Olivia
Online
Father Bobcat
@0xF4B0
Shamelessly uses twitter retweets as a bookmark management tool for things I want to read later.
Joined August 2016
217 Following
89 Followers
1.3K Posts
By-design AV bypass with "dev drive" 😅
I really like this feature!
Update your detection rules if you want to spot this...
scp.exe -S "cmd /c c:\windows\system32\calc.exe" . localhost:.
Or instead of -S use
-o ProxyCommand=
Did an engagement sometime back where Certipy and Certify both failed to discover the ESC8 vuln due to the web enrollment endpoint being configured on a standalone/separate Web server.
I wrote about this edge case on my blog here: https://t.co/3RjopWLA18
🚨 RTVCron Ep. 5 is LIVE NOW
🎙️ @c4ch3c4d3
Local Large Language Models
Join us for a practical walkthrough of running LLMs on your own hardware, including real constraints and strategies
📺 Watch now https://t.co/cssmAGUXE5
Who to follow
Chris Thompson 
@retBandit
CEO @ RemoteThreat & Founder of Offensive AI Con | Former Head of X-Force Adversary Services | Black Hat Review Board | inveni et usurpa
Benjamin Spence
@bSpence7337
@[email protected] #RedTeam4Life #LethalForensicator fictional character 🥸 Ally of all (He/His/Him) #BLM #TheConCrudIsReal
Adam Brown
@coffeegist
{Code - Coffee - Hacking} - I’m just here for the laughs
Updated my PowerShell script "Invoke-ADLabBuildOut.ps1" so it now creates AD sites, subnets, and site links (based on the created sites).
This script takes a newly built AD lab environment and makes it look like a production environment along with common security issues.
https://t.co/FmWBVVXUYN
DeadMatter
Extracts LSASS credentials from memory dumps. Lightweight. Can be used to bypass AV/EDR. Usually is paired with DumpIt as both of them don't need GUI.
Tested with Microsoft Defender and Kaspersky
https://t.co/phV5wNPfBZ
@three_cube @_aircorridor #edr #apt #redteam
OSCP+ / OSEP Advanced Cheatsheet v3 https://t.co/qbg3Qq7wkG
MICROSOFT OPEN-SOURCED THEIR ENTIRE SENTINEL SECURITY TOOLKIT
most teams building on azure figure out threat detection the hard way
trial and error, custom KQL, dashboards built from nothing, playbooks written by hand
nobody told them it was already done
the sentinel github repo has:
▫️ 1000+ pre-built threat detection rules
▫️ hunting queries for active threat investigation
▫️ automated response playbooks
▫️ security workbooks + dashboards
▫️ data connectors for 100s of sources
the hard part was already done
https://t.co/VHbH2pIRRe
Here is my BOF POC (emphasis on POC...) of this research. As the README states it's not an operationally-ready tool, but it was neat research and I figure the code might be useful for someone else. Thanks to @lildylannn and his colleague for their work! https://t.co/MoOVepSfFd
Introducing a new PCAP tool - OhMyPCAP
OhMyPCAP is a standalone web application for analyzing PCAP files. View security alerts, browse network metadata (DNS, HTTP, TLS, flows), extract ASCII transcripts, and carve individual streams - all from a single-page UI.
@HackingLZ https://t.co/uam8E4wwrr
Maybe useful
PSA: That 'Disable NTLMv1' GPO you set years ago? It’s lying to you. LmCompatibilityLevel set to 5 is not enough. https://t.co/DtaZX0MAkP
Relayed NTLM creds are powerful, if you can use them.
@senderend shows why browsers fail through ntlmrelayx SOCKS and introduces ghostsurf to make NTLM-authenticated web apps accessible.
Read more ⤵️ https://t.co/BdtzoKquD1
WMEye. tool for performing Lateral Movement using WMI and remote MSBuild Execution
https://t.co/wi9ZdNVrof
@SecurityAura Yes. EDR will block "SSH.exe" bring your own named different and it works most times. Connect to a different port than 22, say 31337,443,80 to test egress and protocol inspection. Similar to this I made/use https://t.co/ANAdcUj5uI
LOLFSAAS
Living off Free SaaS
Hundreds of SaaS platforms with free tiers, documenting abuse surface, opsec risks, authent methods, C2 framework mappings, and operational limits.
https://t.co/w6NdZ7eA8C
meet VMkatz, https://t.co/eza4AXRuFT
PDFs aren’t just documents. They’re attack surfaces.
At RTV Overflow, @FilipiPires breaks down how attackers exploit PDFs to execute malicious JavaScript, inject shellcode, trigger heap sprays, exploit Adobe Reader, and exfiltrate data.
🗓 Feb 21, 2026
⏰ 10:00 AM
Offensive security pros won’t want to miss this.
Watch live:
https://t.co/dZ3Sx2MmSE
@ryuketsumilly 私は歌が下手なだけで、自分が実力で負けているって分かってたよ🤣
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.6M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.2M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.6M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
73M followers
Virat Kohli
@imvkohli
69.8M followers
Kim Kardashian
@kimkardashian
69.8M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.9M followers
Neymar Jr
@neymarjr
62.5M followers
The Ellen Show
@theellenshow
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.7M followers