Olivia
Online
HackerCat🐈⬛
@hackercat1215
Website:
Joined May 2020
80 Following
140 Followers
997 Posts
Here are the core frameworks that guide modern security testing across domains. 🛡️
Awesome Breach Intelligence
Breach Lookup & Monitoring
Dark Web Monitoring
OSINT Tools
Threat Intelligence Platforms
Password Security
Data Leak Search Engines
News & Research
Forums & Communities
API & Developer Tools
Training & Resources
https://t.co/XOAGMwwl8Y
Your EDR is running. Detecting everything. Alerting on nothing.
EDRSilencer blocks all EDR outbound traffic using Windows Filtering Platform. The agent keeps running. Detections keep firing. Nothing reaches the cloud. No alerts. No telemetry. Blind.
Works against Defender, SentinelOne, CrowdStrike, Cortex XDR, Carbon Black, Elastic, Trellix, FortiEDR, ESET, TrendMicro, and more.
Additional techniques covered: WFP filters, hosts file manipulation, NRPT rules, null sinkholing, firewall rules.
If your SOC relies on cloud-based alerting and you are not monitoring for WFP filter creation, you have a problem.
https://t.co/9y586rIknx
https://t.co/egLu98X3bC
Authors: @ipurple
#DefenseEvasion #ThreatIntel #InfoSec
HackLabs is a collection of hands-on vulnerable labs designed to practice web exploitation, privilege escalation, Active Directory attacks, and general pentesting techniques in a safe environment.
⚠️ For educational and authorized testing only.
🔗 https://t.co/yIKRr71ymP
#CyberSecurity #Pentesting #EthicalHacking #RedTeam #CTF #InfoSec #AppSec
Who to follow
飛飛(FeiFei)
@fei3363
Twitter 是我的《#資安儲思桶》
短文看 https://t.co/FHRv9rJHmw
長文看 https://t.co/w4fjmqL37z
經歷看 https://t.co/pOuUh82ENt
Mauro Soria 
@_maurosoria
白白 🐾🐾(70%退隱中)
@kittenhao9283
一雙大眼咕溜溜地望著這世界打轉 // 立志成為一ㄓ最可愛的豹貓😺 // 流浪旅行😺 // sub // Ds // Zentai // LATEX // Messy // 金銀粉 // K8 // 四愛 //
❌未滿18歲與大男人主義請勿瀏覽與跟隨❌
#天安門事件
JPCERT/CCでは、AD環境における攻撃手法やツールの変化を踏まえ、Windows 11およびWindows Server 2025を対象に「ツール分析結果シート」をアップデートしました。ブログではそのアップデートされたシートの概要、活用方法などを紹介しています。^YM https://t.co/gQdoR0DA4T
C̶l̶a̶u̶d̶e̶ ̶B̶u̶g̶ ̶H̶u̶n̶t̶e̶r̶ is now BUG HUNTER.
We changed the name because it is no longer limited to Claude Code.
Now it is a standalone open-source CLI that runs from any terminal.
Use Ollama, Groq, DeepSeek, Claude, OpenAI or Grok.
Built for the bug bounty community.
Run it locally with Ollama - no paid AI subscription required.
We are very close to 2.5K GitHub stars. Let’s make it happen, guys.
More updates coming soon.
#OpenSource #BugBounty #CyberSecurity #AI #EthicalHacking #Ollama #GitHub #SecurityTools #BugHunter
Docker logging and monitoring architecture
Claude-Red: Offensive Security Skills That Turn Claude into a Security Research Assistant
Claude-Red provides 50+ offensive security skill modules covering web exploitation, Active Directory, cloud attacks, exploit development, fuzzing, OSINT, and AI security research.
🔗 https://t.co/snnaFXF1xC
#RedTeam #CyberSecurity #Pentest #bugbounty #AI4Security #OpenSource
Pentest-AI — Autonomous Penetration Testing from a Single Command 🤖💀
An AI-powered offensive security platform that combines recon, authentication, vulnerability validation, attack-chain analysis, and reporting into one workflow. Generates validated findings with PoCs and audit-ready reports while running locally on your machine.
🔗 https://t.co/07LcoL7n0M
#CyberSecurity #Pentesting #BugBounty #AppSec #RedTeam #AI #SecurityAutomation #ThreatDetection #OpenSource #Infosec
EDRChoker
Client-server EDRs have an inherent weakness. They must maintain server connectivity to be effective. When isolated from their server they lose much of their capability and administrators can no longer collect or monitor logs from those agents. EDRChoker uses policy-based Quality of Service (QoS) to throttle EDR agents to the lowest bandwidth; when agents attempt to connect they will consistently time out due to the extremely low bandwidth.
The author presentd a technique for interfering with the client-server connection of an EDR. It’s different from EDR connection-blocking methods that use the Windows Firewall or the Windows Filtering Platform (WFP).
Blog: https://t.co/VRCmsGjzeD
This is the best site on the internet to learn harness engineering.
Free. Completely.
Most AI engineers have never heard the term.
https://t.co/bwDbTTYsjM
Bookmark this site.
Then read this setup ↓
🚨 Windows Netlogon 0-Click RCE Vulnerability Now Actively Exploited In The Wild | Source: https://t.co/Iym37fFkgU
The critical Windows Netlogon remote code execution (RCE) vulnerability tracked as CVE-2026-41089 is now under active exploitation in the wild, significantly raising the risk profile for unpatched Windows Server environments.
The flaw affects Windows servers configured as domain controllers and allows unauthenticated remote attackers to execute arbitrary code with SYSTEM-level privileges by sending specially crafted Netlogon network requests.
To exploit CVE-2026-41089, an attacker only needs network access to a vulnerable domain controller’s Netlogon service.
#cybersecuritynews #windows
As promised Rustypacker has released today.
A native Rust shellcode packer with a GUI
Repo:- https://t.co/hxDYvfGPHY
What did I bring to the table :-
- Indirect syscalls for memory allocation and protection by default.
- AES-256-CBC, XOR, UUID-encoded shellcode encryption.
- Six self-injection paths through callback APIs.
- Fiber switch self injection.
- Three remote-process injection.
- Anti-debuging Techniques.
- NtDelayExecution sleep evasion with placement control.
- Domain pinning evasion.
- Output formats: EXE, DLL, DLL Sideload (Sideload or Proxy with auto-generated .def for unhandled
exports).
- Builds for x86_64-pc-windows-msvc and x86_64-pc-windows-gnu.
- DllMain stays a NO-OP. Payload rides four COM-friendly exports: Run, DllRegisterServer,
DllGetClassObject, DllUnregisterServer.
- crt-static link. No runtime DLL footprint.
- XOR-obfuscated NT API names embedded in the binary.
- Generated target/ auto-cleaned after each successful build.
#redteam #malwaredev #rust #offsec #infosec #windbg
10 repositorios de GitHub tan buenos que no deberían ser gratuitos.
1. TradingAgents
Un equipo completo de analistas de IA que debate estrategias y ejecuta operaciones en mercados reales. 4 analistas en paralelo: fundamentales, sentimiento, noticias y técnico. Luego un gestor de riesgos y un agente ejecutor. Como tener un equipo de Wall Street que trabaja 24 horas en tu ordenador.
repo - https://t.co/meb8dlqGwB
2. LibreChat
ChatGPT, Claude, Gemini, DeepSeek y 20 modelos más en una sola interfaz. Autoalojado. Soporte nativo para MCP. Tu historial, tu infraestructura, tus datos. OpenAI cobra $20 al mes por su interfaz. Aquí usas tus propias claves y no pagas nada de más.
repo - https://t.co/Uj9Cy3Lbc9
3. HyperFrames
HeyGen abrió el código de su motor de video interno. Escribes HTML. El agente renderiza MP4. Sin React, sin JSX, sin formatos propietarios. GSAP, Lottie y Three.js funcionan de serie. El mismo HTML siempre produce el mismo archivo. Usado en producción por HeyGen, tldraw y TanStack.
repo - https://t.co/EeLlpqK5L2
4. Fincept Terminal
Una terminal Bloomberg que corre en tu laptop. Análisis nivel CFA 1, 2 y 3. Más de 20 agentes de IA inversores que razonan como Buffett, Dalio y Soros. Más de 100 conectores de datos. Bloomberg cobra $24.000 al año. Esto no cuesta nada.
repo - https://t.co/qCQkBgEzLS
5. MoneyPrinterTurbo
Metes una palabra clave. Salen el guion, las imágenes, los subtítulos, la música y el video final en alta calidad. Horizontal o vertical. Sin editar nada a mano. Lo que hacen los creadores de contenido que no quieren que sepas que usan IA.
repo - https://t.co/RtCmSYCQQw
6. Agentic Inbox
Cloudflare acaba de abrir el código de un cliente de email donde un agente de IA lee tu bandeja de entrada y redacta las respuestas. 100% en Cloudflare Workers. Tu email no sale de tu cuenta. Sin servidores externos. Sin suscripción.
repo - https://t.co/mGsN8spCOX
7. VoxCPM2
Clonas cualquier voz con 3 segundos de audio. 30 idiomas. Calidad estudio de 48kHz. Diseñas voces desde texto: "voz masculina grave de locutor de radio". Sin API de pago. Sin que tus muestras de voz salgan de tu máquina. ElevenLabs cobra $22 al mes.
repo - https://t.co/ctUrA0d1K9
8. Flowsint
Introduces un dominio. La herramienta despliega un grafo con todas las IPs, subdominios, emails, wallets cripto y perfiles sociales conectados. Todo almacenado en local. Sin que nadie sepa lo que estás investigando. Para OSINT, due diligence y análisis de competencia.
repo - https://t.co/GTrSEJqSsT
9. addyosmani/agent-skills
El ingeniero de Google que lleva 15 años enseñando rendimiento web a toda la industria publicó sus skills para Claude Code. 23 flujos de trabajo reales probados en producción. API design, code review, debugging, CI/CD y frontend. Instalación con un comando.
repo - https://t.co/ByOJtJlQX3
10. Nango
La capa de integraciones que las empresas pagan $50k al año por alquilar. 700 APIs listas: Salesforce, HubSpot, Slack, Gmail, Stripe, Jira y más. OAuth gestionado. Tu agente de IA genera el código de integración desde un prompt. Usado en producción por Replit, Ramp y Mercor.
repo - https://t.co/i5XmU3GzJK
Estos no son juguetes. Cada uno reemplaza un producto de pago por el que todavía te están cobrando.
Elige uno. Instálalo. Conéctalo a tu flujo de trabajo.
100% gratis. 100% open source.
Dark_Crawler — Dark Web Intelligence Platform 🕸️💥
A Python-based threat intelligence framework designed for authorized dark web research and OSINT investigations.
• Tor network integration
• Automated dark web crawling
• Threat intelligence analysis
• Marketplace categorization
• Professional reporting system
Key Features:
🕶️ Stealth Collection
• SOCKS5 Tor routing
• Intelligent rate limiting
• BFS-based crawling engine
• Automatic circuit renewal
🎯 Threat Intelligence
• High / Medium / Low severity detection
• Keyword-based threat classification
• Pattern recognition engine
• Content analysis & filtering
📊 Marketplace Analysis
• Automated goods categorization
• Marketplace statistics
• Frequency analysis
• Intelligence reporting
📁 Multiple Export Formats
• JSON output
• CSV reports
• Professional PDF reports
• Executive summaries
⚙️ Operational Features
• Command-line interface
• Batch URL processing
• Custom crawl depth controls
• Configurable reporting
Built For:
• Threat Intelligence Analysts
• OSINT Researchers
• Security Teams
• Academic Researchers
• Authorized Investigations
Highlights:
• Tor-native architecture
• Threat detection engine
• Marketplace intelligence
• Evidence collection
• Comprehensive reporting
🔗 https://t.co/xyhVCFn1Ln
⚠️ Intended for authorized security research, threat intelligence, and lawful investigative activities.
#OSINT #ThreatIntelligence #DarkWeb #CyberSecurity #ThreatHunting #DigitalForensics #InfoSec #SecurityResearch
Syscalls in C# — Red Team Tradecraft Beyond Win32 APIs 💀🔴
A deep dive into how offensive tooling can invoke Windows syscalls directly from C#.
• Explains Windows internals, syscall execution, and unmanaged code integration
• Covers delegates, P/Invoke, memory management, and syscall assembly execution
• Walks through building a proof-of-concept using NtCreateFile
• Useful for understanding modern EDR evasion techniques and offensive tooling design
A solid resource for red teamers, malware analysts, and anyone interested in Windows internals and low-level security research.
🔗 https://t.co/sSfbgK5NJN
#RedTeam #WindowsInternals #CSharp #MalwareAnalysis #ThreatResearch #CyberSecurity #OffensiveSecurity #InfoSec
🌐 https://t.co/P8xY6PlMR1 is an online resource that provides verified links to darknet sites, with the main goal of preventing phishing attacks and preserving darknet history. Additionally, it tracks the uptime and downtime of these websites.
🔗 Link: https://t.co/hHxqrWlLIc
#Darknet #Tor #CyberSecurity #InfoSec #OnionServices #Privacy #SecurityTools #DarkWeb #ThreatIntelligence #OSINT #CyberSec #OnlineSafety #VerifiedLinks #PhishingPrevention
Stop relying on bloated payloads that trigger every EDR!
Explore the art of Living off the Land to build creative C2 channels and stealthy data exfiltration pathways using standard administrative tools.
P.S. for educational purposes
https://t.co/WPFXV9hgVV
@three_cube @co11ateral
The Hacker Recipes is the AD attack bible that OSCP prep guides forget to mention.
Kerberos delegation abuses.
NTLM relay chains.
DCSync paths.
Constrained vs unconstrained delegation.
https://t.co/sOQy6OwG7S
I built a pipeline to find security fixes that never got CVE numbers.
Results: 258 alerts, 62 legitimate fixes.
Full breakdown on the blog
https://t.co/uQh5Z5USyy
#security #websecurity #appsec #cve #bugbounty
Last Seen Users on Sotwe
Azgın duygular foto paylaşım gizlilik şart
Seen from Turkey
gizli eş
Seen from Turkey
Khoa Nguyen
Seen from Vietnam
BOKEP INDO HD XXx
Seen from Turkey
Uksissy93
Seen from United Kingdom
duycuong9999
Seen from Vietnam
CINTRA
Seen from Turkey
i
Seen from United States
Olgun Sırdaş
Seen from Turkey
@skylerfan
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers