Olivia
Online
Ac3lives (A-Aron)
@ac3lives
Pen Tester / Ethical Hacker Father, Husband, and a little bit of an adrenaline junkie.
Joined March 2017
161 Following
229 Followers
130 Posts
@UK_Daniel_Card @tazwake @EricaZelic @HackingLZ @spny811 @shotgunner101 Absolutely agreed. Was replying to Taz's comment regarding R7 and pen test services. As far as this list is concerned.. marketing rubbish
@tazwake @EricaZelic @HackingLZ @UK_Daniel_Card @spny811 @shotgunner101 With that said, I found this list quite amusing as well. The criteria used to grade a 'best pen test shop' does not seem to align with 'pen testing', but rather overall company offerings in the security space.
@tazwake @EricaZelic @HackingLZ @UK_Daniel_Card @spny811 @shotgunner101 ๐Rapid7 pen tester here. Joined in 2016. Our team size is approx. 45 testers, performing traditional pen tests, red teams, purple teams, IoT, mobile, web, etc. While Rapid7 makes some great scan/test products, our team isn't a "scan and call results a pen test" shop either๐
@sportss99 @gopher_marc @EndWokeness https://t.co/wZ8y4ebSQY (see pg. 10).
181,399 est. homeless in CA. 27% of the total U.S. homeless population. Also the highest number of "unsheltered" homelessness. Also in 2022's report, per 10,000 people, California had 43.95 homeless, which was the highest state.
Who to follow
Beau Bullock 
@dafthack
Hacker, trainer, and guitarist | Black Hills InfoSec #RedTeam | @BreakForge Training | Produces music to hack to at @N0BANDW1DTH
Nick Powers
@zyn3rgy
Adversary Simulation @SpecterOps | Previously @Rapid7 & @Protiviti
Openwall
@Openwall
Infosec focused free software, research, publications, community activities @oss_security. Tweets are announcements. Please direct questions to @solardiz.
@vysecurity @todb Typically this resulted in a meeting with client, vendor, and ourselves to discuss the CVE, how it impacted the client, and provide any demos. Our Sagex3 unauth RCE was an example of this and it went very smoothly. Happy client, happy product vendor.
@vysecurity We ask to partner with the client in CVE disclosure. They use their relationship and financial contract with the vendor to file an issue, and our company as a CNA will register the CVE and handle technical disclosure. thankfully we used to have @todb to champion it all. /1
@lpha3ch0 It's been forever since using D2JS, but iirc, you're going to need a 32bit payload. Also, try GadgetToJScript instead.
@424f424f @lpha3ch0 A fun side note on rendering the image. If the email is an apparent phishing email and the recipient just forwards it to infosec or IT to report it, outlook will download the image when fwding. The email will also become trusted, and auto download in the IT/IS clients on open (1)
@Darklightnin1 Hey! Sorry for my delay, I did promise to drop them, but my last two weeks got away form me. Here they are: https://t.co/E58mS3GW8l
As mentioned during my GrrCon talk, here are my slides for "Phishing with payloads: A crash course in EDR and EPP Evasion" @GrrCON https://t.co/E58mS3GW8l
Unauthenticated RCE as SYSTEM in Sage X3 AdxDSrv service (Default service port is 1818). This was a fun one.
https://t.co/qgme5oEk2O
Generates common payload stager types (.docm, .xlsm, .accde, .hta, .hta using G2JS). Hosts them on a server. Stagers simply call back to the server to indicate if they ran. A quick way on a white box test to validate payload exec possibilities with clients https://t.co/gnQ90S4tez
@atlaycock @SwiftOnSecurity Most pen test companies adhere to this. Also a signed paper from someone in the C-level or with authority to approve the engagement is kept on person at all times. The statement of work clearly defines all activities conducted during testing.
@atlaycock @SwiftOnSecurity When we do PSE engagements, the base rules are:
All armed guards present must be aware of the test.
Automated alarm systems need to have a stop in procedure before police are called, to call our point of contact.
Point of contact must be 'on call' all night incase ๐ฉ hits the fan
@RomanTheEmperor Hey Roman!
I'm thinking I have to pass this year, as much as I want to attend and speak. Lots of traveling for work lately, with multiple out of state jobs scheduled for this fourth quarter. I really appreciate the invite again, and hope to make a future event!
@AletheDenis @whitneynmaxwell @rapid7 @defcon209 National collegiate cyber defense competition. (Nccdc). Colleges can enter for their state competition. It's a cool competition! Red and blue activities involved.
Lots of questions asked on today's @Rapid7 Ask a Pen Tester anything webcast with myself and @whitneynmaxwell . Couldn't get to all of them, had to pick some generics given time and audience, but if you have any questions you wanted answered, feel free to DM me!
Last Seen Users on Sotwe
Annemi sik
Seen from Turkey
hiddensexci
Seen from Turkey
เธชเธฒเธงเนเธเนเธชเธฒเธขเนเธซเธเธฒ
tek mi
Seen from Turkey
freaks hub ๐ฅต๐งธโจ
Seen from South Africa
โฆ.
โ๐ฃ๐๐๐๐๐ค๐ค โ๐๐๐ โฅ
Seen from Netherlands
SUKA MEDIA NAKAL
Seen from Indonesia
๐ธ๐ชInterraciallove๐ธ๐ช
Seen from Pakistan
Nose Addict๐๐ป
Seen from India
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers