Sotwe logo Sotwe logo
eitot8's profile image

eitot

@eitot8

Co-Founder & Principal Consultant @ Tier Zero Security (
Joined August 2018
541 Following
147 Followers
46 Posts
eitot8  retweeted
_dirkjan's profile image
Dirk-jan @_dirkjan
It appears the end is near(er) for the Azure AD Graph API with usage of the API now being blocked in one of my tenants with the AAD PowerShell module client ID. Found this out when trying to demo roadrecon 😬. Time to prioritize merging the MS Graph PR from @Thomasbyrne__
5
134
24
31
14K
eitot8  retweeted
claudiocontin's profile image
Claudio Contin @claudiocontin
I wrote a Beacon Object File (#BOF) to steal MS #Teams application #cookies while running within the Teams process. The cookies allow to impersonate the victim on Teams. More info: https://t.co/Rh77Bs6SZ5 BOF available at: https://t.co/zJVt0x0ZCq
claudiocontin's tweet photo. I wrote a Beacon Object File (#BOF) to steal MS #Teams application #cookies while running within the Teams process. The cookies allow to impersonate the victim on Teams. More info: https://t.co/Rh77Bs6SZ5 BOF available at: https://t.co/zJVt0x0ZCq https://t.co/4v3zjHyoeS
1
1
3
0
256
eitot8  retweeted
elder_plinius's profile image
Pliny the Liberator 🐉󠅫󠄼󠄿󠅆󠄵󠄐󠅀󠄼󠄹󠄾󠅉󠅭 Verified account @elder_plinius
one of many reasons why I’d recommend against granting perms to an LLM for email, contacts, calendar, drive, etc. to be on the safe side, I wouldn’t even touch email integrations/MCP without a burner account
37
761
72
262
151K
eitot8  retweeted
claudiocontin's profile image
Claudio Contin @claudiocontin
On a recent red team we couldn't dump the browser's cookies via the great cookie-monster BOF (https://t.co/j4XERWEBIu), so we attempted to kill the browser's processes and download the file manually, successfully, which provided us with AWS admin https://t.co/h7iHbeEMy5
0
6
3
1
651

Who to follow

softpoison_'s profile image
Tomais
@softpoison_
@[email protected] he/him
hyprwired's profile image
Brendan Jamieson
@hyprwired
Staff Security Engineer @Google. All views are my own.
claudiocontin's profile image
Claudio Contin
@claudiocontin
Co-Founder and Principal Consultant @ https://t.co/0iCTjR0eZw & https://t.co/wmKNX0k1qU
eitot8's profile image
eitot @eitot8
@kuriharan surprised it hasn’t been banned under EU AI Act…
0
0
0
0
21
eitot8's profile image
eitot @eitot8
@MCP_Community
0
0
0
0
73
eitot8's profile image
eitot @eitot8
I’ve been exploring Model Context Protocol (MCP) and decided to build my own MCP server as a small research project. The MCP server interacts with Elasticsearch and allows Claude LLM to perform threat hunting 🤖 #modelcontextprotocol #AI https://t.co/PXBubuh6n1
1
7
2
1
829
eitot8's profile image
eitot @eitot8
@xeraa It definitely does ;)
0
1
0
0
20
eitot8  retweeted
claudiocontin's profile image
Claudio Contin @claudiocontin
Experimented sending #sysmon events to #copilot to determine #detection capabilities https://t.co/epMpoN9Gjc
0
3
3
0
356
eitot8  retweeted
claudiocontin's profile image
Claudio Contin @claudiocontin
Wrote a quick post on researching ways to automate workflows using LLMs https://t.co/AugILa5NKA
1
1
2
0
136
eitot8  retweeted
claudiocontin's profile image
Claudio Contin @claudiocontin
https://t.co/6EVpgZNE0m A #Windows local privilege escalation affecting Thermo Fisher Xcalibur software we found on a client engagement. Thanks to @thermofisher for their excellent communication throughout the disclosure process
0
4
3
0
330
eitot8's profile image
eitot @eitot8
SYN Spoof Scanner - a light weight python tool to perform SYN port scans, with an option to implement offensive deceptions using spoofed source IPs. Diverting SOC team’s attention by deliberately triggering IDS alerts with false port scan origins. https://t.co/OXHtJa38sc
0
6
1
2
500
eitot8's profile image
eitot @eitot8
Kicking off 2025 with a blog discussing offensive deception tactics using a new tool, SYN Spoof Scanner. https://t.co/JGDCdPCF8k
1
44
12
12
2K
eitot8  retweeted
claudiocontin's profile image
Claudio Contin @claudiocontin
Following the recent #Windows #DPAPI talk @CHCon_nz we released a post on the recent #Chromium App Bound changes https://t.co/luv2Vem9kf
claudiocontin's tweet photo. Following the recent #Windows #DPAPI talk @CHCon_nz we released a post on the recent #Chromium App Bound changes https://t.co/luv2Vem9kf https://t.co/z509w0VAue
0
13
11
5
2K
eitot8  retweeted
ShitSecure's profile image
S3cur3Th1sSh1t @ShitSecure
Need some persistence but don't want to make it super obvious? Calling Get-MpPreference from Powershell will try to load wbemprox.dll via COM.🤪So even a sheduled task calling powershell with this function will trigger your C2 connection.
ShitSecure's tweet photo. Need some persistence but don't want to make it super obvious? Calling Get-MpPreference from Powershell will try to load wbemprox.dll via COM.🤪So even a sheduled task calling powershell with this function will trigger your C2 connection. https://t.co/6jvNg7zVYL
2
336
81
257
24K
eitot8's profile image
eitot @eitot8
PoC vid on our company LinkedIn page: https://t.co/qTXQ7FFBon
0
2
0
0
218
eitot8's profile image
eitot @eitot8
Revisiting the MiniFilter abuse techniques to blind EDR. https://t.co/WWAcTLkp4U
1
102
36
52
7K
eitot8's profile image
eitot @eitot8
🛑 5 Common Windows Settings That Leave Your Organisation Vulnerable 🛑 Apart from ADCS HTTP Enrollment, they are all default settings. That’s probably why we keep seeing similar setup 😬
eitot8's tweet photo. 🛑 5 Common Windows Settings That Leave Your Organisation Vulnerable 🛑 Apart from ADCS HTTP Enrollment, they are all default settings. That’s probably why we keep seeing similar setup 😬 https://t.co/oHjL9NfMF5
1
10
4
4
1K
eitot8  retweeted
OutflankNL's profile image
Outflank @OutflankNL
Who’s the real #GrimResource? Spoiler: It’s us! 😏 Here's our latest blog on using MSC files for initial access: https://t.co/aQ0Of11pU8 Fun fact: @elastic’s post on this technique came from a sample caught by a blue team, originally used by a red team through our OST offering.
OutflankNL's tweet photo. Who’s the real #GrimResource? Spoiler: It’s us! 😏 Here's our latest blog on using MSC files for initial access: https://t.co/aQ0Of11pU8 Fun fact: @elastic’s post on this technique came from a sample caught by a blue team, originally used by a red team through our OST offering. https://t.co/mD2zVl8UbZ
1
114
51
37
16K
eitot8  retweeted
_wald0's profile image
Andy Robbins @_wald0
From Domain User to Global Admin. A real example from a real environment. We found this path with free and open source BloodHound Community Edition: https://t.co/ze4ZR269xy
_wald0's tweet photo. From Domain User to Global Admin. A real example from a real environment. We found this path with free and open source BloodHound Community Edition: https://t.co/ze4ZR269xy https://t.co/50MHVsBCeS
6
413
117
284
69K

Last Seen Users on Sotwe

samsunlu553155's profile image
samsunlu
Seen from Turkey
Kurtmehmet81632's profile image
Kurtmehmet Eser
Seen from United Kingdom
sangomeTV's profile image
school ome TV
Seen from Indonesia
DomaltanBoga1's profile image
AZGİN BOĞA
Seen from Turkey
Heetas_888's profile image
เลอะเทอะ
Seen from Thailand
CowokLokal5's profile image
Cowok Lokal
Seen from Indonesia
afshankhan00019's profile image
AfSha. 📷 CaM Verified account
Seen from United Kingdom
KT_6H's profile image
MH
Seen from Netherlands
indiadojungle's profile image
ÍndiaSelva
Seen from Turkey
FrDesouche's profile image
Pierre Sautarel Verified account
Seen from Spain

Trends for you

1
Messi
Under 10K tweets
2
#WWERaw
Under 10K tweets
3
Steam Machine
Under 10K tweets
4
Clive Davis
Under 10K tweets
5
Giannis
Under 10K tweets
6
Michigan
Under 10K tweets
7
USAID
Under 10K tweets
8
Ro Khanna
Under 10K tweets
9
#ARGAUT
Under 10K tweets
10
Chad Gable
Under 10K tweets

Most Popular Users

elonmusk's profile image
1
Elon Musk Verified account
@elonmusk
240.4M followers
barackobama's profile image
2
Barack Obama Verified account
@barackobama
119.3M followers
realdonaldtrump's profile image
3
Donald J. Trump Verified account
@realdonaldtrump
111.7M followers
cristiano's profile image
4
Cristiano Ronaldo Verified account
@cristiano
110.1M followers
narendramodi's profile image
5
Narendra Modi Verified account
@narendramodi
107M followers
rihanna's profile image
6
Rihanna Verified account
@rihanna
97.5M followers
nasa's profile image
7
NASA Verified account
@nasa
92.1M followers
justinbieber's profile image
8
Justin Bieber Verified account
@justinbieber
90.8M followers
katyperry's profile image
9
KATY PERRY Verified account
@katyperry
87.4M followers
taylorswift13's profile image
10
Taylor Swift Verified account
@taylorswift13
81.2M followers
ladygaga's profile image
11
Lady Gaga Verified account
@ladygaga
72.8M followers
kimkardashian's profile image
12
Kim Kardashian Verified account
@kimkardashian
69.7M followers
imvkohli's profile image
13
Virat Kohli Verified account
@imvkohli
69.5M followers
youtube's profile image
14
YouTube Verified account
@youtube
68.7M followers
billgates's profile image
15
Bill Gates Verified account
@billgates
63.7M followers
theellenshow's profile image
16
The Ellen Show
@theellenshow
62.5M followers
neymarjr's profile image
17
Neymar Jr Verified account
@neymarjr
62.2M followers
cnn's profile image
18
CNN Verified account
@cnn
61.9M followers
x's profile image
19
X Verified account
@x
60.8M followers
selenagomez's profile image
20
Selena Gomez Verified account
@selenagomez
60.5M followers