Top Tweets for #Offensive_security
#tools
#Offensive_security
"Hooking Windows Named Pipes", Apr. 2026.
]-> Windows named pipe hooking toolkit https://t.co/vSXB1sYE0T
// During security assessments, we often see desktop apps composed of several processes. Some of them run as SYSTEM, and others run in the user session context, meaning they are unprivileged. These processes need to communicate in some way, and often use Windows Named Pipes as IPC mechanisms. Once opened, named pipes are a bidirectional communication channel, just like TCP/Websocket, that may be used by a low privileged process to attack an elevated process
#tools
#Offensive_security
1⃣. CrabLoader - Cobalt Strike User-Defined Reflective Loader written in Rust https://t.co/PHkhPIPgoh
2⃣. AIMap - security testing platform for AI agent infrastructure https://t.co/eln8epkVFF
3⃣. CLR-Stomp - BOF that loads a .NET assembly into a Cobalt Strike beacon https://t.co/GJ8P7ofkqB
4⃣. EntraFalcon - tool for assessing the security posture of Microsoft Entra ID https://t.co/hBK2zmrSmE
5⃣. ghosttype - Local forensic scanner that extracts credentials from AI tool conversation history https://t.co/w9CS9zoLhF
#Offensive_security
Bypassing Windows (11 24H2/Server 2025) authentication reflection mitigations for SYSTEM shells
Part 1 (CVE-2025-33073) https://t.co/2T97IwM5wr
Part 2 (CVE-2026-26128) https://t.co/ANcOgXJW1m
// Authentication relay (or reflection) attacks will persist as long as integrity mechanisms are not enforced by default on Windows services
#Research
#Offensive_security
GPT-5.5 vs Claude Opus 4.7 for Pentesting:
A Practical Workflow-Based Comparison
https://t.co/Xi79n52xNp
// A model that writes convincing exploit code is not automatically useful for pentesting. A model that explains a vulnerability clearly is not automatically able to verify it. A model that scores well on coding or agent benchmarks is not automatically safe to connect to scanners, browsers, shells, credentials, or production-like targets...
#tools
#Offensive_security
Kerberos with Titanis
https://t.co/d0Gp0W8evi
// Titanis - https://t.co/zaaZSqBqxi Windows protocol library, including SMB and RPC implementations, among others
#tools
#AIOps
#MLSecOps
#Offensive_security
Recursive Autonomous Penetration Testing and Observation Robot
https://t.co/5VdjPO0Mvd
// Autonomous Offensive/Defensive Security Research Framework, based on Claude Code
#tools
#Offensive_security
1⃣. dexfinder - https://t.co/sklHKmjPuf Cross-platform APK/DEX method & field reference finder with call chain tracing, ProGuard/R8 deobfuscation, and Android hidden API detection
2⃣. LogonTracer - https://t.co/OsJfOfqsNV tool to investigate malicious logon by visualizing and analyzing Windows AD event logs
3⃣. efiguard-detect - https://t.co/D6tHTt7HAW tool to detect EfiGuard
4⃣. ReDyne - https://t.co/x4q5pQoeah iOS Decompiler/Reverse Engineering Suite
5⃣. Disconnected RSAT - https://t.co/cPFTZfFGmF launcher for running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domain joined machies
#tools
#exploit
#Offensive_security
1⃣. Fritter - https://t.co/rOOIlEOJSo tool that generates unique, evasive, position-independent shellcode for in-memory execution, building on Donut's framework with dynamic memory management and randomized components for enhanced stealth
2⃣. KslDump - https://t.co/FjKDR33U4A exploits a Microsoft-signed Defender driver vulnerability via IOCTL 0x222044, enabling unrestricted kernel and physical memory access, bypassing security protections, through registry manipulation and local privileges
3⃣. RegPwn - https://t.co/JmclTDIQSJ privilege escalation exploit affecting Windows 10, 11, and Server editions (CVE-2026-24291)
#tools
#Offensive_security
#Red_Team_Tactics
1⃣. VMkatz - https://t.co/28cafJutef Extract Windows credentials directly from VM memory snapshots and virtual disks
2⃣. https://t.co/BVTbTE1uif KaplaStrike - module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and static signature removal
3⃣. https://t.co/GCkmUC0j5D StealthyWMIExec - a stealthier approach to WMI-based command execution using Impacket without touching the disk
4⃣. Kerlab - https://t.co/XuRI83PQ3W a Rust implementation of Kerberos for Fun and Detection
5⃣ Ghost in the PPL - https://t.co/TzgVweyCuk LSASS Memory Dump
#hardening
#Offensive_security
Breaking Out of Citrix and other Restricted Desktop Environments
https://t.co/aYXs9kY4MT
// This article details techniques for escaping restricted environments like Citrix by exploiting misconfigured Windows dialogues, help files, and accessibility features to launch unauthorized shells. The post emphasizes hardening virtualized environments through strict, least-privilege configurations
#Offensive_security
A Deep Dive into the GetProcessHandleFromHwnd API
https://t.co/OCs6wGbo3c
// From Windows XP to Windows 11 24H2
See also:
]-> PPLwindow PPL Bypass via GetProcessHandleFromHwnd https://t.co/Jsc21jF61P
[언론보도] 제주도, 박찬암 화이트 해커 초청해 공직자 대상 사이버 보안 교육 개최
https://t.co/fZcJ3J52P2
@hkpco #스틸리언 #STEALIEN #사이버보안 #정보보안 #Offensive_Security #공격자관점 #화이트해커 #박찬암 #제주도 #유퀴즈 #인공지능 #AI #사이버전쟁사례 #보안사고 #사이버보안강연 #정보보호교육
- 27일 복지이음마루에서 진행... 도내 공직자·공공기관 직원 대상
tvN '유퀴즈 온 더 블록' 출연으로 대중에게 친숙한 화이트 해커 박찬암 강사를 초청해 '사이버 전쟁 사례로 알아보는 정보보호'를 주제로 진행된다.
김남진 제주도 혁���산업국장은 "사이버 위협이 일상과 업무에 직접적인 영향을 미치고 있다"며 "이번 교육을 통해 사이버 보안에 대한 경각심을 높이고 안전한 정보환경을 토대로 도민이 안심할 수 있는 행정을 펼치겠다"고 말했다.
#tools
#Offensive_security
#Red_Team_Tactics
1⃣. Automating the Pass-The-Ticket attack
https://t.co/OEU9Y9AvR0
]-> AutoPtT in C++ and Python https://t.co/5uD3bgxMl4
2⃣. Linux Shared Library to Shellcode Loader
https://t.co/O1s96iUSeb
3⃣. GhostLocker: AppLocker-Based EDR Neutralization
https://t.co/DFzjuWKHzA
4⃣. MSSQL Silver Tickets and Token Privileges
https://t.co/RvdVZdmykF
]-> Token handles abuse https://t.co/Rnq9UysZDw
5. LOLRMM tools
https://t.co/ZYgWvpWHMw
#MalDev
#Malware_analysis
#Offensive_security
MacOS Malware Persistence
Part 1 - LaunchAgents. Simple C example https://t.co/sWvQysJ8Js
]-> Source code in GitHub https://t.co/BFmWwFcV84
Part 2 - Shell environment hijacking. Simple C example https://t.co/Y1RG7OWphd
]-> Source code in GitHub https://t.co/a3EHfpA74D
#tools
#Sec_code_review
#Offensive_security
Claude Code in a devcontainer
https://t.co/OPDyuMyCf8
// Sandboxed devcontainer for running Claude Code in bypass mode safely. Built for security audits and untrusted code review
#Offensive_security
#Red_Team_Tactics
Living off the Process
https://t.co/EYffx3VFOM
]-> Full Source Code ready to compile
https://t.co/sHtiLPFQZ9
#tools
#Offensive_security
HuntCyberArk - CyberArk Security Audit Suite
https://t.co/mrjBz1tcdB
// A comprehensive PowerShell-based security assessment tool for Privileged Access Management platforms
See also:
zBang - Risk assessment tool for privileged account threats https://t.co/mNQPQ3kdq5
Conjur - Secrets management platform https://t.co/uEd0L68QsN
ACLight - Shadow Admin discovery
Ansible Security Automation https://t.co/KRYs7mlUzc Collection - CyberArk Ansible integration https://t.co/O4AvLuZHS8
#tools
#Kernel_Security
#Offensive_security
AV/EDR Killer: AV/EDR processes termination by exploiting a vulnerable driver (BYOVD)
https://t.co/ZReJK2CcBh
// This project demonstartes how a legit, and signed driver can be weponized to gain kernel level access
#MLSecOps
#Offensive_security
"Reasoning Hijacking: Subverting LLM Classification via Decision-Criteria Injection", 2026.
]-> Criteria Attack Dataset https://t.co/5uhjge2WeM
// Current LLM safety research predominantly focuses on mitigating Goal Hijacking, preventing attackers from redirecting a model's high-level objective. In this paper, we argue that this perspective is incomplete and highlight a critical vulnerability in Reasoning Alignment. We propose a new adversarial paradigm: Reasoning Hijacking and instantiate it with Criteria Attack, which subverts model judgments by injecting spurious decision criteria without altering the high-level task goal
Last Seen Hashtags on Sotwe
MenifeeCares
Seen from Japan
7thorder
Seen from United States
cuteboy
Seen from Argentina
cnc
momson momson momson momson momson
Seen from Israel
chavgirls
Seen from United Kingdom
hijabsange
Seen from Indonesia
CRUSINGENELMETRO
Seen from United States
หีดําๆ
Seen from Thailand
有花もえ 制服
Seen from Japan
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.2M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers