Antoine (@antoinedss) Twitter Tweets • TwiCopy

Antoine

@antoinedss

+ Follow

Working at @balliskit as a macOS offensive developer. Tweets are my own.

ID: 1762144905940312064

calendar_today26-02-2024 15:58:10

8 Tweet

27 Followers

49 Following

Emeric Nasi

@emericnasi

9 months ago

Good News my RedTeam friends! New BallisKit tool to target MacOs: DarwinOps 😎 Features: - On shelf initial access scenarios - Multiple formats - Obfuscation methods and EDR bypass options - Privilege escalation and persistence - Compatible with several C2 #redteam

thumb_up_off_alt88

chat_bubble_outline2

repeat24

shareShare

BallisKit

@balliskit

6 months ago

Redteaming on MacOS is hard... But BallisKit can help you! You can use DarwinOps to weaponize a Mythic C2 implant for MacOS and bypass EDRs! Checkout this blog Post by Antoine #redteam blog.balliskit.com/setup-and-weap…

thumb_up_off_alt230

chat_bubble_outline1

repeat57

shareShare

BallisKit

@balliskit

5 months ago

Bypassing EDRs on MacOS can be a challenge. In our new blog post, Antoine describes how EDRs leverage MacOS Network Extension to detect C2s and how to bypass this kind of detection using Mythic Apfell as an example. #redteam blog.balliskit.com/when-osascript…

thumb_up_off_alt198

chat_bubble_outline2

repeat56

shareShare

Antoine

@antoinedss

5 months ago

Getting into the mindset of a defensive security developer has been much easier than diving into pure reverse engineering. There’s still a lot of ground to cover and many potential bypasses to explore when it comes to EDRs on macOS.

thumb_up_off_alt6

chat_bubble_outline0

repeat0

shareShare

Antoine

@antoinedss

4 months ago

❤️💙 we're going to do it !

thumb_up_off_alt0

chat_bubble_outline0

repeat0

shareShare

Atsika

@_atsika

4 months ago

ProxyBlob is alive ! We’ve open-sourced our stealthy reverse SOCKS proxy over Azure Blob Storage that can help you operate in restricted environments 🔒 🌐 github.com/quarkslab/prox… Blog post for more details right below ⬇️

thumb_up_off_alt104

chat_bubble_outline2

repeat40

shareShare

Antoine

@antoinedss

4 months ago

beware of all applications developed in-house, where security may not be as strong as in a public app !

thumb_up_off_alt5

chat_bubble_outline1

repeat2

shareShare

BallisKit

@balliskit

2 months ago

MacOS security is very different from Windows. DarwinOps, our redteam tool targeting MacOS can help you tackle that issue! Antoine just posted on our blog to help you understand the basics of initial access on MacOS with DarwinOps #redteam blog.balliskit.com/macos-initial-…

thumb_up_off_alt52

chat_bubble_outline0

repeat17

shareShare

BallisKit

@balliskit

a month ago

We are adding a binary injection vulnerability scanner to DarwinOps! -> A DarwinOps JXA template -> Scan for Injection vulnerabilities in binaries and Apps Vulnerable binaries could be abused to bypass EDR, hide a backdoor, access memory, or bypass TCC! #redteam

thumb_up_off_alt16

chat_bubble_outline0

repeat3

shareShare

BallisKit

@balliskit

a month ago

MacOS DMG phishing templates are coming in the next DarwinOps release! Ready to use, configurable, and with new GateKeeper bypass strategies! #redteam

thumb_up_off_alt24

chat_bubble_outline1

repeat8

shareShare

The Lincoln Project

@projectlincoln

21 days ago

Trump said repeatedly he would "end the war in 24 hours." It's been 207 days. No deal.

thumb_up_off_alt15,15K

chat_bubble_outline662

repeat4,4K

shareShare