Olivia
Online
Rockwell
@hanysfa
Pentester @SeclabId | OSCP | OSEP | OSWE | Into Telecom and RE | tweet in EN/INA | opinion = mine
Joined October 2017
328 Following
99 Followers
316 Posts
Pinned Tweet
I'll be speaking at Black Hat MEA 2024.
Feel free to come up and say hi if you meet me there. I'm going to be around briefing room 3 at day-1 and strolling around at day 2 and 3.
P.S. I bring some sticker for your gadget 💻
man, the silence from google is making me go crazy.
the new chrome release has 429 security fixes, mostly found by google itself. why don’t they want to tell the world how cool their latest AI/security work is?
at this point, it is absurd to not explain what is going on with this sudden spike.
vim with arrow keys
Who to follow
Rootbakar Official
@rootbakar
Security Enthusiast - Penetration Tester - Bug Hunter - CEH
Vaints
@vaints_
kiss the rain, through the pain. | Pwner wannabe.
🇮🇩/🇬🇧 Playing CTF with SKSD, @SekteGadeng (pwn)
Okza
@itsazko
Data Engineer at 🇸🇬 company | Community Lead at Data Engineering Indonesia (https://t.co/3nAg2iHXP5)
🎄 XMAS GIVEAWAY ALERT! 🎅✨
🎉🔥 To celebrate the holiday season, we’re giving away TWO 12-month FREE vouchers for any of our premium courses:
▪️ Practical Mobile Application Exploitation
▪️ Offensive Mobile Reversing and Exploitation
▪️ Offensive iOS Internals
▪️ Offensive Android Internals
▪️ Practical AI Security: Attacks, Defenses, and Applications
How to participate:
➊ Like 👍 this post
➋ Comment which course you’d like to win and tag one friend. If you win, both of you get FREE access!
➌ Repost 🔁
➍ Follow @8kSec so we can DM you if you win
🎁 Two random winners will be selected and announced on December 24, 2025, on our socials. Both the winner and their tagged friend will receive FREE access to the selected course.
🔗 Learn more about our courses: https://t.co/lWUydt1GpC
Last week our CISO asked me to present on “zero trust architecture.”
I don’t know what that means.
I make $340,000 a year.
I haven’t touched a firewall since Obama’s first term.
But I have a CISSP.
I passed by memorizing acronyms.
I still don’t know what half of them stand for.
I opened my presentation with “assume breach.”
Everyone nodded gravely.
I said “defense in depth” three times.
The board was captivated.
Then a junior analyst raised her hand.
She asked how we’d implement microsegmentation.
I felt a cold sweat.
I said, “Great question. Let’s take that offline.”
She persisted.
I said we should “leverage AI-driven solutions.”
She asked which ones.
I said, “The cloud-native ones.”
She looked confused.
I told her confusion was natural.
I said, “Security is a journey, not a destination.”
The CEO started clapping.
I don’t know why.
But others joined in.
The analyst stopped asking questions.
I ended with “security is everyone’s responsibility.”
This meant it was no one’s responsibility.
Especially not mine.
We got breached two weeks later.
I blamed the analyst for “creating a culture of doubt.”
She got put on a PIP.
I got promoted to VP.
Resilience isn’t about preventing failure.
It’s about surviving it.
Preferably while others don’t.
the word pentest has been so tainted by checklist audits and shallow work that it disgusts me to even say it.
there are only a handful of firms that still do it right.
you can tell if a company actually cares about security by who they hire to audit them. If it’s not one of the few firms that do real work, it’s probably just compliance optics.
@polygonben not ethical. way too skid
I have to make sure that our hiring team doesn't reaching him/her out 😅
Nicely done! Billy (@st424204) and Ramdhan (@n0psledbyte) of STAR Labs used a UAF to perform their Docker Desktop escape and execute code on the underlying OS. They earn $60,000 and 6 Master of Pwn Points.
Hi ID-Hackers, #IDSECCONF2025 insyaAllah akan di laksanakan di #Makassar, untuk info lebih lanjut https://t.co/xoZVivTegP
@goosewin can I use that pic for personal tee design? 😂
@0x_hackerfren Good luck for your exam. as htb player myself, my exam set was quite "easy". I believe that you've nailed it at this exact time
I recently helped a company recover their data from the Akira ransomware without paying the ransom. I’m sharing how I did it, along with the full source code.
https://t.co/mDkQSgaRrc
Official comment from Espressif,
Everyone is now agreeing its not a backdoor.
The researchers "back door" approach for attention back fired.
Shame on you.
https://t.co/vuUtUwTR6i
@saw_your_packet I think it is, as written in the clarification note part
@ZetaTwo I'd love to
very pleased to announce the release of my new article based on my research that led to CVE-2024-46982 titled:
Next.js, cache, and chains: the stale elixir
https://t.co/UFndJxNYLI
note: does not cover the latest findings shared in my recent posts
enjoy reading;
pen test report readout
client: wow. We've had so many pen tests and nobody's found this stuff.
me: aw shucks
C: nah, we're kinda mad tbh at other firms
m: can I see their reports? We have NDAs w/ ya
C: sure
Hands over Nessus_scan_with_nice_cover_sheet.pdf
These thing applies to cyber security job and non engineering job.
Unless you are an independent hacker without any interaction to community, I think this is a good thread to read
How to be a Principal Engineer/Senior Principal Engineer/Senior Architect/fancy-sounding-title Engineer, a thread:
1. You're evaluated on how much more the company succeeds because you're there, not the lines of code you wrote. If you can unblock someone, do that. If you need to kill a two year project that's not going anywhere, do that. Do what is right, not what makes you look good.
also, petition to move the root user's home folder to /home/root instead of /root
Detailed analysis from om tintin
Masih ingat tweet ini? Bbrp minggu yang lalu gw ngulik apa isi code yang mentrigger Microsoft Defender di VMnya @hynzoime_ dan ini yang dibilang oleh media infosec sebagai InfoStealer. Gw bahas detil teknis apa yang ada di dalam code ini. Gak pake iklan tentunya 🧵
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers
✨
⭐
💫