Olivia
Online
TheHackingFactory
@THackingF
Apasionados por el hacking y la seguridad.
Joined October 2016
665 Following
476 Followers
4.8K Posts
Pinned Tweet
We have a new post in our blog about creating a tiny script for automated recon with Telegram notifications:
https://t.co/PlAwPfbzQo
We hope you like it.
Bug bounty programs are killing their own disclosure pipeline.
Real vuln on https://t.co/XKtBPZ0bYr → CNAMEs to a vendor → program closes as N/A → bug stays open → breach happens anyway.
Microsoft just reversed this. Most haven't.
https://t.co/n9ArD89BGp
Mañana hablaré mas de la experiencia en #RootedCON2025, pero decir que orgullosamente soy poseedor de un certificado de asistencia con la garantía de @CHAYANNEMUSIC
Gracias @cibercapitan y viva @rootedcon !
Who to follow
Adastra
@jdaanial
El corazón jamás habla, pero hay que escucharlo para entender.
前人栽树, 后人乘凉。
Joel GM 
@JoelGMSec
● Senior Red Team Cybersecurity Expert ● Ex-CTO @ Cyberguard
● SysAdmin +10 years ● Creator of AutoRDPwn: The Shadow Attack Framework
David Utón
@David_Uton
Cybersecurity Engineer & Penetration Tester
No solemos entrar en esto, pero esto vez es muy fuerte, nos han mandado un audio y estamos flipando… solo decimos que os preparéis en @rootedcon y si tenéis algo que decirnos mejor a la cara
Katana by @pdiscoveryio is a powerful web crawler for recon! 🕷️
With support for JavaScript crawling, URL extraction, and custom filtering, it helps uncover endpoints, parameters, and assets efficiently. A must-have for refining your attack surface 🚀
Check it out 👉 https://t.co/NPqmaeKqq4
#BugBounty #Recon #YesWeRHackers
httpx doesn't just check if a URL is alive or not. It can also give you:
✅ timestamp
✅ port
✅ url
✅ input
✅ title
✅ scheme
✅ webserver
✅ content_type
✅ method
✅ host
✅ path
✅ time
✅ tech
✅ words
✅ lines
✅ status_code
✅ content_length
✅ PageType
✅ resolvers
But wait. That's just with the -j flag. You can get even more information with the -irh (headers), -irr (headers + body), -irrb (base64 encoded request/response) and -include-chain (redirect chain) flags!
Mañana va a ser un día importante en el track de Criptored dentro de @rootedcon (https://t.co/V8La3g84lo). Entre las diferentes sorpresas vamos a "regalar hardware" de privacidad a todos los asistentes a la charla de @RadioHacking y @JoelSernaMoreno. Esperamos que se llene la sala... por la calidad de la ponencia y por el "regalo" guiño guiño @TaiksonTexas @constrainterror . Nos vemos mañana
Evolución del malware .NET, monitoreo de CISA y sanciones a La Liga en el boletín de seguridad informática https://t.co/YIRphevNJc
Para los que vengáis a @rootedcon recordad que las buenas gentes de @HackingRadio vamos!
@RadiHacking y @JoelSernaMoreno se van a dedicar a explotar cosas y explicaros cómo
Yo estaré con @afernandesvigo hablando de divulgación y luego con mis queridas @securiters de ransomware
Bypassing AMSI and Evading AV Detection with SpecterInsight : https://t.co/Umsqkq4Rb7
New AMSI Bypss Technique Modifying CLR.DLL in Memory : https://t.co/CyDf0CdK0v
bgpipe : BGP reverse proxy and firewall : https://t.co/lK6MamWT4e
Heap exploitation
https://t.co/tLsHXCsAro
https://t.co/tp2UYyjJgk
https://t.co/VwFBRE8xnO
https://t.co/CuTbPCTX7g
https://t.co/MbS5KdllzW
https://t.co/lRIaAzTgif
https://t.co/squUPud5F6
https://t.co/VsKXgzxuDJ
https://t.co/kPJ1Jzn2om
Credits: @Ch0pin
#cybersecurity #heap
Android malware (.apk) can be spread through a fake video by manipulating the Telegram file extension. I showed how it is done in the video below.
Hey @Shopify @Hacker0x01 ...
I have had two bug hunters come to me and tell me horror stories about your bug bounty lately.
Valid bugs being exploited and you coming out saying... "oh we had planned on fixing that... no impact"
That is NOT the bug bounty contract. If there is a PoC showing the bug was exploitable at ANY time, you should pay the researcher.
Don't contribute to a bug bounty community that makes researchers think bug bounty is a scam.
Also - dont hide behind the new CVSS. Program owners looking to downgrade bugs to save money using the new CVSS and splitting bugs are SUPER scummy.
Contact @G0LDEN_infosec
BunkerWeb es un Firewall de aplicaciones web (WAF) de código abierto
https://t.co/4G6zwa58il
I received a PDF of appreciation from @NASA after finding a vulnerability in one of their domains. Long live hacking !! 💻💪🏻
Discovered a new xss payload that bypasses cloudflare web application firewall!!
Payload: <button%20popovertarget=x>Click%20me</button><img%20onbeforetoggle=alert(1)%20popover%20id=x>XSS
#cybersecurity #ethicalhacking #bugbounty #bugbountytips #penetrationtesting
BlueSpy - PoC to record audio from a Bluetooth device : https://t.co/sv0peS2LhC credits @Tarlogic
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers