maiffret

@marcmaiffret

5 years

@EricVBailey A looming federal charge for hacking the planet.

2

1

23

Marc Maiffret

@marcmaiffret

3 years

Excited to be back at @BeyondTrust building on all of the great progress that's been made. Thank you to the infosec teams that invited me in to work along side them the last few years. I will bring that empathy forward with what I do next.

BeyondTrust Names Marc Maiffret Chief Technology Officer and Morey…

BeyondTrust’s Privileged Access Management platform protects your organization from unwanted remote access, stolen credentials, and misused privileges

www.beyondtrust.com

0

3

21

Marc Maiffret

@marcmaiffret

6 years

@LBPD_PIO_45 @KimZetter @LagunaBeachPD I drive that road often in my Tesla, would never use autopilot there. Autopilot is great on established freeways as a lane guided cruise control with 100% attention. People clearly cant be trusted to pay attention, software should narrow scenarios where autopilot can be enabled.

1

18

Marc Maiffret

@marcmaiffret

9 years

Identity in the U.S. is a 9 digit num and basic metadata. We should be solving that problem with more fervor than the breach problem.

4

40

17

Marc Maiffret

@marcmaiffret

3 years

Infosec teams who chase individual vulnerabilities more than they control their attack surface, will always be softer targets. Control your attack surface. E.g. Do more things like this: And disable spooler, what are you doing printing in 2021 anyways? :)

Restricting SMB-based Lateral Movement in a Windows Environment

Palantir’s recommendations for defending your network

blog.palantir.com

3

7

18

Marc Maiffret

@marcmaiffret

6 years

You can debate what happened during Kavanaugh's teenage years but there is zero debate about the grown man sitting in front of the senate right now coming off like an entitled petulant frat kid, and not displaying the character of an person that should sit on the Supreme Court.

1

5

16

Marc Maiffret

@marcmaiffret

6 years

@thegrugq Put me in coach, we can fire up some WinNuke and hit em with some OOB data.

1

0

12

Marc Maiffret

@marcmaiffret

9 years

Yay new client side attack surface!: JPEG images may soon have copy protection http://t.co/Ju4axYKNC7

3

11

Marc Maiffret

@marcmaiffret

9 years

NSA TAO is not scared of any of your defenses. They are scared American businesses can still get knocked over by amateurs. #enigma2016

0

18

13

Marc Maiffret

@marcmaiffret

8 years

@fmarmond Context was whether NSA should report vulns. I do not want my tax dollars subsidizing what software vendors should do themselves.

4

2

13

Marc Maiffret

@marcmaiffret

9 years

Exploiting CVE-2015-0311, Part II: Bypassing Control Flow Guard on Windows 8.1 Update 3

0

14

11

Marc Maiffret

@marcmaiffret

4 years

@KimZetter covered, in Countdown to Zero Day, how I hacked into a water plant in ~2011. Hardest part was figuring out from a plant engineer what all evil I could have done. Sounds like someone figured that out...

1

3

12

Marc Maiffret

@marcmaiffret

9 years

First java 0day in ~2 years http://t.co/OKuRddsNcI

2

23

11

Marc Maiffret

@marcmaiffret

10 years

Someone really took the recent Windows Journal vuln blog post to heart; http://t.co/bPGBENfO0U http://t.co/ZHV31RUIPN

1

6

10

Marc Maiffret

@marcmaiffret

9 years

WTF? Is this actually a real webinar title? "Make Security Great Again: Build a Wall, Deport Undocumented Programs."

3

13

11

Marc Maiffret

@marcmaiffret

3 years

I was recently interviewed on @VICENews where we discussed hacking as a career path. @BiaSciLab clearly shows the future is amazing and vibrant, with a strong glow of terminal green.

How Hacking Went from Crime to Career

It seems like there are headlines about cyber security hacks every week, and the demand for talent in this area is at an all time high. Subscribe to VICE New...

www.youtube.com

1

4

11

Marc Maiffret

@marcmaiffret

10 years

"Lenovo wants cleaner software bundles to avoid security disasters" <-How about just not bundling crap to begin with. http://t.co/7ujmFXF1yU

2

12

10

Marc Maiffret

@marcmaiffret

6 years

Good work @Sahad_nk surprised we do not see more hijacking of abandoned azurewebsites and related. Reminds me of phone phreaks leveraging abandoned numbers back in the day. @0xdabbad00 when you want a break from AWS, Azure ready for you. :) via @safetydet

Microsoft Account Takeover Vulnerability Affecting 400 Million Users

Is Microsoft Outlook really that safe? You won't believe what critical vulnerabilities tech giant Microsoft is exposed to. See for yourself.

www.safetydetectives.com

1

4

9

Marc Maiffret

@marcmaiffret

10 years

@WTFuzz @alech powershell(Invoke-Expression([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String(\"Zm9ybWF0IGM6\"))))

3

10

Marc Maiffret

@marcmaiffret

5 years

I had the pleasure of working with @ohjeongwook for many years at eEye. He is one of the kindest and most brilliant people I have had a chance to work with. Check out his new company and the training/etc they offer!

Nobody

@ohjeongwook

5 years

Just made a new company: - starting as a Security Intelligence and Training Platform Company. Very early phase but we are opening new curriculums teamed up with other security and machine learning experts. Stay tuned and contact me for potential service.

8

6

35

0

2

10

Marc Maiffret

@marcmaiffret

7 years

That moment your fiancee takes you for bday to dive bar and the band ends with NiN and Tool covers. It is going to be alright. Miss you brother Barns. Cannot burn enough pianos but I'll try.

0

1

10

Marc Maiffret

@marcmaiffret

5 years

@KimZetter One of my favorite versions of this was sending an employee flowers. Sat on their desk with better access to WiFi and more importantly a ton of crappy office Bluetooth devices.

1

2

9

Marc Maiffret

@marcmaiffret

9 years

Great few years back at eEye/BeyondTrust as CTO. I have left to pursue next security venture. Stealth start-up, like the F-35 right? :-p

12

6

8

Marc Maiffret

@marcmaiffret

9 years

Hopefully NSA TAO preso at #enigma2016 gets IT to read the defensive guides NSA has been publishing for many years.

0

4

9

Marc Maiffret

@marcmaiffret

7 years

@taviso @natashenka They still can't parse ASN.1 properly? :-p

1

0

9

Marc Maiffret

@marcmaiffret

8 years

#npmgate is more of a reminder of the sheer number of crap dev that is blindly pulling in potentially untrusted packages into production.

0

6

9

Marc Maiffret

@marcmaiffret

1 year

@BiaSciLab you rocked it and are such an inspiration, so stoked you were able to come out!

Bia! Ⓥ

@BiaSciLab

1 year

Giving my keynote at @BeyondTrust Go Beyond conference! I even got to mention my @SecureOpenVote project!

1

5

38

1

3

9

Marc Maiffret

@marcmaiffret

7 years

The Pepsi challenge for nextgen endpoint/EDR is to actually have free trial product downloads for anyone. Even most AV vendors allow that.

4

9

Marc Maiffret

@marcmaiffret

9 years

Hardware hacking, reversing Belkin F9K1111 vulnerabilities, code exec http://t.co/9Lb7GWTHb2

0

6

8

Marc Maiffret

@marcmaiffret

9 years

Love this; big reason I have much respect for @dugsong @jonoberheide @duosec , both in usability & CEO can kickflip.

Dino A. Dai Zovi

@dinodaizovi

9 years

Innovation in defense is figuring out how to implement things that Rob Joyce recommended cheaply and without grinding all work to a halt.

1

6

16

1

3

7

Marc Maiffret

@marcmaiffret

10 years

Triggering MS14-066 schannel bug http://t.co/ixlHD8laHC

0

11

7

Marc Maiffret

@marcmaiffret

8 years

Microsoft commercial fuzzing service

0

9

7

Marc Maiffret

@marcmaiffret

9 years

All skills equal in IDA it seems the imagination in seeking out attack surface is the bigger division in vulnerability discovery.

0

5

6

Marc Maiffret

@marcmaiffret

2 years

Had an awesome time chatting with @shehackspurple recently. Try to catch her at one of the many events she has going on at #RSAC this week

BeyondTrust

@BeyondTrust

2 years

Are you following our Podcast "Adventures of Alice & Bob"? Don't miss this week's insightful and candid chat with the one & only @shehackspurple . Full episode with Tanya can be found wherever you listen or

0

13

12

0

3

7

Marc Maiffret

@marcmaiffret

3 years

@dugsong @BiaSciLab @eEye You have been an inspiration for me from the start @dugsong . The w00w00 easter egg in @stobal 's mockitecture didn't make the vid but seems @BiaSciLab and I both are fans of another group that did... #kradacousticcoupler

2

6

Marc Maiffret

@marcmaiffret

8 years

Modern dev practices and devops are in a terrible state of security at most orgs. Blind trust in packages among other problems. #npmgate

0

2

7

Marc Maiffret

@marcmaiffret

8 years

#Vault7 CIA notes on personal security products not using ASLR, etc: "I think @taviso has published some material in this area as well." Heh

0

1

7

Marc Maiffret

@marcmaiffret

11 years

$10,025 raised, big thanks to all. Leaving active while i figure out funds transfer to Khalil http://t.co/4B6DqprbLs

6

12

6

Marc Maiffret

@marcmaiffret

9 years

@0xdabbad00 in the same way that their new cloud based operations manager pales compared to @splunk . Will @Azure MS fully enter security?

0

6

Marc Maiffret

@marcmaiffret

9 years

EMET 5.2 released, great for standard corp desktop images where compatibility challenges can be overcome. http://t.co/HvyXZHjsqr

1

9

6

Marc Maiffret

@marcmaiffret

3 years

E.g. Drop to spool\drivers\W32X86 pEnvironment: Windows NT x86 pDriver: ntprint_inf_x86 (Get-PrinterDriver for valid x86 paths) pConfig: syswow64\kernelbase Then recall normal x64 exploit against the .dll you dropped in spool\drivers\W32X86 etc...

0

6

Marc Maiffret

@marcmaiffret

3 months

@Laughing_Mantis This was the local news thing that Derek and I did. He leveraged his CSRSS privesc, Vista specific, but paired it with your MSPUB vuln (at time not patched by MS) so we could make the “hacking vista” more complete/interesting to average users.

Hacking Vista: Easier than you'd think

Local hackers who've gone legit show how even Windows Vista is prone to security breaches. PC security experts from eEye Digital in Aliso Viejo demonstrate h...

www.youtube.com

2

6

Marc Maiffret

@marcmaiffret

8 years

Trump on dnc hacks, "maybe Russia or China or some 400lb guy on a bed somewhere" to all my 400lb hacker stereotype friends; the jig is up.

1

2

6

Marc Maiffret

@marcmaiffret

11 months

Had fun last weekend talking to my podcast co-host James Maud. He attempted to drag Okta honeypot info out of me, almost!

0

5

Marc Maiffret

@marcmaiffret

6 years

Massive congrats to friends at @cylanceinc

TechCrunch

@TechCrunch

6 years

BlackBerry is buying Cylance for $1.4 billion to continue its push into cybersecurity by @jonrussell

12

53

73

0

1

6

Marc Maiffret

@marcmaiffret

6 years

@Kym_Possible @hackerfantastic @gsuberland @Fox0x01 @zackwhittaker @msftsecresponse Haha much love. Yeah just playing, became good friends with many in MSRC. Passionate people trying to improve security do not always agree on the best way to go about it and that is ok.

0

5

Marc Maiffret

@marcmaiffret

4 years

The SolarWinds “intern password” is more noteworthy as it relates to the ransomware groups that have been targeting managed IT companies vs. being at all useful to measure advanced intel. team operations.

1

0

5

Marc Maiffret

@marcmaiffret

3 months

@Laughing_Mantis Seriously watching you discover your second (real :)) Office vuln that weekend was one of the happiest moments of my career. Whole team was on it but everyone was without a doubt hoping it would be you, knowing how much it would mean to you. Love you dude, thanks for sharing that

2

0

4

Marc Maiffret

@marcmaiffret

8 years

Quick test of high level @metasploit functionality looks to work under Bash for Windows(Windows Subsystem for Linux)

0

2

5

Marc Maiffret

@marcmaiffret

8 years

Song on new @whoismrrobot trailer is "Nice To Meet Me" on album Ronin by @Zack_Hemsey . Go support him directly at

0

1

5

Marc Maiffret

@marcmaiffret

4 years

@FortyNorthSec Cool, reminder in other scenarios can just ps it $C = New-Object .SQLClient.SQLConnection $C.ConnectionString = “serv” $C.Open() $M = $C.CreateCommand() $Command.CommandText = “mycmd” $D = $M.ExecuteReader() while ($D.Read()) { $D.GetValue($1) } $C.Close()

1

5

Marc Maiffret

@marcmaiffret

10 years

#NSA "china hackers bad, no stopping" - "Wait nevermind, I'm retired, totally have the solution now."

0

5

Marc Maiffret

@marcmaiffret

6 years

2002 I found an RCE in NAI's PGP Outlook plug-in. Victim views email, attacker executes code. 2018 *steal victims email*, send back to them repeatedly to decrypt. #efail like most named vulns, is an example of progress in security or the continued decline of public vuln research.

0

4

Marc Maiffret

@marcmaiffret

2 years

@Laughing_Mantis @DennisF @aaronportnoy @RandoriAttack @springframework @FabiusArtrel That one time Tenable “borrowed” our remote check without knowing we embedded a secret string. I can’t remember what Derek had put for the string but something saucy I’d assume. Miss you hommies and good stuff as always @RandoriAttack

1

0

4

Marc Maiffret

@marcmaiffret

9 years

@0xdabbad00 or it could be to the threat analytics world what MBSA was to vulnerability assessment. Heh

2

0

4

Marc Maiffret

@marcmaiffret

10 years

MS14-063 – FastFat vulnerability fixed years ago… http://t.co/5ubw1p6bts via @sharethis

1

5

4

Marc Maiffret

@marcmaiffret

2 years

I was recently interviewed on the @moderncto_io podcast by Joel Beasley. They did their homework, even asked about one of the times I got cursed out on the phone by a leader of Microsoft’s security team.

0

4

Marc Maiffret

@marcmaiffret

4 years

Something weirdly nostalgic about this... my buddy and I ditching class to go see what new hits we had in PhoneTag. Personally think it would be hilarious if there are some kids out there zoom dialing while they are stuck home during lockdown.

briankrebs

@briankrebs

4 years

Automated Zoom conference meeting finder 'zWarDial' discovers ~100 meetings per hour that aren't protected by passwords. The tool also has prompted Zoom to investigate whether its password-by-default approach might be malfunctioning

30

769

1K

0

4

Marc Maiffret

@marcmaiffret

5 years

@richinseattle Sometimes you have to hit 'em hard with that `perl -e 'print "A"x1337'`

1

0

4

Marc Maiffret

@marcmaiffret

5 years

@egyp7 @scriptjunkie1 Reminds me of failing my typing class in 9th grade. I was faster than the teacher but did not use home row so I was told I was goofing around. Which I guess if someone was hacking the districts VMS during class that would count as goofing around? 🤔

0

4

Marc Maiffret

@marcmaiffret

10 years

@msftsecurity Not Internet legend. Ryan Permeh and I named CodeRed after the same named Mountain Dew soda we were drinking while analyzing.

2

4

Marc Maiffret

@marcmaiffret

9 years

Two-factor authentication startup Duo Security raises $30M to launch a platform http://t.co/lHSPFVK8Yq

0

4

Marc Maiffret

@marcmaiffret

3 years

@0vercl0k @HenkPoley Nice POC @0vercl0k ! For others asking about other processes bound via http.sys: netsh http show servicestate - correlate listener url to PID/software etc. netsh http show urlacl - is also useful.

1

0

4

Marc Maiffret

@marcmaiffret

7 years

@dugsong @cnoanalysis Generation later infosec companies still define anomaly as "Something bad![tm]" vs. "something different, abnormal, peculiar, or not easily classified." And is adding keywords like chocolatey to your PowerShell command line, to bypass popular EDR solutions, the new fragmentation?

1

0

3

Marc Maiffret

@marcmaiffret

10 years

@dinodaizovi When I see Netscape I always think of this from solar designer http://t.co/khdrg29Cq9 so much awesome there.

1

3

4

Marc Maiffret

@marcmaiffret

5 years

@DennisF @TheBrianDonohue @DennisF getting his Larry King on! That was fun to listen to again. I particularly like my snarky old guy comment about the kids having it easy with LinkedIn whereas we had to put on some old clothes and jump into corporate trash dumpsters.

How I Got Here: Marc Maiffret

Dennis Fisher talks with Marc Maiffret about his teenage years as a phone phreaker and BBS denizen, the early years of the vulnerability research scene, the Code Red worm and its aftermath and how...

threatpost.com

1

0

4

Marc Maiffret

@marcmaiffret

6 years

Most orgs barley control what binaries are on their systems let alone the nuance of legitimate apps having their configuration modified to make them work as a backdoor. Whether it be this example of Absolute Software Lojack, Tanium, AD/SS, backup software... the list goes on.

Kim Zetter

@KimZetter

6 years

Lojack, the software companies embed in employee computers to track their location if stolen, was found to contain callback references to malicious command-and-control servers known to be used by the Russian nation-state hacking group Fancy Bear

14

677

727

0

1

4

Marc Maiffret

@marcmaiffret

3 years

netsh http show urlacl is also a helpful command. If you work in offense or defensive you should understand the nuance of how http.sys works. You know, bypassing some EDR among other things.

0

3

Marc Maiffret

@marcmaiffret

8 years

Time for JavaScript dev civil disobedience? aka: How Trump almost had Putin kissy face on his donation page.

0

4

Marc Maiffret

@marcmaiffret

5 years

@4Dgifts @ortegaalfredo @mis2centavos Ah nice, we should definitely have more voting security hinge on the ability for people to write file parsers - let alone not leverage outdated ones. :-p

0

1

4

Marc Maiffret

@marcmaiffret

9 years

@haroonmeer @WeldPond Worms were largely what drove MS customers to demand better. Mass of CVEs doesn't outrage; exploitation at scale does.

1

0

3

Marc Maiffret

@marcmaiffret

11 years

I hear the NSA is running their own Wall of Sheep at RSA for the Apple SSL bug.

2

10

3

Marc Maiffret

@marcmaiffret

8 years

Ransomware rising; CC & identity continues to lose value. Easier to lock people out of their data than find new unique ways to monetize it.

0

2

3

Marc Maiffret

@marcmaiffret

7 years

Man Fined $500 for Crime of Writing 'I Am An Engineer' in an Email to the Government via @motherboard

0

1

3

Marc Maiffret

@marcmaiffret

6 years

@Kym_Possible @hackerfantastic @gsuberland @Fox0x01 @zackwhittaker @msftsecresponse And if you do get cursed out on the phone by the head of MSRC you just send them a remote SYSTEM the day they release the patch for the last one, repeat 4 times. #eEye I guess these days that would be an Electron injection flaw in MS Teams or whatever the kids are doing. :-p

1

0

3

Marc Maiffret

@marcmaiffret

9 years

Years old NSA note on limiting workstation to workstation communication to prevent lateral movement: #enigma2016

0

3

Marc Maiffret

@marcmaiffret

4 years

@Laughing_Mantis @khaxan Is this where I quote top gun and say you can be my wing man any day? Or like we go roller blading through grand central? I would not break myself on roller blades for many people, would for @Laughing_Mantis though.

1

0

3

Marc Maiffret

@marcmaiffret

6 years

@aaronportnoy I love Boulder, was there last summer climbing Sharkstooth in RMNP. If you are still there grab brunch at The Buff.

1

0

3

Marc Maiffret

@marcmaiffret

11 months

@cstanley @Laughing_Mantis 0xF4

1

0

3

Marc Maiffret

@marcmaiffret

7 years

Attackers Backdoor Another Software Update Mechanism: via @threatpost

0

3

Marc Maiffret

@marcmaiffret

5 years

@dugsong Guttermouth, 98ish, first time crowd surfing also. Learned quick that a song ending drops you faster than gravity (punk physics, don't question it).

0

3

Marc Maiffret

@marcmaiffret

9 years

Former Tiversa investigator says firm faked LabMD breach findings http://t.co/rhIoQHB0d4 via @scmagazine

0

5

3

Marc Maiffret

@marcmaiffret

3 years

@bascule I feel that! Strict egress filtering/detection on servers feels timeless as a 'good security thing' (tm). The Rainbow Books are covered in the tears of those who have never learned security physics or maybe security first principals or maybe I dunno but egress filtering is cool.

0

3

Marc Maiffret

@marcmaiffret

13 years

Hack from 1903. Hacked co more interested in finding attacker than fixing problem. not much has changed in 100yrs http://t.co/Jov3wRa3

0

5

3

Marc Maiffret

@marcmaiffret

11 months

@cstanley @HackingLZ Once you huffman encode you never go back

0

3

Marc Maiffret

@marcmaiffret

10 years

Where is AOHell for the facebook generation?

1

0

3

Marc Maiffret

@marcmaiffret

9 years

@dinodaizovi had my raid as a teen led to arrest, I would be most likely getting out of jail around now with the new proposed laws.

0

4

3