Olivia
Online
dcL0ver
@dcl0ver
Blue teamer, Active directory lover
Joined September 2020
93 Following
40 Followers
529 Posts
Create a folder called (calc). Shift+Right click « Open PowerShell Window here » and boom you have a command injection.
@podalirius_ found two command injection vulnerabilities in Windows Explorer's context menus, both exploitable since 9 years. https://t.co/LNNTpKeDnJ
In his latest research, @_xpn_ tears apart VS Code Dev Tunnels and finds a C2 framework underneath — REST → WebSocket → SSH → MsgPack RPC, remote exec, file ops.
Find the Ouroboros tool and protocol breakdown at the link! 👇 https://t.co/U75Ynzr8Sw
@ToulouseHacking 📡 Wi-Fi pentesting in 2025 & WPA3 bypasses: https://t.co/GYZ4zSkKCn
🛡️ Cross-domain & cross-forest RBCD: https://t.co/cJsnify0qQ
🏴 THCON pre-challenge write-up: https://t.co/OLTH3I0Ax2
Back from @ToulouseHacking 2026 🔥
Our teams had the pleasure of speaking once again this year, sharing research and real-world offensive security insights from the field:
📡 Wi-Fi pentesting in 2025 & WPA3 bypasses - Quentin
🛡️ Cross-domain & cross-forest RBCD - Simon
🏴 THCON pre-challenge write-up - @0xf4b
Great job to all of them 👏
Who to follow
Zak
@_ZakSec
Hacker with a colored hat - https://t.co/JHRtKm76td
Steve Campbell
@lpha3ch0
Retired Navy Aviation Electrician. Patriot. Hacker. Interested in AppSec, Firearms, Harleys. Author of “Bash Shell Scripting for Pentesters”.
Marc-André Moreau 
@awakecoding
Remote desktop protocol expert, OSS contributor and Microsoft MVP. I love designing products with Rust, C# and PowerShell. Proud to be CTO at Devolutions. 🇨🇦
New small Blog Post from my side - anyone faced 429 too many requests on Microsoft Graph in your projects? This blog provides more insights on how to bypass those. 🫡
https://t.co/v3DlLWzFqq
@4ndr3w6S pulled me into this rabbit hole, and it was a fun one.
I published a new "security research" post, and for once, it’s not about Windows 😅
This time I took a look at the myAudi connected vehicle platform and its APIs..🤓
Curiosity drives security research, no matter the target
Read it here 👇
https://t.co/QLYEHaMI29
Authentication reflection attacks are still not dead!
In our new blogpost series, @yaumn_ shares his journey into bypassing the mitigations of CVE-2025-33073 to pop SYSTEM shells again🚀
👇
https://t.co/pbZ2KjXq7Q
We successfully used winget as a PowerShell execution proxy for initial access. While in that setting you can't get around the exe invocation itself, it works well if the feature isn't disabled.
https://t.co/6yNWC6R2DZ
Next usecase: lateral movement? 👀
🧬 DLLHijackHunter — Automated DLL Hijacking Discovery & Exploitation Validation
Not just detection — real execution proof.
• Finds hijack paths (services, tasks, COM, UAC bypass)
• Filters false positives (ACL + KnownDLL + API sets)
• Canary DLL → confirms actual execution
• Scores findings by exploitability
From misconfig → confirmed privesc path
🔗 https://t.co/au6AkI8PSW
#RedTeam #WindowsSecurity #PrivEsc
LmCompatibilityLevel=5 on your DCs but still seeing NTLMv1 auth succeed? The PDC's level is the only one that counts for the whole domain. Yeah, NTLM is deprecated… Link to post👇
https://t.co/ESE2EB4vst
An absolute goldmine for bug bounty hunters 👀💥
A massive collection of real, disclosed HackerOne reports — organized by vulnerability type, impact, and target 🎯
If you want to go beyond theory and actually understand how real-world exploits work… this is it.
Study patterns. Learn impact. Hack smarter. 🚀
🔗 Source: https://t.co/yMey4fzDbn
#BugBounty #InfoSec #CyberSecurity #EthicalHackin
Combined both projects from the repo: using BYOVD we terminate Windows Defender, then perform a permanent disable without triggering tamper protection
I’ll push the commit in a few minutes, but I’m unsure about publishing it on Medium, what do you think?
https://t.co/oTmt6VvSa8
SCCM is everywhere, but realistic testing environments aren’t.
In his latest blog post, @_Mayyhem expands on work by @synzack21 and @badsectorlabs with a Ludus-based SCCM lab for research and attack path testing.
Read more ⬇️ https://t.co/1rtXFCC65H
🚨Breaking: Anthropic engineers revealed a simple trick they use internally.
Claude agents can now remember how to improve themselves.
A file called:
AGENT_LEARNINGS.md
The AI updates this file whenever it makes a mistake.
Inside it:
• mistakes it made
• patterns to avoid
• better approaches
Before starting new tasks, the agent reads the file.
Result?
The agent gets smarter over time without retraining the model.
This is called external memory scaffolding.
Expect this pattern to show up in every serious AI agent system.
♻️ Repost to share with your audience.
✔️ You can follow @swadeshkumar_, for more internal updates.
The FLARE team now freely distributes its quality reverse engineering and malware analysis educational content at https://t.co/bGCIjBfD3C. Launched with:
- Malware Analysis Crash Course
- Go Reversing Reference
- Intro to TTD
WMEye. tool for performing Lateral Movement using WMI and remote MSBuild Execution
https://t.co/wi9ZdNVrof
Relayed NTLM creds are powerful, if you can use them.
@senderend shows why browsers fail through ntlmrelayx SOCKS and introduces ghostsurf to make NTLM-authenticated web apps accessible.
Read more ⤵️ https://t.co/BdtzoKquD1
Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices (including the International Space Station apparently ...)
https://t.co/7oGqUjMH8V
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers