Olivia
Online
Bandit Pingu
@FlyingPhishy
// Professional Bandit // Hacker, Researcher, Tinkerer @ SilverSky // Personal Views
United Kingdom
Joined June 2019
1.1K Following
275 Followers
1.5K Posts
The lolbin gods delivered
@vxunderground “We take security seriously”
Who to follow
Vangelis tix Stykas 
@evstykas
Father of two sons and ARIS fan.
Named NOT A UNICORN!🦄
IDOR as a service.
@_ifigeneia husband
@atroposai jack of all trades
Never ethical , mostly legal...
myexploit2600
@myexploit2600
Red ;0)
Weasel Sec
@Weasel_Sec
RedTeam | PurpleTeam | PenTest | Chef . Views are mines 🇬🇧🇸🇬
@IAMERICAbooted 100%, too much time on politics and optics, and not enough true experts in management position.
When a security researcher harms customers it's a crime, but when Microsoft does it it's called Copilot.
@UK_Daniel_Card Industry is full of charlatans who claim to be passionate/champion cyber, and experts is a fucking joke.
I’ve become jaded after the illusion smashing…
@cyb3rops We have a RD policy that aligns with CERT/CC and yet people still think you’re nefarious or (no offence) a grifting “bug bounty hunter”
@cyb3rops Ive been doing RD for a few years now and I think the ecosystem has gotten worse. I currently have an RD with 3 companies (2 vendors, 1 client) and their legal and vendor advice was to actively ignore and not respond.
RD will be dead soon if things don’t change
Last time I dealt with MSRC.
Responsibly disclosed an issue with legacy auth that allowed me to spray passwords at <redacted endpoint> and avoid smart lockout.
Receives email.. 5 months after initial case opening.
“Doesn’t meet the bar for servicing”
Microsoft silently fixed. Closed case.
https://t.co/9iFpMJMSXC
@ruadams Microsoft has never, ever prioritised security within their cloud platforms.
I’ve done 100s of security reviews over the years and the majority of customers are rocking default configs.
Nice one for the cmdlet
Why MS insists on turning everything on by default while they claim to have their customers security as a top priority baffles me. This pshell command will toggle these off as well as any future connectors that drop.
Yes DLP would protect your orgs data exfil - that isn't the point. Not every Org is there yet - so please stop enabling things like this without Admin consent.
M365 Admin portal / Copilot / Connectors
https://t.co/oMXAtXNu1h
@Copilot @NathanMcNulty
@sekurlsa_pw Or any auth coercion 😂
After not receiving a raise in the four years I’ve worked at BHIS they’ve now decided to reduce my pay by $40k after coming back from maternity leave and moving my role to solely pentesting. So I am looking for a new position effective immediately if anyone has any leads 😇
i finally understand why it’s called linux porn 😭
Microsoft Edge loads all your saved passwords into memory in cleartext — even when you’re not using them.
@MJHallenbeck @7h3h4ckv157 The IDOR one doesn’t inspire hope; seems more lab oriented rather than IRL situations
New NetExec module: mssql_cbt🔥
Relaying to MSSQL can be a hidden gem when you are out of options. The only protection against relaying to MSSQL is to enforce Channel Binding Tokens (CBT). Thanks to @Defte_, NetExec now has a module that checks whether this CBT is required.
So applications can be multi tenant or single tenant and have either delegated or administrative permissions and sometimes we call them service principals but there’s actually a difference between an application and a service principal
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers