Olivia
Online
Labman
@Amarjit_Labu
Lover of breaking things | Cybersec researcher with a wide taste in music genres!! ||| chr°ᶰ1k |||
Ring3 making my way to Ring0
Joined July 2009
1.6K Following
2.4K Followers
16.7K Posts
@trevorsaudi Welcome
Funny how Microsoft attempts to fix Defender resulted in a bug that causes Defender to be unable to delete any malware with NTFS ADS file name, something like C:\test:mlwr.exe will never be deleted by Defender, will be detected but always fails to delete.
If you enjoyed my killing AD attack paths ContinuumCon talk, then I think you will like this too.
In this podcast, my teammate Tyler and I talk about how you can use ADeleg to find attack paths in Active Directory.
This is like literally the process I use on internals.
🎧https://t.co/7N1ogeMM5D
Who to follow
muchilwa
@muchilwa
Biker | Infosec | Leading and Building CyberSec Communities | Educator | Founder BSides NBO | Podcast host at Truepositives_
Chalie
@pwnipc
Offensive Android Security Researcher, ARM assembly addict, Exploit Dev? and a part time CTF player @fr334aks.
Parth Malhotra 
@Parth_Malhotra
Hacking into your servers since 2012 :)
Research @pdiscoveryio
Last week, I wrote about WinGet and how it could be used for code execution, including detailed detection strategies. If you missed the article, have a read below ⤵️
🖊️ https://t.co/yI5f2t1mtE
😱 TIL of Railgun..so cool how you can use Win API of the target directly through a meterpreter session.
If you want to get to know more check out @mubix explain about using it
https://t.co/b38Wgnk1db
MSF's Railgun was massively underrated but incredibly powerful. Resolve and call an API without needing to alloc and run a whole BOF or DLL. I hope to get this implemented nicely in CrystalC2 at some point.
Kubernetes assessments just got easier.
@RonJonArod dropped two new Mythic extensions for helping with initial access on container-centric red team ops:
➡️ Wrap payloads in OCI images
➡️ Host them in a self-managed registry
➡️ Deploy via K8s manifest
https://t.co/iRXh7VS3gD
New video: quick run through of 5 post-access Microsoft 365 abuse mechanisms (app creds, Graph permanent delete, Intune device wipes/scripts, MDE LR)
WATCH: https://t.co/NsuVbUBBgC
Lot of defensive controls I didn’t fit in e.g. workload identities or most RBAC things... more on those soon.
Tool to dump Windows Local SAM Credentials from registry or Shadow Snapshot and capable of doing Stack Spoofing via TP Custom Callbacks.
When using Shadow Snapshot method SYSTEM privs are not needed.
https://t.co/8O4LOyA1Mh
#redteam #cybersecurity #windows
Chinese hackers hijack auth flow, spy on isolated network for a decade
https://t.co/vn2uG9P7f2
https://t.co/vn2uG9P7f2
New write-up on our blog. This research takes a closer look at those IOCTLs and how they can be used to build a physical memory read/write layer.
https://t.co/lx69a0Ovbg
#WindowsInternals #ReverseEngineering #OffensiveSecurity #infosec #pentest #exploit #exploitpack
When WDAC blocks your implants, Electron apps become the way in.
The post walks through using Loki C2 to backdoor signed applications like Mailspring and communicate over Azure Blob Storage via HTTPS. ⬇️
https://t.co/7dWMTHrN8w
DLL Injection via Thread Hijacking Without Executable Memory
New Medium post. Today we cover a technique that combines thread hijacking with Return-Oriented Programming (ROP) to inject a DLL into a remote process without allocating executable memory
https://t.co/agjGzWx69v
Ready to Fuzz USB stack like never, get an ESP32 and let's do it!
https://t.co/b1ihsIieDx
We are releasing Tracebit @x33fcon - a POC sensor aiming to fingerprint implants in memory
using only lowlevel runtime telemetry.
No signatures, no scanning. Only pagefaults.
https://t.co/grZeZ4saqT
@ShitSecure @x33fcon This was a good companion during engagements in the years sponsoring the project ❤️
New NightmareEclipse Bitlocker Bypass 0-Day
https://t.co/FOietKQhos
Trying to use Fable 5 for anything benign...
@trevorsaudi Also comes with it's own interesting vulns 👹
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers
✨
⭐
💫