Olivia
Online
gibdeon
@gibdeon
Apasionado de la informática y de la seguridad de la misma, adicto a los CTF y los chuletones
Joined June 2010
686 Following
780 Followers
1.1K Posts
https://t.co/m6oG1kBxh9
someone wrote a 680 page interactive book on cs algorithms
So here is new local privilege escalation zero-day I discovered, not patched yet too :).
In simple terms, if you have a service like RDP that exposes an RPC server, there many system services running as SYSTEM connect to it as RPC clients. If that service is turned off (RDP is off by default), it seems that any other process in Windows can expose the same RPC server using the same endpoint.
Now all the RPC calls from that SYSTEM processes will come to this fake server and If the process that deployed the server has SeImpersonatePrivilege, it can escalate to SYSTEM by impersonate the RPC client.
In the white paper below, I describe five exploit paths you can abuse.
However it's architecture problem and maybe there are more. It's Not A Potato
https://t.co/DOfRFgYqI9
Who to follow
X-C3LL
@TheXC3LL
Just a biologist that loves to break cyber-stuff. Ka0labs / @AdeptsOf0xcc / ID-10-Ts member. 🦉
Sec/Admln Cybersecurity Conference
@secadm1n
Conferencias en #Hacking y #Ciberseguridad
#SecAdmin
cr0hn
@ggdaniel
La ciberseguridad es una cosa jodida. Soy un freelance ayudando a empresas a que no se lleven sustos desagradables
Thanks to Azox, it is now possible to use psexecsvc (https://t.co/GcOcNJGraD) through a socks proxy like ntlmrelayx allowing executing system commands via a trusted service, as NT System, and evading EDR's. Also thanks to @HackAndDo for his fixes :D
Algo me dice que mañana empieza la @rootedcon cargada de muchas cosas interesantes con la orga, colegas, patros, público, networking y mucho más. No te pierdas mi charla el sábado 7 de 13-14 h. en la sala 25 analizando la DGT 3.0 con muchas cosas "chulas" #SeVienenCositas
DumpGuard
On the latest versions of Windows, mimikatz becomes useless when you try to dump LSASS. This happens because there is no longer anything valuable left in LSASS. All secrets are stored in a separate protected process, lsaiso.exe. This protection mechanism is called Credential Guard, and it is enabled by default starting with Windows 22H2 / Windows Server 2025.
But there is a “bypass” that abuses Remote Credential Guard, which is normally used during RDP sessions to avoid sending credentials to a remote server, and retrieve all NTLMv1 hashes despite the protection being enabled
https://t.co/KLBc4Ej8ZE
#dfir #blueteam #redteam #Pentesting #ThreatHunting
@Seifreed Jajaja, mucha suerte con tu reto
🛠️Hemos aumentado el aforo de todos nuestros talleres y volvemos a tener entradas disponibles:
Talleres: https://t.co/JI5scZ04fh
🗓️Fecha: 5 y 6 de febrero
🗺️Lugar: Hotel Exe Madrid Norte 4*
🎫Entradas: https://t.co/Ka530CezQV
Lo estabais esperando y ya lo tenéis como es habitual por estas fechas... https://t.co/6Z6wAsu0nL No seáis brut@s... pensad con la cabeza, pasadlo bien, disfrutad la Navidad y que el Grinch no os la estropee con el CTF... 😅😅😅 Merry XMAS!
🎉 yaraast 0.7 is out!
✅ 100% parsing success (31,463 rules tested)
✅ Auto dialect detection (YARA/YARA-L/YARA-X)
✅ pe.exports(/regex/) support
✅ ~1,800 rules/sec performance
✅ 337 tests passing
pip install --upgrade yaraast
#YARA #Cybersecurity #MalwareAnalysis
https://t.co/uYWPovyfw5
Quick Linux Trick:
Server load so high you can’t even SSH in?
👉 Use this command;
ssh -o ConnectTimeout=1 -o ConnectionAttempts=1 user@host "nice -n -20 bash"
It gets you a high-priority shell when nothing else works.
Viernes 6 de febrero impartiré un taller: “Perímetro inalámbrico seguro: taller blue team con Kismet y Nzyme” en @h_c0n https://t.co/AGWDr8Z6cB no te lo pierdas!! 😁 #wifi #Ciberseguridad #hc0n2026
Whether you’re creating your first agent or refining an existing one, our new Mythic for Developers series, hosted by @its_a_feature_ breaks down development from an operator’s point of view.
👀 Dive into the playlist and send us your feature requests: https://t.co/8YDydqJoN9
🚨¡Atención! en 4 horas y con el comienzo del #CyberMonday abriremos la venta de entradas de #hc0n2026 con una tirada especial de entradas generales con un badge electrónico de obsequio muy especial... #CTF gracias a @therealdreg
⏰Sólo los 50 más rápidos: 1 de diciembre 0:00h
🚀H-C0N returns in 2026! Abierto CFP
Los próximos 6 y 7 de febrero en Madrid volvemos con una nueva edición de H-C0N.
¿Quieres impartir una charla o taller y convertirte en uno de los ponentes de esta sexta edición? No lo dudes y mándanos tu propuesta a https://t.co/pwLsY8Forx
Weaponize DLL hijacking easily. Backdoor any function in any DLL.
https://t.co/jZ8b3w3f7T
👤 Nuevo ponente confirmado para #secadmin2025 : @CyberVaca_
📌 Título de la ponencia: Certificates, Relay and Hashes – The Art of CHAOS in an AD.
Consigue tu entrada: https://t.co/9ICErYlYO9
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers