IAMERICA @EricaZelic
Still exploiting weak passwords for fun and profit. Your perception is not my reality. Posts don't represent my employer(s). ericazelic.medium.com 0.0.0.0/0 Joined June 2018-
Tweets23K
-
Followers7K
-
Following4K
-
Likes85K
Please make it stop Merill I'm still trying to learn the old stuff 🥹😭😣🥺🤕
Please make it stop Merill I'm still trying to learn the old stuff 🥹😭😣🥺🤕
Me waiting for the "near real-time" token rejection of Continuous Access Evaluation to actually start rejecting tokens.
AWS Monthly Budget 💰Revenue: $10,000 Lambda: ~$2,300 Load Balancing: $750 Firewall-as-a-Service: $1,600 S3 PUT Requests: $732,943 VPN: $163 Someone who is good at the cloud, please help, my resources are starving.
I got busted by Smart Lockout. @UK_Daniel_Card had to explain it to me 😂
Life is like a toilet paper roll because it’s really long at the start but the more you pull the faster it seems to run out
Waiting between sprays feels like an eternity sometimes
About to start spraying... Hope I don't lock anyone out 😳😬
How I feel right now in my stomach. The nerves are killing me a little. I might have a beer. 🍻 #impostersyndrome
How I feel right now in my stomach. The nerves are killing me a little. I might have a beer. 🍻 #impostersyndrome
Hackers back then vs now
I wrote some of my thoughts on work prioritization and team culture. I welcome your thoughts. imposecost.net/post/work-prio…
You know what I love about TeamFiltration made by @Flangvik ? You can provide the email and password list, automate spraying to occur at whatever interval best suits the password policy, rotate IPs, and rotate passwords being tried per user. It's so cool. It does take some…
What are passkeys? Explained in under 4 minutes youtu.be/bdp8RdjV6PU?fe… via @YouTube
I updated ADeleginator to include the current users groups in the list of "Unsafe Trustees" if they are not Tier 0 resources. Find those delegation issues faster than ever! :D Go go ADeleginator!! github.com/techspence/ADe…
Another example - Troopers and x33fcon have THE BEST talks
My two favorite conferences to watch talks from are Trooper and X33fcon. Below is a great example why. Can't wait to see this!
Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsmRr3b00t @UK_Daniel_Card
93K Followers 7K Following 真理的揭露者 Quis custodiet ipsos custodes fella in cyberspace #nafo undercover #FVEY Lovely Horse #fella #meme #farm #appreciator #cyber #specialistDave Kennedy @HackingDave
207K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Podcast. Fam First/Hacker/CSO/USMC/Intel/Fitness. Motto: Make world a better placeFlorian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇ippsec @ippsec
111K Followers 350 FollowingJohn Hammond @_JohnHammond
240K Followers 2K Following Hacker. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSClGrzegorz Tworek @0gtweet
30K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-Filip Dragovic @filip_dragovic
6K Followers 1K FollowingDebugPrivilege @DebugPrivilege
37K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.Jean @Jean_Maes_1994
11K Followers 1K Following Director of Advanced Assessments -EU @neuvik | @sansoffensive Certified instructor/SEC565 author/SEC699 co author https://t.co/haRI3ruvlgRad @rad9800
6K Followers 834 Following labs @praetorianlabs opinions are my own and not of my employerVincent Yiu @vysecurity
27K Followers 203 Following Follow me for Cybersecurity #Thought #Leadership. Director Red Team. Help organizations safeguard their businesses from the bad guys.sn🥶vvcr💥sh @snovvcrash
10K Followers 439 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of Pentester’s Promiscuous Notebook (https://t.co/rL1sv5A2R7) :: He/him :: Tweets’re my pwn 🐣Charlie Bromberg « .. @_nwodtuhs
13K Followers 648 Following Trying to hack the way we hack things 🏴☠️mgeeky | Mariusz Bana.. @mariuszbit
11K Followers 611 Following 🔴 Red Team operator, ex-MWR/F-Secure pentester, ex-AV engine developer @ESET, green tea addict. 🫖 @[email protected]Corgi @corg_e
48K Followers 3K Following ssh’d into the espresso machine // chaotic neutral // (mostly) harmless pentester // president @bsidesnash // organizes @defcon615Greg Linares (Laughin.. @Laughing_Mantis
29K Followers 2K Following 20+ yrs in Infosec. Cybergoth. Musician. Autistic. Art @MalwareArt. 4x Pwnie Nominee. Red Teamer. 𝕍𝕏. Chronic Illness Fighter. I love Smite, Gamedev & SynthsMarcello @byt3bl33d3r
29K Followers 531 Following CyBeRsEcUrItY | Not afraid to put down with some THICC malware on disk | securing and breaking AI @ProtectAICorp | Ex @spacexwairimumaringa @w_mmaringa
117 Followers 66 Following Defensive security | Researcher | CCD, Security+, AZ-900, SC-900 | 🐍🌻🏋🏽♀️Let's talk about Sec,.. @donnysec
25 Followers 117 Following Cybersecuritist. 4-string guitarist. Separatist. Cyclist.Jenny 🏴�.. @ha1fling
8K Followers 3K Following 5’2. Hacks, codes & drinks tea. 🧘🏻♀️ PhD student and treehugger. 🌱 @cardiffuni @cusoftacademyJenny woods @jenny_wood59892
0 Followers 24 Following Enterprenue📈💼 Adventurer 🏃♀️ Goalz, Gains and Achievements🗯🥇nopwnnogain @nopwnnogain1
21 Followers 335 FollowingRalf Ackermann @_rac01
2K Followers 5K Following Updated April 24 - Tweets / photos may need some -German- to xyz translation. Working on distributed systems and IoT for a while. Trying to share what matters.ThoughtContagion @Cyb3r4rch3r
4 Followers 187 Following Masher of buttons, breaker of things, occasional fixer of said broken things...Ren @faithin_it
601 Followers 3K FollowingShownLeon @ShownLeon
7 Followers 51 FollowingTy Hubbard @TyHubbard13
5 Followers 54 FollowingMeat Hurt @redteamurderman
7 Followers 47 FollowingKLEA ♥ @RihBreezyBieber
8K Followers 5K Following @JustinBieber Followed, RT& Replied me On 25/9/2011♥ @Rihanna retweeted me on 12/11/11 @OneDirection Followed me on 31.01.12 @ArianaGrande Followed.CyberXtian @cyber_xtian
127 Followers 2K FollowingMax @Max36757436
10 Followers 126 FollowingAustin Davis @Blazingeagle0
58 Followers 468 FollowingPlay Football @football_p53721
17 Followers 218 FollowingAlexander nguyen @XionnguyenNight
0 Followers 9 FollowingOmer Baig @obaig11
171 Followers 520 Following NFL, Cyber Security & #DFIR Enthusiast. Opinions expressed are mine, mine to me.Mo0n Sha𝄞ow @null001__
47 Followers 2K FollowingAma @Ama_world
49 Followers 520 FollowingJames 🏴�.. @two06
2K Followers 448 Following Red Team @ somewhere. Hacker of things, writer of bad code. This is our world now... the world of the electron and the switch, the beauty of the baud.Soul @desoul99
21 Followers 245 Followingshadowlights @shadow_lights
13 Followers 70 FollowingSteven Lorenz @ps_lorenz
192 Followers 770 Following Steven Lorenz, Information security engineer, hobbyist woodworker, runner. Tweets are my own.Antoine @a_ferron
2K Followers 3K Following Digital Security Engineer, Founder @bit_logik, CTO @cardhoc, Telecommunication, InfoSec, Crypto, Electronic, Blockchain, Fintech, AccessCtrlSebastian @cyberphunk27
56 Followers 580 Following Info-Sec victim, still trying to find a threat-model, tells people what to do but no one listens... Wait, where did you go? @[email protected]raphdedge @raphdedge
111 Followers 5K FollowingF. @keinDeutsch_
129 Followers 288 FollowingNolly @hailnolly
938 Followers 639 Following ⚽️ NFFC | 💻 Cybersecurity Engineer | 🧑🦰 Ginger | 🧠 Neurodivergent | 🏳️🌈 ♿️ Ally | ☕️ Black Coffee | 🎧 Black MetalRio Ogino @rioogino
76 Followers 3K FollowingNathan McNulty @NathanMcNulty
13K Followers 924 Following Loves Jesus, loves others | Husband, father of 4, security solutions architect, love to learn and teach | @TribeOfHackers | 🐘infosec.exchange@nathanmcnultyJulian Stephan @JulianSStephan
191 Followers 1K Following "Lead by example. Be honest. Hold nothing back." -@PatFlynn Architect in design, security, and migration to #Microsoft365 and #Azure @Quest.vx-underground @vxunderground
292K Followers 211 Following The largest collection of malware source code, samples, and papers on the internet. Password: infectedJustin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsmRr3b00t @UK_Daniel_Card
93K Followers 7K Following 真理的揭露者 Quis custodiet ipsos custodes fella in cyberspace #nafo undercover #FVEY Lovely Horse #fella #meme #farm #appreciator #cyber #specialistDave Kennedy @HackingDave
207K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Podcast. Fam First/Hacker/CSO/USMC/Intel/Fitness. Motto: Make world a better placeFlorian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇ippsec @ippsec
111K Followers 350 FollowingJohn Hammond @_JohnHammond
240K Followers 2K Following Hacker. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSClGrzegorz Tworek @0gtweet
30K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-Filip Dragovic @filip_dragovic
6K Followers 1K FollowingDebugPrivilege @DebugPrivilege
37K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.Jean @Jean_Maes_1994
11K Followers 1K Following Director of Advanced Assessments -EU @neuvik | @sansoffensive Certified instructor/SEC565 author/SEC699 co author https://t.co/haRI3ruvlgRad @rad9800
6K Followers 834 Following labs @praetorianlabs opinions are my own and not of my employerVincent Yiu @vysecurity
27K Followers 203 Following Follow me for Cybersecurity #Thought #Leadership. Director Red Team. Help organizations safeguard their businesses from the bad guys.sn🥶vvcr💥sh @snovvcrash
10K Followers 439 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of Pentester’s Promiscuous Notebook (https://t.co/rL1sv5A2R7) :: He/him :: Tweets’re my pwn 🐣Oliver Lyak @ly4k_
8K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KICharlie Bromberg « .. @_nwodtuhs
13K Followers 648 Following Trying to hack the way we hack things 🏴☠️wairimumaringa @w_mmaringa
117 Followers 66 Following Defensive security | Researcher | CCD, Security+, AZ-900, SC-900 | 🐍🌻🏋🏽♀️Let's talk about Sec,.. @donnysec
25 Followers 117 Following Cybersecuritist. 4-string guitarist. Separatist. Cyclist.Jenny 🏴�.. @ha1fling
8K Followers 3K Following 5’2. Hacks, codes & drinks tea. 🧘🏻♀️ PhD student and treehugger. 🌱 @cardiffuni @cusoftacademyRalf Ackermann @_rac01
2K Followers 5K Following Updated April 24 - Tweets / photos may need some -German- to xyz translation. Working on distributed systems and IoT for a while. Trying to share what matters.Ren @faithin_it
601 Followers 3K FollowingShownLeon @ShownLeon
7 Followers 51 FollowingOmer Baig @obaig11
171 Followers 520 Following NFL, Cyber Security & #DFIR Enthusiast. Opinions expressed are mine, mine to me.James 🏴�.. @two06
2K Followers 448 Following Red Team @ somewhere. Hacker of things, writer of bad code. This is our world now... the world of the electron and the switch, the beauty of the baud.Ama @Ama_world
49 Followers 520 FollowingF. @keinDeutsch_
129 Followers 288 Followingraphdedge @raphdedge
111 Followers 5K FollowingRio Ogino @rioogino
76 Followers 3K FollowingNolly @hailnolly
938 Followers 639 Following ⚽️ NFFC | 💻 Cybersecurity Engineer | 🧑🦰 Ginger | 🧠 Neurodivergent | 🏳️🌈 ♿️ Ally | ☕️ Black Coffee | 🎧 Black MetalSebastian @cyberphunk27
56 Followers 580 Following Info-Sec victim, still trying to find a threat-model, tells people what to do but no one listens... Wait, where did you go? @[email protected]Soul @desoul99
21 Followers 245 FollowingSteven Lorenz @ps_lorenz
192 Followers 770 Following Steven Lorenz, Information security engineer, hobbyist woodworker, runner. Tweets are my own.Antoine @a_ferron
2K Followers 3K Following Digital Security Engineer, Founder @bit_logik, CTO @cardhoc, Telecommunication, InfoSec, Crypto, Electronic, Blockchain, Fintech, AccessCtrlJulian Stephan @JulianSStephan
191 Followers 1K Following "Lead by example. Be honest. Hold nothing back." -@PatFlynn Architect in design, security, and migration to #Microsoft365 and #Azure @Quest.hazard_209 @hazard_209
160 Followers 1K Following Interested is technology, 3D printing, Making, and video games. Lover of dogs, scotch, bourbon, beer, and learning new things. IT Systems Administrator.Patrick Hess @d31337antics
50 Followers 907 Following I love me some technology! Powershell all the things! My opinions are my own.[email protected].. @efutch
1K Followers 3K Following Identity And Access Mgmt IAM;Sec in DevSecOps;Speaker TEDx,BSides,ISACA,Interop; Prof Compilers, Operating Systems. Science fiction,rock 🎶;opinions are my ownAbu @AbuNakhuda
249 Followers 644 Following🦊 deploy @FoxDeploy
4K Followers 1K Following Currently Cloud Software Engineer. Formerly Microsoft MVP. Super into foxes.Aliasn00bed @alostkender
523 Followers 2K Following Veteran | GRC | Tech Enthusiast | Bibliophile | Polyamorous | Neurodivergent | Compliance | Bad Legal Ideas | All tweets are my own opinion. ***NOT A LAWYER***Your.Demo.Master @YourDemoMaster
282 Followers 5K FollowingBester Marder im Park.. @Phozz4
298 Followers 4K Following Teutonic Afghan. Phō/Tahdig/Sarma, Rhenish Beansoup appreciator. Research Afghanistan 63-'78 legislation and Constitution of '64 & prime minister Dr. M. YusufJohan Andersson @jmanderssonx
23 Followers 250 FollowingJan Zamoysky @JanZamoysky
176 Followers 822 Following Personal infosec bookmarks and random, often political rants. You have been warned.Michael Kjærgaard @MikeKjaergaard
171 Followers 2K FollowingReveald @RevealdCyber
224 Followers 299 FollowingChris O'Rourke @RsThrive
653 Followers 2K Following Hacking and Investing in tech Prior; Founder @SoteriaSecurity, @Alienvault, @Apple, @NSAgov, @USArmyshilohme @1Loveat
5 Followers 181 FollowingJames (he/him) @itcatherder
448 Followers 922 Following IT Director, nerd, father, a blue dot in a red blob in a blue state. Am I still a single dad if I am 50 and my kids are both in their early 20s?💙Chris Johnson @zeceej
110 Followers 646 Following Is top boffin of the IT crowd at work, thats aboot it really! Clam chowder!zayu67890 @Prankword911
33 Followers 585 FollowingDurga Mishra @durgabaps
62 Followers 2K Following@NevrWinsTheGame @DoomsdayGoth You can also do a sweep of all private ip space, looking for ping replies, open ports, and snmp public queries of switch arp tables… all possible with nmap.
@DoomsdayGoth For a new job, talk with the network engineer and get a hold of their vlan documentation. If they don't have that, could be a sign of it. You'd need to use the discovery protocols (cdp, lldp) from the core switch to find neighbor devices. MikroTik's "The Dude" is handy here.
@NevrWinsTheGame I kinda get it, but how would you know if an organization has a flat network?
@DoomsdayGoth It's a network with no segments. Meaning you can reach any part of the network from any other part of the network. Bad for security because that means the bad guy™ can too.
@DoomsdayGoth Everything is on a single subnet, no layer 3 switching, no vlans, ect.
⚡ Check out this new Microsoft Entra blog post 👇 Announcing General Availability of Microsoft Entra External ID techcommunity.microsoft.com/t5/microsoft-e…
I fucking LOVE cooking! It's fucking awesome.. from Italian through to BBQs! If that's not manly... I'm not sure what is...
@awakecoding @SamErde A less elegant but easier way is just drop on the network segment and run this in monitor mode. It's also easier if you're using VLANs and can just trunk them to a test box. github.com/lgandx/Respond…
@HackingLZ @SamErde I wonder if there's a way to log and audit the DnsClient APIs to return the source of the name resolution result (DNS versus non-DNS). Maybe this could be a good way to catch where problems would be before you break things
@awakecoding @SamErde A lot of times it will break some legacy app connecting to a SQL server and nobody can figure out why
@awakecoding @SamErde No what usually happens when pentesters tell clients to disable them is you figure out where DNS didn't work and its bad. Normally we suggest making the change on client networks first followed by server and making sure people realize the change was made.
@HackingLZ @SamErde Is there a reason to keep NetBIOS and LLMNR enabled if DNS works?
@awakecoding @SamErde Fair fair NetBIOS/LLMNR just disable them like the pentest said and this won't be an issue.
@SamErde @awakecoding You all are just asking for pentesters to show up in this thread
@EricaZelic One day, I'll be half as cool as you.🫡
To all the IT Admins and SOC Analysts and pentesters and red teamers and everyone else who contributes to try and make the world a safer place, your efforts matter and they are working. No stats are perfect and it doesn’t tell the whole story but it’s a hopeful data point. 🙏🙏
This is one of the best depictions of actual improvement in the infosec industry I've ever seen. If you've ever wondered if you're having an impact, you are. From Mandiant's 2024 report: services.google.com/fh/files/misc/… We discuss this and more on the upcoming #SecurityNoise podcast. 😁
Me waiting for the "near real-time" token rejection of Continuous Access Evaluation to actually start rejecting tokens.
@EricaZelic No xkcd.com/1053/ , please continue ✅