Matt Ehrnschwender
@cybershenanigans.space
Security person who likes writing code
Finally releasing a project publicly I have been pretty excited about. Here is Boflink, a linker for Beacon Object Files. github.com/MEhrn00/bofl...
Supporting blog post about it. blog.cybershenanigans.space/posts/boflin...
Supporting blog post about it. blog.cybershenanigans.space/posts/boflin...
GitHub - MEhrn00/boflink: Linker for Beacon Object Files
Linker for Beacon Object Files. Contribute to MEhrn00/boflink development by creating an account on GitHub.
github.com
May 30, 2025 at 8:18 PM
Finally releasing a project publicly I have been pretty excited about. Here is Boflink, a linker for Beacon Object Files. github.com/MEhrn00/bofl...
Supporting blog post about it. blog.cybershenanigans.space/posts/boflin...
Supporting blog post about it. blog.cybershenanigans.space/posts/boflin...
Windows OpenSSH agent will store SSH keys under "HKCU:Software\OpenSSH\Agent\Keys". It's on my TODO list to write a tool that will extract these and decrypt them if needed
April 10, 2025 at 10:00 PM
Windows OpenSSH agent will store SSH keys under "HKCU:Software\OpenSSH\Agent\Keys". It's on my TODO list to write a tool that will extract these and decrypt them if needed
Reposted by Matt Ehrnschwender
First: Visual Studio Code
Visual Studio Code stores it's cached tabs at %APPDATA%\Code\Backups\<guid>\
The untitled temporary tabs will be found in the untitled folder, and each file contains the contents of those tabs
Visual Studio Code stores it's cached tabs at %APPDATA%\Code\Backups\<guid>\
The untitled temporary tabs will be found in the untitled folder, and each file contains the contents of those tabs
April 8, 2025 at 4:16 PM
First: Visual Studio Code
Visual Studio Code stores it's cached tabs at %APPDATA%\Code\Backups\<guid>\
The untitled temporary tabs will be found in the untitled folder, and each file contains the contents of those tabs
Visual Studio Code stores it's cached tabs at %APPDATA%\Code\Backups\<guid>\
The untitled temporary tabs will be found in the untitled folder, and each file contains the contents of those tabs
Reposted by Matt Ehrnschwender
Not sexy things, but they make my day-to-day usage much better. I've seen many people bemoan about Ghidra 's interface. My experience with ANY tool is that things don't change unless the problem is reported to the devs. So reach out and lay out your concerns - they'll respond!
February 7, 2025 at 9:00 PM
Not sexy things, but they make my day-to-day usage much better. I've seen many people bemoan about Ghidra 's interface. My experience with ANY tool is that things don't change unless the problem is reported to the devs. So reach out and lay out your concerns - they'll respond!
This is a pretty handy trick that I don't commonly see people doing. It's possible to embed a large file in a C/C++ program without needing to create a giant header file for it. Here's a slightly (...very) detailed blog post on it blog.cybershenanigans.space/posts/embedd...
Embedding Files in C/C++ Programs
Background Recently, I came across a post on X by @0xTriboulet asking how to deal with large header files in Visual Studio projects https://x.com/0xTriboulet/status/1878139439714558169.
intelligence i...
blog.cybershenanigans.space
January 13, 2025 at 11:30 PM
This is a pretty handy trick that I don't commonly see people doing. It's possible to embed a large file in a C/C++ program without needing to create a giant header file for it. Here's a slightly (...very) detailed blog post on it blog.cybershenanigans.space/posts/embedd...
🔥🔥🔥
We just merged a massive PR from @bouj33boy.bsky.social
into Misconfiguration Manager. It includes updated DETECTs 4-5, new DETECTs 6-9, and RECON-7. Check it out here:
github.com/subat0mik/Mi...
into Misconfiguration Manager. It includes updated DETECTs 4-5, new DETECTs 6-9, and RECON-7. Check it out here:
github.com/subat0mik/Mi...
GitHub - subat0mik/Misconfiguration-Manager: Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidan...
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance. - subat0mik/Misconfiguration-Manager
github.com
December 4, 2024 at 7:02 PM
🔥🔥🔥
Reposted by Matt Ehrnschwender
Giving Advent of Code 2024 a go, first time using Rust so makes a nice challenge while learning something new D
December 1, 2024 at 7:18 PM
Giving Advent of Code 2024 a go, first time using Rust so makes a nice challenge while learning something new D
Reposted by Matt Ehrnschwender
It's that time of year again everybody! I want to know YOUR thoughts on Mythic! What did you like? What could be improved? What would you like to see next? Why do you or don't you use it? If you could change something, what would it be? www.surveymonkey.com/r/MythicPlan... I'm all ears :)
a woman wearing glasses says please with her hand up
ALT: a woman wearing glasses says please with her hand up
media.tenor.com
November 25, 2024 at 5:35 PM
It's that time of year again everybody! I want to know YOUR thoughts on Mythic! What did you like? What could be improved? What would you like to see next? Why do you or don't you use it? If you could change something, what would it be? www.surveymonkey.com/r/MythicPlan... I'm all ears :)
Look, I get it. We've normalized running ads in search results for companies to try to make more money. But I really don't need an ad for buying "linux kernel modules" on Amazon 🤦
November 22, 2024 at 9:36 PM
Look, I get it. We've normalized running ads in search results for companies to try to make more money. But I really don't need an ad for buying "linux kernel modules" on Amazon 🤦
Reposted by Matt Ehrnschwender
you want a patchless amsi bypass?
November 21, 2024 at 4:54 PM
you want a patchless amsi bypass?
Since this is turning into the the infosec social media platform, I've been working on trying to keep up with my security/technical related blog. I just released a new blog post: "Writing Beacon Object Files Without DFR" blog.cybershenanigans.space/posts/writin...
Writing Beacon Object Files Without DFR
Intro Beacon Object Files have become very popular for red teams to add additional capabilities on the fly without needing to include the overhead of a reflective DLL or .NET assembly. This advantage ...
blog.cybershenanigans.space
November 18, 2024 at 8:37 PM
Since this is turning into the the infosec social media platform, I've been working on trying to keep up with my security/technical related blog. I just released a new blog post: "Writing Beacon Object Files Without DFR" blog.cybershenanigans.space/posts/writin...