Olivia
Online
Octopod
@Octopod13
Trying to figure out this computer stuff.
Joined July 2021
1.3K Following
91 Followers
1K Posts
Studies show that watching a beaver eat cabbage lowers stress by 17%
A POC for CVE-2025-55182
https://t.co/BcyJ1UbivA
@HackingLZ Blink twice if you need help, Grok.
I know a lot of people will hate me for saying this but it has to be said. I get a lot of DMs saying RT is getting harder everyday, traditional loaders dont work anymore, opensource tools tend to crash or get detected instantly. But wasnt that the whole point of Red team? Thats why red teams get paid way more than PT/appsec. RTs are not supposed to be easy, its not just about stealing the first kerberos ticket/Ad Cert and becoming DA. You get paid for the expertise. If you have the same skills as that of general appsec/strategic team, then why would you get paid more? Somehow somewhere someone thought that RTs can be easy money and started providing cheap RTs, providing general PT in the name of RTs, confusing amateur orgs between RT and PT, but infact Redteam was always about research, helping the target organization improve their defense and find flaws in creative ways, or to identify the effects of an adversary. If you have done that and succeeded in improving the security of the org, then it means the next one to improve is you. You cant pray for weak security while doing redteams. Challenges make you better. Staying constant is for the weak.
@vxunderground If it likely to confuse or misinform a large number people it is an optional good for the community but not obligatory to comment with a helpful correction or reference. If it is likely to start a flame war then don't bother as your time is more valuable.
We don’t really hear that anymore because the landscape has changed. Back then, attackers were up against passive, unmonitored defenses like firewalls or AVs. If they failed, no one noticed - but if they got through once, it worked. That’s where the “only need to be right once” came from.
Today, failed attempts leave traces. EDRs, SIEMs, and threat hunting teams are watching. It’s no longer a free game of retries until you succeed - failed attempts raise alerts, trigger investigations, and get you burned fast. That’s the real shift.
@vxunderground Kaiju 8
My hero academia
DanMachi/Familia Myth
FoodWars
@UK_Daniel_Card wtf is this
@ItsReallyNick Here is an example of why area based reasoning is increasingly important in a world where computers can be used for calculations and graphical depiction.
https://t.co/HareIu8JpI
@gregeganSF You can intuit this geometrically. With sufficient N, you're basically asking "what are the odds Bob has chosen the larger of the two sides of Alice". The red here shows where he fails to do so - which covers 1/4 of the option space. The answer is 3/4.
@ItsReallyNick This is option 1. Another of way of rephrasing the question is "Bob and his little brother Jimmy have 2 and a half pizza pies of different kinds. Bob wants to eat twice as much as Jimmy. Which of these is a fair distribution to Jimmy so he gets the same proportion of each type?"
Is your EDR a dump?
Yes it is!
cmd /v/c "set R=reg add HKLM\SYSTEM\CurrentControlSet\Control\CrashControl /f /v&!R! CrashDumpEnabled /d 7 /t 4&!R! DumpFileSize /d 666 /t 4&for /f "delims=*" %i in ('sc qc WinDefend^|find "PATH_"')do (set t=%i&!R! DedicatedDumpFile /d !t:~29,-1!)"
🔥new blog detailing 0day exploitation of Ivanti appliances as well as newly observed malware families tracked as PHASEJAM and DRYHOOK. We also detail activity related to the previously observed SPAWN malware ecosystem tied to China nexus cluster UNC5337.
https://t.co/mK6ZSVeBQQ
Redirecting Traffic From Windows via SharpRedirect https://t.co/IDFcVSsfZH
No amount of deterrence (through denial, threats or otherwise) or ‘cyber hygiene’ will prevent the next Salt Typhoon. Only through strong end to end encryption will this threat be fully remediated. We must change the threat model so that only targeting of specific endpoints is possible which will greatly reduce the ability for anyone to gather this data at scale.
Another reason to enable enabled Extended Protection for Authentication (EPA), SMB signing and LDAP signing + channel binding.
Windows 2025 & 11 24H2:
NTLMv1 and PowerShell 2.0 (no AMSI) have been removed. Also an option to block NTLM in SMB:
https://t.co/4dIXlowSdB
Some Fortinet Nday.. for now.... :-) CVE-2024-23113
https://t.co/Y10rZ8D0KC
A man shows his commute to work in China
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.4M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.4M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.1M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.5M followers