Olivia
Online
Sander Maas
@__Retrospect
Ethical Hacker & Red Teamer
Netherlands
Joined July 2009
264 Following
455 Followers
2.1K Posts
The last talk of day one of #x33fcon 2026 is delivered by @chvancooten "The Best #Defense Is A Good #Offense: A Pragmatic Path to Continuous #Purple Teaming" - https://t.co/cJWabHZw69 #automation, #attack_simulation
🚀 Super excited to finally share that I have been working on a startup for over a year: @offensys! Offensys provides an enterprise platform for automated advanced attack simulations to enable continuous posture validation.
🌐Check out our new website: https://t.co/h00eOYbJx5
@MarcOverIP @Cneelis @MDSecLabs @OutflankNL I’ve had a great time, the talks were amazing! Thanks a lot again for organizing @MDSecLabs @OutflankNL and @max__grim @c3c for creating the awesome badge 💯
Shall we call them "Hidden"? Hiado makes use of some undocumented Azure DevOps APIs to enumerate permissions on repositories within your organization. Big shout-out to @chvancooten and @__Retrospect who came up with attack paths this tool is based on.
https://t.co/942XO4XSKm
Who to follow
Max Grim
@max__grim
Red Teamer @OutflankNL | Cyber Security | Messing around with hardware
LetsDefend 
@LetsDefendIO
LetsDefend, now part of Hack The Box. Read more: https://t.co/jxMnGZ4Yne
Embajada de Rusia en México
@EmbRusiaMexico
Посольство России в Мексике 🇷🇺🤝🇲🇽
Nuestra cuenta en Telegram https://t.co/cKWtgaS0mg
Surprise, surprise... the new Teams client that is based on Edge WebView has the same issue in a similar "Session Storage" folder somewhere in %localappdata%
If you are looking for an easy way to access O365 refresh tokens when landing on an endpoint, have a look at the log files on the endpoint stored in "%localappdata%\Microsoft\Olk\EBWebView\Default\Session Storage\" [1/2]
... a C2 profile that uses Websockets. The pull requests have been submitted but until these are merged you can check it out at my fork: https://t.co/ja65nnNb9n [2/2]
![__Retrospect's tweet photo. ... a C2 profile that uses Websockets. The pull requests have been submitted but until these are merged you can check it out at my fork: https://t.co/ja65nnNb9n [2/2] https://t.co/RNbVRYNof1](https://pbs.twimg.com/media/GFrYMdsX0AA4rJ7.png)
I have been playing around with the Apollo agent of Mythic C2 the past couple of weeks and decided to try and add some new features. I combined the work of RunOF by @Nettitude_group to add a loader to run your favorite BOF's and ... [1/2]
SOAPHound is out for walkies!
SOAPHound is a #BloodHound collector to enumerate AD over SOAP instead of LDAP directly.
Proud of Nikos for all his hard work!
Blog: https://t.co/7cJVnFRUjD
Tool repo: https://t.co/0gt73qX9Bd
Detections:
https://t.co/PJ0P4iWsbE
YOLO: You Only Load Once
Parsing RUNTIME_FUNCTION entries to hide the ReflectiveLoader function. Little experiment with hopefully some nice future developments.
https://t.co/QkmY1FIHul
#offsec #security #cplusplus #reflectivedll #pe
You might be lucky enough to find yourself 1 or 2 tokens. These seem to be placed as soon as one of the shortcuts on the left side of the latest Outlook client is used. Disclosing this here because MS will not fix the reported issue. [2/2]
If you are looking for an easy way to access O365 refresh tokens when landing on an endpoint, have a look at the log files on the endpoint stored in "%localappdata%\Microsoft\Olk\EBWebView\Default\Session Storage\" [1/2]
What's better for Christmas than a nice read about Reflective DLL Injection? 🎄
#reflectivedll #oldbutgold #cplusplus #code #belloblog
https://t.co/U01HvmXjhK
Finding secrets in Office365 resources using the GraphAPI, check out a little something I made to help you with this: https://t.co/jXKGraet3a
Time to share something I have been working on as a small hobby project: PurpleKeep provides an Attack Simulation platform to serve as a starting point for your End-to-End Detection Rule Validation in an Azure-based environment. Check it out at: https://t.co/PePLD1tQiS
—> https://t.co/1iZiXwEOfC
Bypassing CrowdStrike, Microsoft Defender for Endpoint etc. for fun.. not profit https://t.co/VCLnD0e1bL
Happy April Fool’s day! Today’s blog is no joke though. While debugging MDE, Gijs discovered an interesting vulnerability. This enabled sending spoofed data to any M365 tenant. Both the CVE and patch have been released a while ago, so it’s time to share!
https://t.co/ZgQHLkAVY7
Spring Boot 2.5.12 has been released.
This release contains a fix for CVE-2022-22965, check the release announcement and the dedicated blog post it links to: https://t.co/I6PUKyHEc4
Last Seen Users on Sotwe
dfddf
Seen from Korea
Nurizade Bey
Seen from Turkey
Funkman
Seen from United States
Olgun ve Dolgun
Seen from Turkey
Bokep hot
Seen from Indonesia
Minh Trung
Seen from Vietnam
Binorhunter
Seen from Indonesia
The Disney Beat
Seen from United States
Chelsea Long
Seen from Australia
Phim Gây Việt
Seen from Vietnam
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers