A:\fie @emenalf
Cyber Security || Bug Bounty hunter Hobbyist || https://t.co/jWMWOMqg5g || @bugcrowd Research Ambassador || Red-Blue. the-infosec.com Joined January 2018-
Tweets1K
-
Followers876
-
Following444
-
Likes3K
SCCM / MECM LAB write up, by @M4yFly Part 0x0 mayfly277.github.io/posts/SCCM-LAB… Part 0x1 - Recon and PXE mayfly277.github.io/posts/SCCM-LAB… Part 0x2 - Low user mayfly277.github.io/posts/SCCM-LAB…
SCCM Lab write up 📝part 0x3 is out: mayfly277.github.io/posts/SCCM-LAB… - Exploit as client admin - Exploit as sccm admin Find all the articles about the SCCM laboratory exploitation here : mayfly277.github.io/categories/scc…
This is explains how the xz backdoor was found
Keep this on your radar: OWASP Wrong Secrets - 43 Secrets Management modules/challenges to train developers and security pros on secrets management flaws. github.com/OWASP/wrongsec…
The xz package tar's were backdoored. Only discovered because the backdoor slowed down sshd enough for Andres Freund to investigate. Consider the case where the backdoor didn't cause perf issues... How long would this have gone undetected? openwall.com/lists/oss-secu…
This Photographer uses Creative Tricks To Take Amazing Pictures 🔥 A Thread…
Worth a listen!
😱 I watched @GodfatherOrwa 's insightful talk "The Power of Shodan - Leveraging Shodan for Critical Vulnerabilities" at @NahamSec 's #NahamCon2023 and have condensed the ~25 minute talk for you to read in 2 minutes. Here's some interesting bug bounty tips and tricks ⬇️
This is very cool. Get cheatsheets in your terminal with a curl command! ⌨️ Try this: curl cht.sh/sqlmap Shout out to @igor_chubin! 🎉
Useful tips x.com/dalertymg/stat…
Those bad boys got new guns: - ADCS ESC12 & 13 and ESC8 from WSUS poisoning - SCCM takeover from passive server - AD Miner and SOAPHound - LDAP pass back - PXE boot attacks - Creds from third-party softs ... hideandsec.sh/books/cheatshe… hideandsec.sh/books/cheatshe… hideandsec.sh/books/cheatshe…
Attacking an EDR Part 1 her0ness.github.io/2023-08-03-c2-… Part 2 her0ness.github.io/2023-09-14-Att… Part 3 her0ness.github.io/2023-11-07-Att…
1\ My thoughts on the Chinese APT contractor leak 🇨🇳 Specifically, I want to talk about the leaked - iOS Spyware - Physical implantable devices - Email surveillance system Let's consider detection and how these would be installed.
1\ My thoughts on the Chinese APT contractor leak 🇨🇳 Specifically, I want to talk about the leaked - iOS Spyware - Physical implantable devices - Email surveillance system Let's consider detection and how these would be installed.
$Env:Username
Full circle!
Katana by @pdiscoveryio is my preferred utility to perform quick crawling and spidering. However, it can be amusing if you do not use Katana to the fullest potential. Here are 7 ways in which you can use Katana in your bug bounty journey 👇
Lenovo X1 Carbon Bitlocker Key Sniffing any% Speedrun (42.9 seconds)
Are you a female Software Engineer who wants to make a difference in the world? Or a Software Engineer looking for a new challenge? Apply for the open positions & join us @MicrosoftADC as we build the Identity Platform. jobs.careers.microsoft.com/global/en/job/… Search Jobs | Microsoft Careers
Bug Bounty Tips: Discover associated domains for your target organization with Reverse WHOIS Search Working on a widescope target and aiming to gather as many associated domains as possible? Here's a free service that can provide you with all the domains linked to a target…
I felt like httpx was missing the ability to parse Nmap reports for http/s services and it made more sense to create a standalone utility. Nmapurls parses Nmap xml reports and outputs a list of URL's. github.com/sdcampbell/nma…
Harsh Bothra @harshbothra_
42K Followers 659 Following Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personalRandom Robbie @Random_Robbie
15K Followers 5K Following Scanner of the internet and owner of your k8s. All opinions here are mine and do not represent my employer's views. @[email protected]你压到我腿毛了 @nydowtumol19593
183 Followers 2K FollowingDorothy_ @Dorothy1785898
26 Followers 1K FollowingSinahaghighi @khabbazhaghighi
6 Followers 92 Followingbrainbugs @brainlessbugs
21 Followers 393 Following wake-up eat exploit wait wait wait ...............Md Kamrul Islam @kisohag
11 Followers 253 FollowingYou Gina @yougina
468 Followers 1K Following Blog: https://t.co/YLD2icp8I1 Hackerone: https://t.co/1xawIwhc8r Intigriti: https://t.co/RUvNZweGeo Github: https://t.co/tBZgBoatGeEvans 🍏 @3iv4ns
185 Followers 220 Following🃏 @x1337joker
59 Followers 260 Following •\ 19 yr old Security Researcher 🇰🇪 and bug bounty hunter 👨🏾💻 •/Nathan Jones @njcve_
1K Followers 2K Following Bishop Fox || GoogleVRP (UK): 5th || HackerOne UK AmbassadorLoveBugs @mxdxyxy
32 Followers 742 FollowingAbdo H @Abdoo0147
1 Followers 6 FollowingN0UR0X01 @NOUR93253805
87 Followers 623 Following Penetration tester || bug hunter || CTF player N0UR0X01 || XLR-8root @09xdanger
19 Followers 141 FollowingDora Tyler @DTyler93398
134 Followers 3K FollowingNahid Hasan Limon @nh___limon
138 Followers 1K Following Busy in learning to build and break the web 😴️✨️Ahmed Gad @HexVibe775
66 Followers 1K FollowingRasel Rana @raselranahonest
35 Followers 439 Following LinkedIn Marketing || Twitter #Promoting || #Cybersecurity || AI || PythonJeannineSpann @SpannJeann24907
58 Followers 2K FollowingLee Gustavo @Lee_gustavo009
342 Followers 2K FollowingLoganathan Venkatesan @Loganathanvenk1
7 Followers 2K Following Cyber Security Analyst , Malware Research, Penetraction Testing , Security ResearchKhawlaWired~ 📡 @khawlawired
77 Followers 368 Following hey! welcome to @khawlawired ! 📡 🍂🤎🕰️📜🍪 dream of becoming scientistmr. X @PluginDragon
13 Followers 192 Following酴釄落尽 @LuoTu52320
140 Followers 3K Followinggoback @l2_sec
124 Followers 2K FollowingIbrahim Abdurrahman @ibrahim_haxor
589 Followers 5K Following Android aficionado 🔧 | Expert in software & hardware repair for Android devices 📱 | Solving tech glitches one device at a time 💻 | Your go-to for fixingSaeed @saeedkhavariii
133 Followers 1K Following interested in web application security trying to be a bug hunter learning & Loading Chess LoverLeBron @LeBroncash
265 Followers 2K Following I am a nurse | cyber security researcher | bug bounty hunter | ethical hackerGodfather Orwa 🇯�.. @GodfatherOrwa
17K Followers 1K Following Hacker | Bug Hunter | Cooker | Top 3 P1 Warrior On https://t.co/dzFQH75OWj | https://t.co/TdLNCtmEGt | LevelUpX Champion | 10+ 0Days/CVEsGeneración Ciber🗞.. @generacionciber
201 Followers 1K Following La tecnología al alcance de tu mano | Actualidad, noticias y mucho más ⏳Henricks Kaza @ldaavtc
46 Followers 1K Followingicurus @muchiemma
126 Followers 608 Following CTF player @urchinsec_ Interested in cybersecurity & Software Development Feel free to say Hi 👋 Tea is on me.Intigriti @intigriti
154K Followers 633 Following Global Bug Bounty & VDP Platform. 🌐: https://t.co/fgCupJckrW ▶️: https://t.co/lRfCzZBgb7 👾: https://t.co/Inf7N9VQIlBen Sadeghipour @NahamSec
196K Followers 1K Following Cofounder @hackinghub_io, Advisor @Trick3st @CaidoIO. I hack companies and make content about it. Bug Bounty Village & #NahamCon organizer. ex @hacker0x01🇮🇷Joseph Thacker @rez0__
49K Followers 862 Following the promptfather. christian. hacker. hobby jogger. principal ai engineer @appomnisecurity.Aditya Shende @ADITYASHENDE17
51K Followers 419 Following MS Cyber 🇬🇧 | Bugcrowd Top 100 | Overseas Pentest Trainer | Keynote Speaker | Professional Biker | 🌎 @kong_sec 🦍Sam Curry @samwcyo
77K Followers 942 Following Hacker, bug bounty hunter. Run a blog to better explain web application security.payloadartist @payloadartist
34K Followers 288 Following Tweeting about Application Security, Hacking, & Cybersecurity • Helped secure organizations like Google • Opinions are my ownJason Haddix @Jhaddix
146K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. @arcanuminfosec 18 years hacking + sec leadership. ex:BuddoBot-Ubisoft-Bugcrowd-Fortify-HP-Redspin-Citrix.vx-underground @vxunderground
288K Followers 207 Following The largest collection of malware source code, samples, and papers on the internet. Password: infectedMike Takahashi @TakSec
20K Followers 526 Following Pentester | Bug Bounty Hunter | AI Whisperer '><embed src=javascript%26%63%6f%6c%6f%6e%3balert('TakSec')>Hussein Daher @HusseiN98D
43K Followers 151 Following Entrepreneur, Hacker 🇱🇧🇨🇮 @WebImmunify 27th/270000 BugCrowd Hacking Platformbugcrowd @Bugcrowd
160K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™Harsh Bothra @harshbothra_
42K Followers 659 Following Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personalInfoSec Community @InfoSecComm
38K Followers 638 Following Largest InfoSec publication with 30k+ followers and 1M+ monthly views. 3rd edition of @IWcon_ happening in December 2023!Katie Paxton-Fear @InsiderPhD
82K Followers 2K Following Dr, apparently. Creator @traceableai, Lecturer & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/herBug Bounty Reports Ex.. @gregxsunday
38K Followers 553 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.Yassine Aboukir 🐐 @Yassineaboukir
26K Followers 337 Following AppSec Consulting • Bug Bounties (HackerOne Top 20, Ambassador, MVH and Hacker Advisory Board) • Digital Nomad • Athlete.hakluke @hakluke
88K Followers 2K Following Hacker, bounties, entrepreneur. I help cybersecurity companies produce amazing content for their blogs and socials. Founder of: @haksecio and @hacker_contentFlorian Hansemann @CyberWarship
74K Followers 47 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98MJohn Hammond @_JohnHammond
238K Followers 2K Following Hacker. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSClNithin 🦹♂️ @thebinarybot
16K Followers 515 Following Hacking machines and life | Community Manager @InfoSecComm | eJPT | Certified Red Team Professional (CRTP)Stephen Fewer @stephenfewer
8K Followers 208 Following Principal Security Researcher @rapid7. Decompiler @relyze. Core @metasploit dev 2009 - 2013. MSRC Top 100 2015. Pwn2Own 2011 & 2021.Sahil Bloom @SahilBloom
1.1M Followers 125 Following Exploring my curiosity and sharing what I learn along the way. Gave up a grand slam on ESPN in 2012 and still waiting for it to land.DFIR_TNT @DFIR_TNT
1K Followers 2K Following DFIR Tips N Tricks | Andrew Skatoff | Husband+Father | Cyber+DFIR | Seeker of Truth | Hunter of ThreatsGuidedHacking @GuidedHacking
37K Followers 324 Following Reverse Engineering, Game Hacking, Malware Analysis & Exploit Development @ https://t.co/Dl5ED4o7YSThe Haag™ @M_haggis
8K Followers 2K Following Threat Researcher | Co-Host of Atomics on a Friday | LOLDrivers & Atomic Red Team Maintainer | I'm Everywhere and Nowhere - BSG.WHOAMI @wh0amitz
504 Followers 147 Following Red Team / Offensive Security, Cameo in @StrawHat_CTF for pentest. Web Security / Windows / Active Directory / Post ExploitationNCSC UK @NCSC
139K Followers 480 Following We are the National Cyber Security Centre – part of the UK’s intelligence & cyber agency @GCHQ. We help to make the UK the safest place to live and work online.Paul Russo, EBS @Saagite
8K Followers 3K Following KCB Group Plc CEO; Champion for Transformation; Top40Under40 Kenya 2012; Named Top 100 Global HRD at 2015 World HRD Congress; Africa CHRO, 2016. #banditstyleYotam Perkal @pyotam2
488 Followers 595 Following Director of Vulnerability Research @Rezilion_ | @pyconil Organization Committee | Sharing Cyber Security, ML & Startup Culture Insights | Always Learning!CLEAN CAR CLUB @TheCleanCarClub
257K Followers 17K Following We provide latest trends and professional car advice. Join our community of car enthusiasts. DM for promos or email: [email protected]The Savage Expert | M.. @thesavageexpert
3K Followers 17 Following Also known as ‘The Doc’ | 157 years experience. Favorite phrase: “it depends”.Ransomware News @RansomwareNews
24K Followers 0 Following This Twitter Bot gets updates from ransomware groups Feed maintained by @joshhighetI am Jakoby @I_Am_Jakoby
12K Followers 515 Following I'm the reason you don't plug in USBs you find on the ground.The Software Security.. @swsecproject
479 Followers 0 FollowingTrung Phan @TrungTPhan
700K Followers 4K Following Write on business with @workweekinc. Co-host @niapodcast. Building an AI research app: https://t.co/fZ5ObIyBGI📔 Michael Grafnett.. @MGrafnetter
3K Followers 114 Following IT Security Researcher and Trainer, Author of the DSInternals PowerShell Module, Microsoft MVPHOUSE PORN @HOUSEPORN___
2.7M Followers 0 Following Discover original houses. DM for credit/removal or business.Grzegorz Tworek @0gtweet
29K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-Jon Sherman @practicalgolf
79K Followers 325 Following Author of The Four Foundations of Golf ➜ https://t.co/E6TgshifK8 I New Book available now ➜ https://t.co/5E9sTO2JSg I Co-Host of The Sweet Spot 🎙️I Golfer ⛳️Bad Sector Labs @badsectorlabs
6K Followers 439 Following Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]Billy Oppenheimer @bpoppenheimer
117K Followers 127 Following writing/research assistant to @ryanholiday | my newsletter: https://t.co/uq7u9HbTfQTechnical Exec @TechnicalExec
75K Followers 128 Following Improving Your Career + Earnings + Potential | IT Executive | Leadership Coach | Grow Your Career, Build Your Wealth, and Control Your Future.Trimarc @TrimarcSecurity
5K Followers 126 Following We are the experts in Active Directory, Microsoft Cloud, and Virtual Infrastructure security. Find out more about our assessment services at https://t.co/3kWA6f7dh1.Filip Dragovic @filip_dragovic
6K Followers 1K FollowingFlipper Zero @flipper_zero
92K Followers 121 Following A portable multi-tool device in a toy-like body for pentesters and hardware geeks. Buy worldwide here ➡️ https://t.co/n09EKVnqriCyentia Institute @cyentiainst
1K Followers 294 Following Our data-driven #cybersecurity research inspires action, promotes industry progress & builds your brand's mindshare Your data has a story-let's tell it togetherDominic White 👾 @singe
12K Followers 534 Following Hacker @sensepost Socials || https://t.co/j4QzFmubF1 || @singe.bsky.social || 51ng3 on https://t.co/Qc039zjTKq#SpaceYaTech @SpaceYaTech
24K Followers 2K Following African Tech Community Twitter Spaces every Thursday at 8pm EAT. Learn about what we do: https://t.co/KFXKZwcG2k Email us: [email protected]Mwango Capital @MwangoCapital
117K Followers 986 Following |❤️Financial Research & Analysis on East Africa Markets| |🗞️Newsletter: https://t.co/vXkqHKrslm| |💬WhatsApp: https://t.co/aiPsJmwtqB…|Kostas @Kostastsale
16K Followers 365 Following @TheDFIRReport member | Tweeting and following mostly #ThreatIntel,#malware,#IR & #Threat_Hunting. Opinions are mine only! 🇬🇷🇨🇦Microsoft Threat Inte.. @MsftSecIntel
180K Followers 1K Following We are Microsoft's global network of security experts. Follow for security research and threat intelligence.[email protected].. @rpargman
4K Followers 5K Following Слава Україні! Most important job: being Dad; I also love to help people deny attackers the opportunity to break and steal all the things. Pronouns: He/himTrue Positives Podcas.. @truepositives_
136 Followers 1 Following A podcast that explores the impact of current events and nuances in cybersecurity. Listen to the stories behind the headlines.Daily Dark Web @DailyDarkWeb
92K Followers 0 Following https://t.co/3gj0T4Udv3 | Your daily dose from the dark side ☠️ For any questions about a post, you can send an email to [email protected]Outflank @OutflankNL
5K Followers 11 Following Offensive Tooling for Red Teams, Red Teaming and Trainings🆉🅾🅸🅳 @z0idsec
4K Followers 293 Following 💻👨💻 - Bug Bounty Hunter, - SRT Member @synack, - Freelance Pentester at @cobalt_io, - Programer at @pentesterlab ❤️ Be calm and hack.ACE Responder @ACEResponder
10K Followers 232 Following Practice threat hunting & detection engineering in a real SIEM with real attacks. Join us and become the best.Today Years Old @todayyearsoldig
1.0M Followers 119 Following Your source for the latest trends, discoveries, and most shocking truths & little-known facts about the world. 🚀 DM us your findings!Netlas.io @Netlas_io
4K Followers 10 Following Stay ahead with updates on high-profile vulnerabilities, expert tutorials, essential safety tips, and the latest Netlas developments.sicehice @sicehice
1K Followers 52 Following Follow us for IP address OSINT, threat data aggregation, bulk IP lookups, free API access and more - https://t.co/FdwKUSr0a0Check Point Research @_CPResearch_
21K Followers 115 Following Fighting cyber threats one research at a time. News from Check Point’s (@checkpointSW) Research team. Podcast: https://t.co/Cp128Xv0CM…Alex Munene @enenumxela
116 Followers 240 Following Cyber Security Professional ◇ Building stuff, breaking stuff and building stuff that break stuff at @hueristiq0x00Shadowserver @Shadowserver
18K Followers 0 Following Our mission is to make the Internet more secure by bringing to light vulnerabilities, malicious activity and emerging threats. Join our Alliance!A notable trend I've observed recently is companies including IOCs in their blogs, along with providing a link to a GitHub page containing the same data in a format that's more accessible to researchers (or machines). More of this please. 🥰
We Created a Dedicated Page for our Advanced Frida Series Read The Full List of Blogs Here 👉 8ksec.io/advanced-frida… Part 1: Analyzing iOS Encryption Libraries ✅ Part 2: Analyzing Signal And Telegram Messages On IOS ✅ Part 3: Inspecting XPC Calls ✅ Part 4: Sniffing Location…
''🤫 Unlocking secret ThinkPad functionality for emulating USB devices'' #infosec #pentest #redteam #blueteam xairy.io/articles/think…
Wow I can't believe I haven't been using this tool until now. If you do any sort of AD pentesting/redteaming/labbing TRY IT NOW: github.com/p0dalirius/LDA…
SCCM Lab write up 📝part 0x3 is out: mayfly277.github.io/posts/SCCM-LAB… - Exploit as client admin - Exploit as sccm admin Find all the articles about the SCCM laboratory exploitation here : mayfly277.github.io/categories/scc…
🚀 We're excited to unveil a new tool developed by our researcher: APKd. Now, you can effortlessly download APKs from AppGallery, APKPure, and RuStore directly from the terminal! Check it out here: github.com/kiber-io/apkd
Something cool for CRED-2 from Misconfiguration Manager: You can use the hash from a compromised computer to spoof enrollment. Works with @_xpn_ 's github.com/xpn/sccmwtf tool as well (since the http module is built around his code >_>) Kerb auth is a WIP
Trying to work on feature work, bug fixing, updating dependencies, working on legacy code, and attending meetings as a software dev.
AD Privesc Kerberos TGS and SeTcbPrivilege If you have SeTcbPrivilege, you can ask TGS on behalf of ALL logged users on your machine WITHOUT Password ...and if there is a Domain Admin logged? Zero detection by EDR/AV github.com/foxlox/GIUDA.g… #redteam #SeTcbPrivilege
So today I learned that when you’re trying to live a happier life, you should focus on building serotonin, then oxytocin, THEN dopamine. People go straight to dopamine for happiness and get addicted to it which causes them to do reckless impulsive things and ruins their life
Regulating your nervous system doesn’t mean you’re always calm or stoic. It means you can feel intense anger or sadness and respond in ways you don’t regret later.
Fun DA route 🧵: 1) No creds, poison the network, get some Proxy-Authentications flowing 2) Add a new computer via ntlmrelayx 3) Creds owned -> certipy find -> 2 CAs with ESC8 4) Can't relay DC, custom templates for computers 5) Relay CA1 to CA2 with the custom computer cert
Keep this on your radar: OWASP Wrong Secrets - 43 Secrets Management modules/challenges to train developers and security pros on secrets management flaws. github.com/OWASP/wrongsec…
The rev.ng decompiler has gone open source: rev.ng/blog/open-sour… github.com/revng/revng-c
On the .xz backdoor. It is hard to see how the developer Jia Tan is innocent. The backdoor was added in 5.6.0 by his account. He contacted Fedora to push them to move to 5.6.0. There was a problem with valgrind, they worked with hi to resolve it. He commits the fix in 5.6.1.
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files. github.com/BishopFox/sj
A few smart things I've read lately: collabfund.com/blog/smart-wor…
There is skepticism and detective work in the soul of women lol
So, I’m free this morning so Let’s ‘Spy’ on competitors’ Ads yeah? I picked a brand whom I feel would have fun Ads such as Kai and Karo and SafaricomPLC. 1. Go to Adstransparency.google.com Enter the brand’s website there… voila!! With this, I can even delve further into…
This Photographer uses Creative Tricks To Take Amazing Pictures 🔥 A Thread…