Olivia
Online
Zero Labs
@ZeroNLabs
Zero Networks Research team, specializing in open source security tools for defenders.
Join our slack at
Tel Aviv, Israel
Joined June 2023
26 Following
243 Followers
125 Posts
#NauthNRPC is a tool that can help you enumerate computer / user accounts anonymously in #ActiveDirectory via DsrGetDcNameEx2 RPC calls.
This is not often in most environments, so used could be blocked via #RPCFirewall.
Nice job by @haider_kabibo 🏆🏆
https://t.co/Jf0Ep0AGb2
My thoughts about CVE-2025-33073, and on how to prevent #NTLM / #Kerberos relay attacks in general using #RPCFirewall & #LDAPFirewall
https://t.co/oV47fgPedH
Are you sure you can enumerate all of your #Azure resources? You may be missing some out.
#MapAz is a new #PowerShell Module that (among other things) can help you enumerate hidden resources.
Read more in my latest post:
https://t.co/J9DjcaYvIQ
Excellent writeup by @cybergentix on #WMI #LateralMovement
Didn't mention mitigation via #RPCFirewall, which could be achieved by blocking remote #DCOM operations
https://t.co/BCbhHmFUwE
ADCS … often exploited, rarely mentioned
Read @dekel_paz excellent writeup on #badsuccessor #LDAP vulnerability, and how to mitigate with the #LDAPFirwall
BadSuccessor is a slick AD privilege escalation that uses LDAP to take over user accounts
…and the LDAP Firewall can already block it — no updates needed.
How the attack works + how to block it:
👉 https://t.co/CEzSYW5xL0
Yes, LDAP enumeration is still a thing in 2025.
https://t.co/Mcrp7cWPJJ
A new open source tool to visualize #LDAP data ovre #Neo4j graph database: #Neo4LDAP by @_kripteria !
And, you can inject data directly from #BloodHound 🐕
Check it out here:
https://t.co/qvsafVNdfU
CVE-2025-29969 is an RPC #RemoteCodeExecution vulnerability, base score 7.5.
Exploits a time-of-check time-of-use & affects Windows vers 2025, 2022, 2019, 2016, 2012 R2, 2012, 2008 R2 SP1, 2008 SP2; Win 11 22H2/23H2/24H2, Win 10 1607/1809/21H2/22H2.
https://t.co/jrd1brZLjs
Shields up! time to limit access to Telnet (TCP port 23) on internal network.
CC: @ZeroNetworks
A handy list of LDAP search filters used by common enumeration tools, compiled by @Unit42_Intel (@PaloAltoNtwks).
The best part? You can block all of them with our open-source #LDAPFW! 📷
Full article: https://t.co/m2oZaIRKLN
Get started: https://t.co/z6EDf8vFAF
Did you know that you can block DCOM via the #RPCFirewall?
Make sure you're protected against #RemoteMonologue #NTLM #Coersion !
https://t.co/WGjbhkAM7J
RemoteMonologue - A Windows credential harvesting attack that leverages the Interactive User RunAs key and coerces NTLM authentications via DCOM. Remotely compromise users without moving laterally or touching LSASS.
Hope you enjoy the blog & tool drop 🤟
https://t.co/ch9WuSP6bm
This one checks a lot of #LateralMovement TTPs. Could have been nicely blocked by #LDAPFirewall & #RPCFirewall + some #NetworkSegmentation
How #blackSuit #ransomware spread from first fake #zoom installer -> d3f@ckloader #IDAT #SectopRAT
https://t.co/nuYNOBicMp
🌟New report out today!🌟
Fake Zoom Ends in BlackSuit Ransomware
Analysis and reporting completed by @pigerlin, UC1 and @Miixxedup
Audio: Available on Spotify, Apple, YouTube and more!
https://t.co/r9hQxzPTL0
Nice work by @YaronZi & @CrowdStrike promoting LDAP Security to detect suspicious LDAP activities.
https://t.co/aedfdIG8dh
Maybe someone wants to slap an AI agent on their #LDAPFirewall for similar results? :)
https://t.co/G766b53uj7
When we first published "What the Filter" we never thought we would have more than a 100 downloads, let alone a thousand.
We're happy to see the community getting value with the latest version bypassing the 1000 mark ! 🏆
https://t.co/NV1OEViwCW
🎉2024 brought remarkable growth, new faces to #ZeroNation, and plenty of fun moments together 💪🏼🚀.
To our customers, partners, investors, and team—thank you for an incredible year; here’s to a successful and inspiring 2025! 🥂
#ZeroNetworks #NewYear2025 #Cybersecurity #Gratitude
Hi all!
We released a native version for WTF-WFP, supporting a limited number of operations. Especially good for those instances when you can't use #PowerShell module #NtObjectManager.
/bypass command will skip the entire layer of filters
https://t.co/pVsPDmGyut
@egosumdns @TalBeerySec @gentilkiwi @harmj0y @_wald0 We're not sure ChatGPT is best for finding bugs, but you're welcome to raise issues @egosumdns.
Even if #LDAPFirewall fails (running now in several production envs with 0 crashes), it will be in the same 𝗰𝗿𝗼𝘄𝗱 with Billion dollar companies who can't say the same
#YOLO
Last Seen Users on Sotwe
Tyler Heat 
Seen from Turkey
Türk İfşa Platformu
Seen from Switzerland
Pelon Sanchez
Seen from United States
鹿鹿
Seen from United States
sex tự quay
Seen from Vietnam
Sedap Malam
Seen from Indonesia
Hot Sexy VidXoo
Seen from Argentina
omeat
Seen from Oman
音ね風花🎵🌬💮
Seen from Japan
I love you all
Seen from United States
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers