Olivia
Online
๐ถ๐-๐ป๐๐๐๐๐๐ก
@CT_Hellcat
Global Security Team
Washington, USA
Joined March 2016
1K Following
395 Followers
5K Posts
Ever wanted to draw a triangle with OpenGL as a 2kb position-independent shellcode? No? Me neither.
But you can do it anyway: https://t.co/qCd88gK0GR
@GigelV41464 Doesn't seem to be anything new
If you like VPN exploits as much as us, you're going to love this course Zeroshi is bringing to @_ringzer0!
Marco will walk students into opening up edge devices for research, mapping their attack surface, finding vulns and building full exploit chains.
https://t.co/nYihjiqSls
Who to follow
Kleiton Kurti
@kleiton0x7e
A web security guy, Red Team Enthusiast and wannabe Malware Developer. Opinions and views are my own.
Bad Sector Labs
@badsectorlabs
Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV ๐ @[email protected]
Soroush Dalili 
@irsdl
Hacker (ethical), web appsec specialist, trainer, tools builder & apps breaker ๐ธ๏ธhttps://t.co/YipuTcYnWc๐ฅท ๐A dad-joke maker๐
[New @originhq blog+POC]
No PPL? No problem!
SecurityTrace, an undocumented ETW feature, restricts some AutoLogger traces to PPL only โ yet we found this current design still allows non-PPL processes to consume from Threat-Intelligence as admin only!
https://t.co/iZyILtbJx8
@C2IRIS The price of cobaltstrike for one year has reached 5900 USD
A short weekend read for anyone interested in the ANIMO (Azure Network Intel & Mission Ops) tool I've been working on throughout 2025. It documents a red team scenario with its capabilities and future development plans. If you'd like to send suggestions, phishing links or donations my DMs are open.
#redteam
https://t.co/lOkLyAYEN6
New fav persistence method which works on Win11 25H2: Set the default key's value of HKCU\Software\Classes\CLSID\{18907f3b-9afb-4f87-b764-f9a4e16a21b8}\InprocServer32 to point to a malicious DLL and get shells from multiple programs even before a user logs in.
Another Pentest, another time the NetExec Veeam module didn't work properly. Sometimes SYSTEM impersonation is needed, sometimes it's flagged by AMSI. You need to know about alternatives. SharpVeeamDecryptor now supports v12 and PostgreSQL Veeam instances ๐
https://t.co/doacobREsm
Because the last release of #NoPowerShell was 2 years ago and to celebrate the repo has 999 stars, I just merged DEV โก๏ธ MASTER and published Release 1.50 containing over 60 offensive cmdlets! ๐ฅณ
https://t.co/dBOcwRPgSw
See examples of some of the cmdlets below ๐
ADCSDevilCOM ๐
A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses the traditional endpoint mapper requirement by using SMB directly.
By: @AnonArtist8
https://t.co/w7ujih35co
Here's my latest research. I decided to dive in to exploring Polymorphic PIC shellcode and walk the reader through the process of creating their own loader via x64 assembly code and Python. Thanks for your support and feedback as always. Enjoy!
https://t.co/otoKLxhHfH
I put a BOF loader in a BOF so that you can run BOFs from a BOF.
If you've had issues getting a BOF to work with CS's BOF loader in the past, you now have a drop-in way to get a little bit more compatibility.
https://t.co/x6neBpHyIr
Check out Titanis, my new C#-based protocol library! It features implementations of SMB and various Windows RPC protocols along with Kerberos and NTLM.
https://t.co/GC5wA2y3EO
@dhavalg2006 How much do you know about GoAnywhere MFT? Can you do automated deployment consultation?
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: https://t.co/jD6EaGtsn3
Say hello to Eternal Tux๐ง, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 & CVE-2023-4130)
https://t.co/Cbk9MBo91v
Cheers to @u1f383 for finding these CVEs + the OffensiveCon talk from gteissier & @laomaiweng for inspiration!
Analysis of command line parameters and #vulnerability of WerFaultSecure.exe in #microsoft Windows 8.1, along with the use of the WSASS tool for red team activities
#blueteam
https://t.co/r21D8OlhrU
Last Seen Users on Sotwe
Panti Pijat Mawar Berdarah
Seen from Turkey
ๆจๅฐ็ฉ
Seen from Netherlands
KararsฤฑZ
Seen from Turkey
Pedro martinez
gokhantest
Seen from Thailand
ุงุฎู ูุงููู
DERYA ฤฐLE RESฤฐM PAYLAลIM
Seen from Turkey
Tรผrk Porno Paylaลฤฑm
Seen from Turkey
naadan malayali
Seen from India
OfficialMissAlice
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.6M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.4M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.2M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.6M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
Neymar Jr
@neymarjr
62.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.7M followers