Olivia
Online
Sebas
@0xroot
- 🦊 Senior Security Consultant at @BishopFox
- 📚 Curated Security Pills Newsletter
Joined April 2010
466 Following
3.9K Followers
9.3K Posts
Vibe coders after realizing they'll still have to dance on TikTok to market their SaaS.
We're back. See you Monday:
https://t.co/MqW7yUsc5t
Drop your email, we won't phish you.
I've pushed a few updates to https://t.co/9CqANckHK0. Vercel and Netlify are no longer flagged as vuln. Offsite redirs not followed. Custom header support in case you need auth or custom UA. Redir test cases are more accurate now (both base path and redir tested).
@galnagli Are those AWS creds exposed intentionally? :P
Who to follow
Marc R 
@Seifreed
🌍 Geopolitics & Cyber Intel | 🧠 Reverse Engineering Pro | 🔎 Geostrategy Analyst | 💻 Combatting Cybercrime & APT | 🚀 All tweets are my own!
Cesar Cerrudo
@cesarcer
Professional Hacker & Cyber Security Futurist. Security/ Hacking
☠ Román Medina-Heigl Hernández
@roman_soft
CyberSecurity junkie since 1993. Manager, strategist/advisor and engineer. CTF player (#int3pids). Occasional researcher. Ex-Founder #RootedCon. Always learning
According to the National Intelligence Service, around 8,400 individuals are employed in cyber warfare in North Korea. Previously, there were 6 hacking groups and 17 support organizations backing cyber attack activities, but this number has now increased by nearly 20%.
- Korean: https://t.co/tIouURYwP6
- English: https://t.co/W8b1EAnZsd
My article regarding Poisoned Pipeline Execution attacks on CI/CD pipelines has just been published
🔗https://t.co/IOONHtqBoz
Dive into our blog on the surge of app security attacks on CI/CD pipelines. Discover how to shield against poisoned pipeline executions and real-world remote code execution scenarios. More here: https://t.co/W9YbjQ9RDO #AppSec #DevOps #Cybersecurity
🕵️♂️ Deluder
🔍 A tool for intercepting traffic of proxy unaware applications, supporting multiple networking libraries:
* OpenSSL
* GnuTLS
* SChannel
* WinSock and Linux Sockets
+ more!
https://t.co/6iaTyblM5x
🛠 pphack: A Client-Side Prototype Pollution Scanner
Scan for prototype pollution using chromedp, customize payloads and JavaScript with this powerful tool
👤 @edoardottt2
https://t.co/A79e140MnC
⚔ Visualizing ACLs with Adalanche
A tool for enumerating and visualizing ACLs in Active Directory, helping to identify misconfigurations and potential attack paths
By @lsecqt
https://t.co/D4Ss4Pvi9c
🛠️ proctools: Extract information & dump sensitive strings from Windows processes:
🔍 procsearch: find sensitive strings in process memory
ℹ️ procinfo: display file version info
📝 procargs: extract command line args
❌ prockill: terminate processes
https://t.co/lYGNKqPxPz
🛠 Debug your GitHub Actions via SSH with action-tmate
A GitHub Action that allows users to debug their GitHub Actions by using SSH or a web shell to access the host system on which the actions run
👤 Max Schmitt
https://t.co/JbLRR3GhC4
🤖 LLM-powered fuzzing via OSS-Fuzz
A framework that uses LLMs to generate fuzz targets for C/C++ projects and benchmarks them on the oss-fuzz platform.
👤 @google
https://t.co/2ViEAhZapv
🛠️ graphrunner
A post-exploitation toolset for interacting with the Microsoft Graph API
It provides different tools for:
* Reconnaissance
* Persistence
* Pillaging of data from a Microsoft Entra ID (Azure AD) account
👤 @dafthack
https://t.co/3QTMicyCLE
🛠 Jira-Lens: Fast and customizable vulnerability scanner for JIRA
Perform 25+ checks including CVEs and multiple disclosures on a provided JIRA instance
👤 @mayank_pandey01
https://t.co/VVJQ9ApYZa
Receive the latest security news each Monday:
🛠️ Appsec
⛓️ Blockchain
🛡️ Blue Team
☁️ Cloud Sec
🐳 Container Sec
🤖 ML
⚔️ Red Team
📦 Supply Chain
🕵️Threat Hunting
Join 2,000+ security professionals
https://t.co/cjPS0D7WiQ
Follow me ( @0xroot ) for more content like this
🔖 Security Pills #55
🛠️ A Recipe for Scaling Security @ddworken
🛡️ Detect threats using Microsoft Graph logs @fabian_bader
☁️ All Google Kubernetes Engine Risk @roinisimi
⚔️ electroniz3r @_r3ggi
📦 Forging signed commits on GitHub
+ more!
https://t.co/ZeNtbbTi87
@TheIceRoot If you have enjoyed this content, please help us by:
1️⃣ Joining over 2000 security professionals to get the latest trends in security.
2️⃣ Following me (@0xroot) for more content like this.
Visit https://t.co/Q3IQ0eVTi9 for more information.
☁ Google Cloud Incident Response Cheat Sheet
* Common Attack Paths in GCP 🧧
* Logs for Threat Hunting & Incident Response 🧙♂️
* GCP Attack Matrix 📊
* Service Accounts 🔑
Includes documentation with + details for each TTP
👤@TheIceRoot & Wes Guerra
https://t.co/Qd3JWRccAe
☁️ Cloud Threat Landscape
A cloud threat intelligence database, providing details on actors, tools and attack vectors
Dive into @wiz_io's public database:
🚨107 incidents
🎭96 threat actors
⚔️100+ attack techniques
https://t.co/ICPpngNMGz
have a great cyberweekend.
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers