Olivia
Online
Eduardo P. Sánchez
@darkslaker
@bishopfox Regional Director | Gamer, computer cyber sec enthusiast | Mex4’s | @bsidescdmx | Ex- @Lyft | Ex-@Scitum_Mx | @lasalle_mx | Tweets are by my own
Mexico City
Joined January 2009
1.8K Following
1.1K Followers
3K Posts
Stay on target...
Bishop Fox acaba de liberar AIMap, plataforma open-source a nivel masivo para descubrir y probar sistemas de IA expuestos en Internet
https://t.co/jveoedFZC2
NIST is changing CVE enrichment.
You still get the vulnerabilities.
You just get less context for many of them.
So what does a security team do with this?
Senior Managing Operator Richard Brown breaks it down: https://t.co/XfCoTYGl73
We’re launching a new open-source tool on March 31: Cirro
To walk through it, we’re hosting a 2-part workshop on:
• Mapping Attack Paths in Azure
• Schemas and Extensible Identity Graphs
Register once for both sessions: https://t.co/SvrAGxRiW7
Who to follow
Hack Defender
@hackdef
Aim to provide world class security services and training
Scitum 
@Scitum_MX
Scitum empresa líder en seguridad IT en México y LATAM, cuya misión es crear entornos digitales seguros que contribuyan a la evolución de la sociedad.
Arthur
@artur_t0rres
FortiGuard Labs Threat Intelligence | CISSP | NSE7-ATP | CEH | ECSA | CTIA | eNDP | ITIL | Cybersec Professor at UANL | Cybersecurity passionate and researcher.
strongSwan EAP-TTLS integer underflow allows unauthenticated DoS of VPN servers
• Impacts 15+ years of versions
• Low-effort exploitation
• Sometimes requires just 2 connections
Upgrade to 6.0.5 or disable EAP-TTLS
Details & testing tool: https://t.co/SvcpZMUdax
Moving from Electron to frameworks like Tauri doesn’t necessarily eliminate risk, but it does change the mechanics of exploitation.
New Bishop Fox research shows how XSS & permissive configuration can still lead to RCE in desktop apps.
Full scoop: https://t.co/UXRrrwdREP
AI risk is very different from traditional software risk.
For starters:
No CVE-style ecosystem.
Infinite input space.
Major supply chain blind spots.
@KrisKimmerle of @RealPage from our recent AI & Security Risk cyber leadership panel:
(Full write up: https://t.co/W39bF6j1EI)
Giving AI control over infrastructure isn’t sci-fi anymore.
Vinnie Liu, Nathan Case (TPO Group), and Zach Moreno on OpenClaw / MoltBot, early-stage AI tooling, and why basic security hygiene still matters especially now.
From this week's Initial Access: https://t.co/SDjAHDThAi
Tool Spotlight: Unredacter
Pixelation ≠ redaction.
Unredacter proves it.
Cloud enumeration can eat up your whole day.
Spend ~60 minutes with us and we’ll fix that.
Live Discord workshop with Mitchell Sperling on CloudFox - Aug 21.
Aug 21 | 2pm EST | https://t.co/BHcmeG8WWz
Episode 9 Party, Lord of Mysteries , ohhh intenso
¡Gracias por ser parte de esta increíble edición de #BSidesCDMX !
Nos emociona seguir creciendo junto a esta comunidad 💙
🎥 Ya puedes ver las charlas en nuestro YouTube:
https://t.co/spNycK5fS2
📸 Y revivir los mejores momentos con las fotos oficiales:
https://t.co/f4sBYiaXYv
Foxes incoming at @defcon 33 this year! Can’t wait to see @hecky and @brandonkovacs doing their thing.
#DEFCON33
https://t.co/hgqMmfRtB8
Want a peek into what our red team really uses on engagements?
This breakdown hits on some of the tools we rely on to get the job done stealthily.
Some familiar names, some underrated gems: https://t.co/PhGnVRfbqT https://t.co/RiioEiN3nw
How the Busiest People Find Joy
https://t.co/YpiP9DEKq9 , no hay que olvidarse de pasarla bien en un mundo tan ocupado
Tools don’t make the hacker, but they can make the job faster, stealthier, and way more effective. These are the C2s our Red Teamers reach for. Featuring
open-source tools by @LittleJoeTables, Ronan Kervella, @its_a_feature_, and @Ne0nd0g.
Take a look: https://t.co/fwhE9qnXJR
Really excited for this one. @brandonkovacs is discussing how red teamers are attacking and defending against deepfakes.
Super relevant with how fast AI threats are evolving. Should be a great session.
Come hang out on May 21!
https://t.co/Nk3DV6SfLV
The one and only @TomNomNom’s keynoting NahamCon tomorrow!
His talk "Good Vibes Only: Should You Still Learn to Code?" gets into what it really takes to grow as a hacker today.
Definitely worth checking out if you’re into red teaming or bug bounties.
https://t.co/T2C6gHlb2h
Can @rustlang outpace C in malware development?
Bishop Fox consultant Nick Cerne joins @thecyberwire’s Research Saturday to explore Rust’s stealth advantages, OPSEC tradeoffs, and red team value.
Listen: https://t.co/kZqbfe390E
Roger Schank argued that “we learn by doing,” not by memorizing for exams, learning should be experience based. Removing grades can reduce stress, but without meaningful alternatives, we risk losing accountability.
📚 https://t.co/EiH3qefazH
I saw some of my students now say grades don’t reflect learning and ask to skip evaluations. But are we mistaking evaluation for punishment? What about effort and commitment? It’s not about no evaluation — it’s about better evaluation.
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers