Olivia
Online
Dabby Dabs
@Dabby_Dabs
You're on your own. And you know what you know. And you are the one who'll decide where to go. INTP 6'4" 👉🏽
Clearwater, FL
Joined December 2011
4.8K Following
667 Followers
28.5K Posts
Pinned Tweet
@SANSOffensive HackFest Hollywood was a blast 💥 all of the speakers were awesome and I loved being around all the people who showed up super inspiring individuals
New Blog: Mythos Is Not Your Red Team
What the Cybersecurity Industry Is Getting Wrong About Anthropic's New Model
Within hours of Anthropic's announcement of Claude Mythos Preview and Project Glasswing on April 7, my feed became unrecognizable.
https://t.co/CkaL1T43XM
#mythos
New Blog! The $6.6 Billion BOLA
What Lovable's 48-Day Exposure Tells Us About the Collapsing Economics of Human Penetration Testing
https://t.co/Exe0VDMvIU
#lovable #bola #apis #apihacking #breach #cybersecurity #hacking #hackingapis
Windows Kernel Driver Code & Exploitation Techniques https://t.co/okHO2IniaG
Who to follow
Lauri Jon Caravella
@LauriJon
Screenwriter: Femme Fish Out Of Water Stories + 1/2hr workplace comedies. Painted In Positano (Novella/Short) - Ace Of Trades: Co Pi
J∆Y
@JayJayasuriya
#Believer👆🏽 #Musician 🎹 #DJ 🎧 #Photographer 📸#Cinematographer 📽️ @UR_UnityREEL : https://t.co/mdbguB1Gwr
Wendi Williams
@wendijwilliams
🌴🥥🌴Bossy. Truth-seeker. Mom. #SlavaUkraini #BlackLivesMatter #FreedomOfThePress🌴🥥🌴
Join us tomorrow, June 19th at 11AM CEST for a short @offby1security stream on "Windows Kernel Driver Code & Exploitation Techniques" with @0xabe_io! This will be live from class in Amsterdam from SANS SEC760, and we may not start exactly on time.
https://t.co/uBvl3i7z4o
This echoes my experience trying to develop hackbots, and I spoke about it at BSides 312.
If you don't have mechanisms in place to ensure coverage (both in terms of number of endpoints and number of vulns being tested), your hackbot is gonna miss a huge amount of stuff.
#MaliciousOpenDir #C2Server #C2 #ThreatHunting #CobaltStrike
URL: hxxp[:]//161[.]248[.]87[.]10[:]18888
ASN: AS400619
ISP: AROSSCLOUD INC.
The exposed server contains an open directory with a range of offensive security and post-exploitation tools, which strongly suggests its function as threat actor infrastructure for intrusion operations. The directory features multiple variants of GodPotato and Potato privilege escalation tools for Windows, PowerShell scripts such as token_steal.ps1 and adduser.ps1 for token theft and account creation, and reverse shell related files such as rev.ps1 and https://t.co/lQ6iaROk1h for upload binary files from his victims. The presence of encoded payloads, executables, and source code files further indicates ongoing development, testing, or deployment of attack tools.
![_IMalihi_'s tweet photo. #MaliciousOpenDir #C2Server #C2 #ThreatHunting #CobaltStrike
URL: hxxp[:]//161[.]248[.]87[.]10[:]18888
ASN: AS400619
ISP: AROSSCLOUD INC.
The exposed server contains an open directory with a range of offensive security and post-exploitation tools, which strongly suggests its function as threat actor infrastructure for intrusion operations. The directory features multiple variants of GodPotato and Potato privilege escalation tools for Windows, PowerShell scripts such as token_steal.ps1 and adduser.ps1 for token theft and account creation, and reverse shell related files such as rev.ps1 and https://t.co/lQ6iaROk1h for upload binary files from his victims. The presence of encoded payloads, executables, and source code files further indicates ongoing development, testing, or deployment of attack tools.](https://pbs.twimg.com/media/HKdyyh3WAAALJWj.png)
In this month i bypassed many wafs -> xss
Simple tip use:
location.href = https://t.co/XmhiN4sQHa
How? When your string in event or js structure and waf detects () or ` or etc
You can use this trick and call the vuln path with another domain(attacker domain) 1/2
#bugbountytips
MITRE resources every malware analyst should know:
ATT&CK: https://t.co/rfwcFwloHs
ATT&CK Navigator: https://t.co/G2HS5TaNeL
D3FEND: https://t.co/9LZ9qtIOka
ATLAS: https://t.co/sfNRelt69h
Eventually every malware report becomes:
“T1497 but with extra suffering.”
What's your best XSS payloads for bypassing Cloudflare WAF?
"New XSS Bypass CLOUDFLARE + Filters" by N0t0d4y
Payloads:
"\/><img%20s+src+c=x%20on+onerror+%20="alert(1)"\>
🔗 https://t.co/8akYEMduDP
🔗https://t.co/FeMz53HSN0
Arkadaşlar çok fazla nasıl yükleyeceğiz sorusu geldiği için tekrar buradan iletiyorum sadece aşağıdaki komutu girmeniz yeterli.
/plugin install superpowers@claude-plugins-official
In windows, APCs(Asynchronous procedure calls) is a mechanism in which a function executes in the context of the specific thread. It's not an independent execution entity like a thread.
void CALLBACK MyCompletionRoutine(...)
{
printf("Read completed!\n");
}
ReadFileEx(..., MyCompletionRoutine); //Async I/O
// Later
SleepEx(INFINITE, TRUE); // Alertable wait
Here, the completion routine runs even before SleepEx returns.
Thread
|
|-- ReadFileEx()
|
|-- SleepEx(INFINITE, TRUE)
| (alertable wait)
|
|<-- I/O completes
|<-- Windows queues User APC
|
|-- MyCompletionRoutine() <-- APC executes
|
|-- SleepEx returns WAIT_IO_COMPLETION
|
|-- Continue execution
That's how the below sequence is possible if you have proper rights to open the process handle to suspend. Btw security software can easily catch this because you're suspending a process and allocating memory etc.
Two zerodays this month, hope I can do more next month
@KittyPlays hey remember me from Coachella dm me wanted to show you something I built and I think you might like
It’s interesting watching various Telegram groups and other forums with regard to their current attitude towards vulnerability disclosure, and their increasing frustration and disregard with full vs. responsible disclosure. Complaints of duplicates, slow response times, etc…
IP search tools #ipaddress #ip #OSINT #search
https://t.co/wgVjDqHyVD
https://t.co/qWIx5QXvve
https://t.co/5Y6LNaJnS4
https://t.co/T5hy7faekD
https://t.co/wBfSE8P6qh
https://t.co/sC42Xl6AnW
https://t.co/LefT9PBdxm
https://t.co/2uqo4TasQb
https://t.co/2hBEp9VaDR
So obvious
Last Seen Users on Sotwe
THE MILKING STUDIO 
Seen from India
Video do surfista vazado
Seen from Brazil
AP
Seen from Brazil
Alex
Seen from Vietnam
Evli çift
Seen from Turkey
Chris Stone(18+)
Seen from Germany
Hayat bir gün oda bugün. Ankara çift bayanlaryazsn
Seen from Germany
Md Opo
Seen from India
Evli Çift 34
Seen from Italy
Sg1001
Seen from Vietnam
Most Popular Users
Elon Musk
@elonmusk
240.6M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.2M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.6M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
73M followers
Virat Kohli
@imvkohli
69.8M followers
Kim Kardashian
@kimkardashian
69.8M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.9M followers
Neymar Jr
@neymarjr
62.5M followers
The Ellen Show
@theellenshow
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.7M followers