Olivia
Online
Level Effect, LLC.
@Level_Effect
Former NSA and cyber professionals creating award-winning, accessible, and hands-on training programs and courses.
San Antonio, Texas
Joined November 2017
299 Following
862 Followers
919 Posts
Β Pinned Tweet
π¨ OFFICIAL LAUNCH of Interactive Live-Instructed CTF Quests on Guardian Foundry!
This is our very first one: Phish Slayer Quest - Spot the Bait
Weβre running a real 2026 BEC phishing email campaign analysis together live on the platform.
In this beginner-friendly session youβll:
β’ Learn 4 things SOC analysts check in the first 30 seconds
β’ Build your first IOC table
β’ Submit a Technical Summary for grading
Everything is graded instantly + you earn 15 XP + your first Skill Sheet entry.
Zero experience needed. Perfect for newcomers and early intermediates.
This is just the beginning, the same attacker returns in a second attack with malware obfuscation, then you submit the full report for real instructor 1 on 1 manual review.
Goes live 12PM EST April 10th - multi-streaming on all socials.
Free to join! Create your free account and be part of the very first live CTF Quest!
π https://t.co/P3DhSwTpBx
π¨ Workshop Spotlight # 10 π "Analyzing WannaCry: A Forensic Method for Recovering Ransomware Data with Open-Source Software"
by Smit Nayak, Cyber Security Analyst at Sypram
π Description
WannaCry crippled thousands of systems in 150+ countries in 2017, signaling a new era in cyber threats worldwide.
So why look at it now? Behind all the hype is a goldmine of information for forensic science and real-world recovery tactics.
This session takes a forensic investigator's view of WannaCry, covering the malware in detail and walking through methods for recovering, analyzing, and interpreting the artifacts it leaves behind, even after encryption and system compromise.
You'll be guided through a realistic forensic reconstruction of a WannaCry-infected system using open-source tools like Autopsy and Volatility. The session covers finding ransom notes and IOCs, extracting memory data, locating encrypted file remnants, and recovering partial data through shadow copy remnants and file carving.
If you work in digital forensics, hunt threats, or are trying to sharpen your ransomware incident response process, this one's for you.
ποΈ Only at ContinuumCon 2026: June 12-14
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !
Packets never lie. π«‘ Want to see malicious activity? Go hunt through traffic.
NEW CONTENT DROP π₯ Live June 5, 2PM EST π
20+ network labs (command line to Wireshark) + 5 threat hunts built from real malware traffic.
Hunt the IOCs, uncover the attack. The 5th is a COMPLETE threat hunt + report you submit for manual Instructor review.
We'll go live and walk through everything new on stream. π₯
π¨ Workshop Spotlight #9 π "Killing Active Directory Attack Paths Once and For All"
by Spencer Alessi (@techspence), Sr. Penetration Tester at @SecurIT360
π Description
Active Directory attack paths are what turn small weaknesses into full domain compromise.
After pentesting 150+ organizations in the last 5 years and performing over 1,000 hours of internal pentesting in 2025 alone, one of the biggest security mistakes I see IT Admins make is logging into untrusted workstations with their Domain Admin account.
In this workshop, weβre going to learn how easy it is for an attacker to compromise a domain from an untrusted workstation and how to prevent it, even if the attacker has Domain Admin (DA) credentials.
Weβll cover:
- Why Active Directory (AD) still matters
- AD attack path pre-requisites
- Two common lateral movement attacks
- Hardening controls to block these two attack paths
Not only will you be able to play the role of the attacker and carry out the attacks yourself, but youβll also be put in the defender seat and guided through setup and configuration of security controls in Active Directory to block the attacks.
If youβre responsible for managing and/or securing Active Directory, this workshop is for you.
ποΈ Only at ContinuumCon 2026: June 12-14
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !
Who to follow
Joana Cook
@Joana_Cook
Asst Prof of Terrorism and Political Violence @ISGA_Hague l @JohnsHopkins l @PREPARE_EU l I research (counter-)terrorism
DFIR Diva
@DfirDiva
DFIR Analyst trying to learn all the things | DFIR Blog for Beginners | Founder @GetYourStart | https://t.co/7cHco4FjUS
Rob Noeth 
@RobNoeth
I help people learn about cyber security. I used to work on security stuff til I took an arrow to the knee.
π¨ Workshop Spotlight #8 π "How to Analyze Malware"
by Matthew Nguyen
π Description
A practical introduction to malware analysis for beginners, focused on building a foundational workflow rather than diving straight into reverse engineering.
You'll cover the key principles of a safe lab setup, basic static analysis, and dynamic analysis using sandbox environments and tools you can run in your own lab (like FlareVM).
The session includes a guided walkthrough of a real malware sample pulled from a malware database, with attention to the techniques you'll encounter most often: persistence mechanisms and command-and-control communication.
By the end, you'll have a clear framework for analyzing malware, an understanding of the common techniques malicious software uses, and the confidence to begin your own analysis safely.
ποΈ Only at ContinuumCon 2026: June 12-14
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !
ContinuumCon Teaser: solst/ice, Zack Korman, & Spencer Alessi!! https://t.co/33fjJmax5M
THIS IS TODAY come hang out, ask stuff, tell us how you feel about cyber things and get some takes on it!
ay yo THIS FRIDAY 5/29 at 11am ET i am hanging out with @IceSolst @ZackKorman @techspence and @AnthonyBendas LIVE for a sweet lil teaser and sneak peek at their @_ContinuumCon_ workshops
(conference june 12-14 baby, be there or be square)
AMA & demos & shenanigans
ππ€π
π¨ Workshop Spotlight # 7 π "Smarter AWS WAF: Reduce Noise, Detect Threats & Automate Response"
by Ihor Sasovets, Security Engineer at TechMagic
π Description
As cloud-native applications scale, so do the threats targeting them. AWS WAF is often one of the first lines of defense at the edge, yet many teams struggle to move beyond basic configurations and truly operationalize it.
WAF gets deployed, but rarely fully leveraged as an intelligent security control.
This workshop walks through a practical, end-to-end approach to building a production-ready AWS WAF setup.
Starting from scratch, you'll deploy protections with the Security Automations for AWS WAF solution while breaking down how WAF actually works under the hood: core features, rule management strategies, and common pitfalls. You'll tune rules, reduce false positives, and design a setup that scales without becoming operationally expensive.
Part two extends AWS WAF with a custom solution, the "AWS WAF Monitoring Lambda," that turns raw WAF logs into actionable security intelligence. Think automated log analysis, near real-time attack visibility, Slack-based alerting, and intelligent IP blacklisting, all fast enough to detect and respond to threats even without a dedicated SOC.
The goal is simple: turn AWS WAF from a checkbox into a smart, scalable, and proactive security layer.
ποΈ Only at ContinuumCon 2026
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB865iq
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !
Real Incident CTFs for Cybersecurity - Instructor Reviewed https://t.co/GCo4q2Mfhm
We do CTFs differently, come check out cyber stuffs
LIVE tomorrow reviewing 3 new features we shipped:
1. Case File CTFs: Real-world incident response scenarios with progressive challenges, instructor-graded submissions, and leaderboards.
2. Certifications with verified URLs and ranked badging showing your work.
3. The "Satchel": tracks progress, courses you own, and bookmarks all on one screen.
Built for SOC analysts, detection engineers, and blue teamers training toward real-world incident response work.
π Month-End Dev Stream #4 / Thursday May 28 / 12PM ET
π Guardian Foundry: https://t.co/u24C5tMAA6
LIVE tomorrow reviewing 3 new features we shipped:
1. Case File CTFs: Real-world incident response scenarios with progressive challenges, instructor-graded submissions, and leaderboards.
2. Certifications with verified URLs and ranked badging showing your work.
3. The "Satchel": tracks progress, courses you own, and bookmarks all on one screen.
Built for SOC analysts, detection engineers, and blue teamers training toward real-world incident response work.
π Month-End Dev Stream #4 / Thursday May 28 / 12PM ET
π Guardian Foundry: https://t.co/u24C5tMAA6
π¨ Workshop Spotlight # 6 π "Roll Your Own Analyst"
by Tallis Jordan, Co-Founder of HardCounter
π Description
The amount of threat intelligence produced through blogs, vendor feeds, malware reports, and research writeups can feel overwhelming.
Between rehashing, regurgitation, and IOC dumps, most detection engineers simply do not have time to review everything manually.
This workshop covers building a lightweight, local threat intelligence pipeline designed specifically for detection engineering workflows. Using Python, Ollama, and a small local model, you will ingest intelligence feeds, analyze that intelligence with local models to extract actionable insights, and present the output through a web interface that can be placed into your daily workflows.
No expensive hardware. No overengineered or complex "AI agent" platforms. Just practical, privacy-friendly automation that you can build and operate yourself.
You'll leave with a working pipeline you can expand on with more enrichments, detection engineering workflows, and integrations.
ποΈ Only at ContinuumCon 2026, June 12-14
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect !
ay yo THIS FRIDAY 5/29 at 11am ET i am hanging out with @IceSolst @ZackKorman @techspence and @AnthonyBendas LIVE for a sweet lil teaser and sneak peek at their @_ContinuumCon_ workshops
(conference june 12-14 baby, be there or be square)
AMA & demos & shenanigans
ππ€π
Thank you to all our players for engaging and the efforts they put in!
See y'all in the next one. π
"I've had to do some extensive digging through our repos at work for signs of this attack on multiple occasions" said one of the players.
π Our first Case File CTF called "PHANTOM" wrapped this weekend.
A 72 hour event around a realistic npm supply chain compromise. Artifacts and deliverables included IOCs, three detection rules, a hunt query, and a full incident report manually reviewed.
Congrats to the top 3 finishers! π
π₯ daichizan1998 (3,162)
π₯ Aakash Raman (2,900)
π₯ Lazacant (2,875)
Leaderboard: https://t.co/aJLx3jsg9q
PHANTOM will be available across all access tiers and as a standalone purchase soon. Go through it without a timer and obtain an unranked completion badge once successful.
New realistic Challenges and CTFs drop on Guardian Foundry every month. π₯
@vaultkeepr_xyz @_ContinuumCon_ @_JohnHammond @hAPI_hacker @apisecu 32% of organizations experienced at least one API security incident in the past year per Salt's recent report
https://t.co/JuZW5uVUgb
the question whether devs understand vs if they have the time, resources, and telemetry available to validate is a whole other thing though...π«
π¨ Workshop Spotlight # 5π "Instant API Hacker"
by Corey J. Ball (@hAPI_hacker), author of "Hacking APIs" and founder of APIsec University (@apisecu) & hAPI Labs
π Description
"Instant API Hacker" demonstrates how quickly someone can learn to identify and exploit API vulnerabilities.
You'll witness the exploitation of critical vulnerabilities from the OWASP API Security Top 10, including broken authentication, authorization flaws (BOLA), and excessive data exposure.
Through live demos using the "One Request to Rule Them All," you'll see firsthand how APIs can be compromised, and gain actionable insights you can apply immediately.
The session walks through finding APIs, analyzing endpoints in Postman, going deep with Burp Suite, and exploiting the most common vulnerabilities. You leave with free resources for continued learning, including vulnerable labs and APIsec University courses.
Beginner-friendly. By the end, you're an API hacker.
ποΈ Only at ContinuumCon 2026
Work through it live, or revisit the lab on your own time. Own it forever. The workshop doesn't end when the conference does.
Got your ticket yet? π https://t.co/N7pFB85xsS
Hosted by @_JohnHammond, @JustHackingHQ, @AnthonyBendas, and @Level_Effect!
Huge NEW CTF - PHANTOM ! CTI Case Study for Cybersecurity https://t.co/t2FBoD2km1
This is also going to be the same CTF platform we'll be using for the @_ContinuumCon_ CTF hosted by us and @_JohnHammond and @JustHackingHQ !
Let us know what you all think about it!
π¨ PHANTOM kicks off at 1PM EST, live streamed. Case File CTF #1 on all facets of CTI:
- Pull 10 IOCs out of a real artifacts
- Write up attribution and impact, conclusions backed by evidence
- Build 3 detection rules, and test them: YARA, Snort, Sigma
- Prepare a threat hunt with your own KQL or PowerShell query
- Deliver a complete incident report that is manually reviewed
"Goodcorp SOC paged at 02:14 UTC. Suspect outbound traffic from a build runner. The nightly npm install ran ten minutes earlier."
Same artifacts an IR team would actually see. Same deliverables they'd write.
This is a modern supply chain compromise, like all the npm and dependency issues we're seeing.
Leaderboard, points, first blood, hints... and prizes!
- CDETH voucher
- DE&TH Challenge pack
- 1 Month free Adventurer
- 1 Month free Guardian
Walk away with the PHANTOM badge and your rank! π₯
FREE and open to all. Runs until Sunday May 24 at 10AM EST.
Links in the first comment.
See you at 1PM!
Landing page: https://t.co/oNqqeON2hs
Last Seen Users on Sotwe
Saytip ΰΈͺΰΈ²ΰΈ§ΰΈΰΉΰΈ²ΰΈΰΈΰΈ²
Seen from Thailand
MAMA MUDA
Seen from Indonesia
Chapin502.
Seen from Guatemala
ΨΨ³ΩΩ Ψ§ΩΨΉΨ±Ψ§ΩΩ
rebeuleak vip β
Seen from Germany
dasia πβ.Λ
Seen from Vietnam
Best Of ΓnlΓΌ 2β£0β£0β£K
Seen from Turkey
Ρ
Π°Π½
Seen from Switzerland
SaΔane
Seen from Turkey
Adicto xxx
Seen from Panama
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers