Olivia
Online
Epayan
@Epayan44
In your Computer
Joined August 2013
1.1K Following
134 Followers
2.2K Posts
Pinned Tweet
Published my first blog post about malicious vscode plugins: Initial access and persistence https://t.co/1dEPeyCaUa
#redteam #phishing #persistance #vscode_plugins
I finally let Claude do my pentest this week. Full 5-day engagement, zero human input. Here's what the client got: 😏
https://t.co/1PPuxhs4V9
#bugbounty #pentesting #AI #cybersecurity #infosec #claudeai
I'm SO hyped to finally make MSSQLHound public! It's a new BloodHound collector that adds 37 new edges and 7 new nodes for MSSQL attack paths using the new OpenGraph feature for 8.0!. Let me know what you find with it!
- https://t.co/Hh089SaVOS
- https://t.co/geO0HXTykf
Active Directory Advanced Threat Hunting - Tracing the cause of account lockouts and password errors, by @tomvideo2brain
https://t.co/EZjMbdkK2j
NetExec has a new Module: Timeroast🔥
In AD environments, the DC hashes NTP responses with the computer account NT hash. That means that you can request and brute force all computer accounts in a domain from an UNAUTHENTICATED perspective!
Implemented by @Disgame_
1/3🧵
I just published a blog post focused on details of using offensive .NET for both enumeration and exploitation of #activedirectory environments! Including some customized code examples from a tool I've been developing!
https://t.co/SpseqUqoAp
I had lots of fun with this one!
Check out our latest blog (@RonB_Y @DeepInstinctSec) about our @defcon talk focusing on Shim and Office manipulation to achieve Code Injection and Privilege Escalation!
#defcon #defcon32 #cybersecurity https://t.co/YOLKPn3DrM
We are doing a giveaway for our Empire Ops: Tactics (Lazarus) course next week on Sep 11! Simply retweet this to enter, and we will announce the winner tomorrow at 1 PM EST. Come learn about ransomware simulation and threat emulation.
I wrote a fun write-up on ADCS exploitation, including explanations and custom built examples of practical exploitation for all 13 ESC vulnerabilities. It's available on my blog: https://t.co/zZReyPgeMi
Hope this helps anyone who's interested in #activedirectory security :)
Just finished Red Team Infrastructure Automation workshop at @HackSpaceCon This was my first conference that was international, and it was an incredible experience. All slides and codes can be found on my GitHub. Check out the Final Project folder for some fun automation scripts to start with for redirectors, teamservers, RedELK, and more!
https://t.co/0M51Fi0cm0
Most guides such as the OWASP cheat sheet rank prepared statements as the #1 primary mitigation for SQLi.
But, not even mitigations have their limitations.
Consider this CVE-2024–1597 for instance. What do you think?
https://t.co/unDCGwTvcx
#bugbountytips #cybersecurity
One of the best talks I've seen on this topic to date by @MorganDemboski. A thorough explanation of how to cluster Threat Actors by using multiple data sources focused on TTPs.
If you're interested in tracking & attribution, you should watch this!
https://t.co/Qr8QwyQpPq
Analysis of CVE-2024-27198 & CVE-2024-27199: @JetBrains @teamcity multiple authentication bypass vulnerabilities by @rapid7 team !
Killer auth bypass: /hax?jsp=/app/rest/server;.jsp 🤯
https://t.co/TDbLgcPcTW #security #bugbountytip
We have ALPHA group
For web3 founders and VCs
And there I shared $analos first at $10M MC ~
But after @gotbit_io meme journey I figured out how important is community
So raffle
Follow me + RT + leave your telegram in comment
Random 10 people I will add to our ALPHA in 48h
I made a lot of updates and optimizations. This version now downloads the ISO and stores them on the datastore automatically. pfSense only uses 1 private network (DHCP) to save vmnic/portgroup space. Tailscale is automatically enabled with key on setup...
https://t.co/heNsInOVjn
I guess what I'm saying is.. if I am working as a Threat Hunting Director for a well known EDR, with a documented history of being easily overpowered by simply unhooking a few userland umppc DLLs, and an an aggressive C2 dev/ex-employee who can see through my twitter bluster, then I'd be slinging slightly less shade ✌️
☁️ Cloud Security Lab A Week (SLAW)
I can't believe how good this is 🤯
FREE weekly newsletter to up your cloud security skills via a hands-on lab you can do in <30min
From @rmogull, who has taught cloud security at Black Hat for over 10 years
https://t.co/EHiaHfUvQx
Malware Development, Inline Assembly https://t.co/c6lunh5HTj
Here is part two of my request smuggling paper(s), in which I focus on a completely different gadget, with a completely different vector, for critical impact without requiring the target to have a bug to work... AGAIN😈
#0day #research #infosec #bugbounty
https://t.co/RuKPk0Rvqn
GPTs for Cybersecurity Collection
https://t.co/BX45Csb89S
Last Seen Users on Sotwe
Gaypissingsock
Seen from France
tytacobell
Seen from Turkey
ชอบเย็ดรุ่นป้า รุ่นแม่ รุ่นเจ๊ 30+40+50+
Seen from Thailand
KanieVL
Seen from Vietnam
Pepe
Seen from United States
andre
Seen from Indonesia
Egna mod Tuutututu
Seen from Guatemala
swingers perfil solo para adultos
Seen from Mexico
ชอบคนนมใหญ่🍼
Seen from Thailand
dalal 🦋عمتك دلال 👣
Seen from Egypt
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers