Mohamed M.Fouad @Flash162011 - Twitter Profile

Flash162011 retweeted

22 days ago

‼️🚨 MAJOR IMPACT: AI just found an 18-year-old NGINX critical remote code execution vulnerability. It has been disclosed on GitHub including PoC code. - Affects NGINX 0.6.27 through 1.30.0 - Triggered via the rewrite and set directives in config - Update NGINX ASAP - NGINX is a widely used HTTP web server, be sure to check its prevalence in other products

83

3K

395

1K

949K

Mohamed M.Fouad @Flash162011

about 1 year ago

I created this PDF including in-depth technical details about NFC technologies and how they relate to physical security assessments. #nfc #rfid #CyberSecurity #Pentesting #redteam #BugBounty #physicalsecurity https://t.co/zgkoj6AVCd

0

84

Flash162011 retweeted

Ian Carroll

@iangcarroll

almost 2 years ago

In April, @samwcyo and I discovered a way to bypass airport security via SQL injection in a database of crewmembers. Unfortunately, DHS ghosted us after we disclosed the issue, and the TSA attempted to cover up what we found. Here is our writeup: https://t.co/g9orwwgoxt

51

2K

624

598

189K

Flash162011 retweeted

1ue @1ue1166323

almost 2 years ago

[CVE-2024-21096] mysqldump rce : ) learn form defcon32

4

439

67

156

34K

Who to follow

mohammed eldeeb

@malcolmx0x

Bug Bounty Hunter & security engineer

Ahmed Sultan 🇪🇬🇵🇸

@0x4148

Hacking systems and egos with equal precision | GXPN OS(C|W)(E|P) GDAT GCPN . . blah blah blah. | Views are my own

𝐑𝐀𝐢𝐡𝐚𝐧 ✪

@zapstiko

𝐒𝐜𝐡𝐫ö𝐝𝐢𝐧𝐠𝐞𝐫'𝐬 𝐒𝐦𝐢𝐥𝐞𝐲 :): 🕊✪ ❁ 𖤐 🪲✪ 𓃵 Ⓧ👽★ (⚡, 🥷)𝕏

Flash162011 retweeted

Youssef A. Mohamed @GeneralEG64

over 2 years ago

Important Annonucement: @BuguardLLC offers free migration from #Israel security products. We invite all the #Arabian solutions providers to collaborate. #CyberSecurity

GeneralEG64's tweet photo. Important Annonucement:

@BuguardLLC offers free migration from #Israel security products.

We invite all the #Arabian solutions providers to collaborate.

#CyberSecurity https://t.co/SgvPVuXJdZ

31

729

205

47

82K

Flash162011 retweeted

Ebrahem Hegazy 🇵🇸 @Zigoo0

over 2 years ago

بضم صوتي لصوت أخي @Voulnet لو تعرف أي شركة اسرائيلية او بتدعم اسرائيل في مجال أمن المعلومات ياريت تكتبها وتعمل منشن لحساب محمد. زي ما بيبلغو عن الموظفين الداعمين لفلسطين لشركاتهم فا يلا بقي نقلبها بنفس نظام اللعب القذر

13

697

228

26

56K

Mohamed M.Fouad @Flash162011

about 3 years ago

@0x4148 Congratulations 🎉

0

1

0

264

Flash162011 retweeted

an0n @an0n_r0

about 3 years ago

Played with Outlook CVE-2023-23397. Made a simple PoC email builder & sender featuring malicious reminder (just a Msg, no need to use a Task or Cal. Ev.). Critical 0-click account takeover on internal networks even after MS patch, no need to open the message on the victim side.

an0n_r0's tweet photo. Played with Outlook CVE-2023-23397. Made a simple PoC email builder & sender featuring malicious reminder (just a Msg, no need to use a Task or Cal. Ev.).

Critical 0-click account takeover on internal networks even after MS patch, no need to open the message on the victim side. https://t.co/S2FxA1jVAR

15

1K

352

358

174K

Flash162011 retweeted

TechCabal

@TechCabal

about 3 years ago

Liquid Intelligent Technologies has acquired a Cairo-based cloud and cyber security provider, Cysiv MEA in bid to boost its African presence. https://t.co/qOZFwl0ksF

0

6

4

1

2K

Flash162011 retweeted

mpgn @mpgn_x64

over 3 years ago

It's 2023, CrackMapExec can now dump DPAPI credentials as a core feature !🚀 This is possible thanks to the work of @_zblurx and his library dploot ! He also added a module to dump firefox passwords 🔥 Pushed on @porchetta_ind v5.4.5 Bruce Wayne 🪂 No excuse, DA everytime, 🔽

mpgn_x64's tweet photo. It's 2023, CrackMapExec can now dump DPAPI credentials as a core feature !🚀

This is possible thanks to the work of @_zblurx and his library dploot ! He also added a module to dump firefox passwords 🔥

Pushed on @porchetta_ind v5.4.5 Bruce Wayne 🪂

No excuse, DA everytime, 🔽 https://t.co/IQOFJhACjq

16

981

300

167

121K

Flash162011 retweeted

Ryan M. Montgomery

@0dayCTF

over 3 years ago

HoaxShell Beta - Integrated with https://t.co/DEELMA8lid - A new collection of payloads with some unique concepts has been added by @t3l3machus - More features, and automatic payload generation is coming soon! - - #infosec #cybersecurity #bugbountytips #CTF

0dayCTF's tweet photo. HoaxShell Beta - Integrated with https://t.co/DEELMA8lid
-
A new collection of payloads with some unique concepts has been added by @t3l3machus
-
More features, and automatic payload generation is coming soon!
-
-
#infosec #cybersecurity #bugbountytips #CTF https://t.co/CaTPn8AD2E

11

154

38

29

27K

Mohamed M.Fouad @Flash162011

over 3 years ago

APT-29 (Cozy Bear) Adversary Simulation Progress... #redteam #adversary #APT29 #MITRE #CALDERA #cybersecurity

1

6

1

714

Mohamed M.Fouad @Flash162011

over 3 years ago

@5yx Congratulations 🎉

1

0

180

Flash162011 retweeted

mpgn @mpgn_x64

over 3 years ago

Bloodhound python from @_dirkjan is now integrated to CrackMapExec as a core feature 🔥 ▶️ cme ldap <ip_dc> -u user -p pass --bloodhound Enjoy this one, more juicy features to come soon 💪 Pushed on @porchetta_ind thanks to the sponsors as always 🪂

mpgn_x64's tweet photo. Bloodhound python from @_dirkjan is now integrated to CrackMapExec as a core feature 🔥

▶️ cme ldap <ip_dc> -u user -p pass --bloodhound

Enjoy this one, more juicy features to come soon 💪

Pushed on @porchetta_ind thanks to the sponsors as always 🪂 https://t.co/5QOoswzRlC

11

805

233

116

77K

Mohamed M.Fouad @Flash162011

over 3 years ago

After FIN6 Adversary Simulation I did another Russians APT-28 (Fancy Bear) Adversary Simulation. From Initial Execution -> Persistence -> defense evasion -> credential access (Kerberoasting) -> lateral Movement -> Data Exfilteration. https://t.co/KlX2hcH2PH

0

1

0

141

Mohamed M.Fouad @Flash162011

over 3 years ago

APT-28 (Fancy Bear) Adversary Simulation Progress... From Initial Execution -> Persistence -> defense evasion -> credential access (Kerberoasting) Still lateral movement and data exfiltration... #redteam #adversary #APT28

Flash162011's tweet photo. APT-28 (Fancy Bear) Adversary Simulation Progress...

From Initial Execution -> Persistence -> defense evasion -> credential access (Kerberoasting)

Still lateral movement and data exfiltration...

#redteam #adversary #APT28 https://t.co/ioLi3Qy1lt

0

3

0

520

Flash162011 retweeted

Noy Pearl @NoyPearl

over 3 years ago

Woah the new versions of jadx allow you to generate pure @fridadotre snippets from Java functions. Pretty useful when RE Android apps. Here's an example of what it generates: #BugBounty tip

NoyPearl's tweet photo. Woah the new versions of jadx allow you to generate pure @fridadotre snippets from Java functions. Pretty useful when RE Android apps.
Here's an example of what it generates:

#BugBounty tip https://t.co/qGz45kUNsb

1

108

23

21

18K

Flash162011 retweeted

HTTPie @httpie

over 3 years ago

🪄 Introducing HTTPie AI, a new way to interact with APIs 👉 https://t.co/AzXsn2xz80

59

4K

603

1K

711K

Mohamed M.Fouad @Flash162011

over 3 years ago

@Lemonitup You're welcome

0

24

Mohamed M.Fouad @Flash162011

over 3 years ago

I did a short demo for 70% of FIN6 APT adversary simulation TTPs on a local AD environment from discovery to data exfiltration assuming a breach with an initial foothold inside the domain. #redteam #FIN6 #infosec #adversary #Mitreattack #APT #informationsecurity

1

3

0

1

0

Mohamed M.Fouad @Flash162011

over 3 years ago

@Lemonitup It's Mitre CALDERA framework

1

0

56

Mohamed M.Fouad

@Flash162011

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users