Olivia
Online
Netmux
@netmux
Dad-Husband-Vet-Passwords 🧍🤵🇺🇸🤫
Operator Handbook:
Hash Crack:
NoVA
Joined July 2011
855 Following
5.1K Followers
1.5K Posts
🔧 Top 25 Tools Observed - Team Cymru - S2
Ranked by unique source IPs over 14 days:
1. Nessus: 2,844
2. Asset Recon Lighthouse: 2,595
3. GoPhish: 2,044
4. Metasploit: 1,247
5. Interactsh: 863
6. CobaltStrike: 673
7. Burp Collaborator: 667
8. Sliver: 416
9. QuasarRAT: 204
10. RemcosRAT: 189
11. reNgine: 185
12. asyncrat: 170
13. SuperShell: 167
14. Mythic: 150
15. Vidar: 142
16. PlugX: 142
17. ValleyRAT: 136
18. Hashtopolis: 134
19. CyberStrikeAI: 117
20. Havoc: 117
21. Vshell: 102
22. AdaptixC2: 101
23. Stealc: 86
24. Ligolo-ng: 78
25. XWorm: 76
#threatintel #c2 #malware
A password like G7$kL9#mQ2&xP4!w looks strong.
Every password checker rates it "excellent."
But researchers at Irregular just published something worth knowing: that exact string appeared 18 out of 50 times when Claude was asked to generate a password.
The reason: LLMs are prediction engines. They're optimized for plausibility, not randomness. Claude's passwords had ~27 bits of entropy. A truly random password has ~98.
Password checkers can't detect this. They see character variety. They can't see statistical distribution.
It gets worse for developers: Irregular also found AI coding agents hardcoding these patterns directly into Docker configs and .env files — without the developer knowing.
They found the patterns on GitHub.
Are you auditing AI-generated codebases for hardcoded credentials?
#CyberSecurity #PasswordSecurity #DevSecOps #AppSec
Author: T.O. Mercer
You require more passwords 👾 . Finally, released breach.txt, a wordlist built from real-world passwords found in breaches, forum dumps, leaked logs, and other "sources".
https://t.co/mZ8OcPrUlN
Will try to keep it up-to-date, at least for some time 😀
#infosec
A very big hashcat rules collection with 455 rulesets: https://t.co/NkcDSZXs1A
Spreadsheets with benchmarks on how these rules score:
🟢https://t.co/zly4ULQJY4
🟢https://t.co/Bl0knWfXYj
Who to follow
Will Schroeder
@harmj0y
Researcher @SpecterOps. Coding towards chaotic good while living on the decision boundary.
Jason Lang
@curi0usJack
@TrustedSec Red Team lead | Hi-Fidelity trolling | Liberty/Privacy Enthusiast | Linux | Putting the "no" in nano | Avatar: https://t.co/3XHmKR8nCk
Beau Bullock
@dafthack
Hacker, trainer, and guitarist | Black Hills InfoSec #RedTeam | @BreakForge Training | Produces music to hack to at @N0BANDW1DTH
First look at the dynamic hash-mode support in upcoming hashcat, powered by the new Rust Bridge. No coding needed: write your pattern on the command line.
Don't want to wait for Release? Try it now via GitHub master or https://t.co/B0Ik8dvvmv. Feedback welcome on our Discord
Who’s going to be brave enough to name their four kids Syn, Synack, Ack, and Fin? Bonus points for the parent with the initials TCP.
Helping coordinate and present at this event 😃Folks in NoVA or DMV that are interested please ping me. I’d love to link up.
@RayRedacted I watch this video everytime you post it and I tear up as a father knowing the joy it brought
Complete @hashcat benchmarks on the @NVIDIAGeForce RTX 5090 FE! Running nice and cool so far with solid improvements across the board. Most hash modes got at least a 20% uplift over the RTX 4090 and some modes boasting quite a bit more!
Full Benchmark: https://t.co/aJ9zI1HjGM
Absolutely fantastic read! The first book in years I couldn’t put down til I was finished.
Thanks @bquintero and the founding @virustotal team!
@Fox_Pick you made it on Daily Dose of Internet! 😁
Just wrote a blog entry looking into John the Ripper's new Tokenize attack mode and comparing it to other attacks. Lots of side tangents as well such as using Hashmob wordlists for cracking sessions, and a deep dive into Hashcat Utilities. Link: https://t.co/0fIM8IvPPF
Meet 𝘄𝗲𝗮𝗸𝗽𝗮𝘀𝘀_𝟰! 🕵️♂️
After three years, I'm finally excited to announce the release of 𝘄𝗲𝗮𝗸𝗽𝗮𝘀𝘀_𝟰 and a brand-new website packed with features! Check it out at https://t.co/S8bDNeIUKv.
Here’s a short write-up covering some research Ian Odette (@wikibinge) and I conducted so that our team would have a documented method for cracking Citrix NetScaler system user passwords.
https://t.co/XkK8TB7g3Y
@Fox_Pick That’s incredible! 😃
New blog up: "What a Cluster! How Industry Groups and Names Threat Activity Clusters". I decided there was a need for it since we are more regularly talking about UNCs and STACs these days and it can be confusing for those just getting into #cti.
https://t.co/aTuYeER2su
CISO getting too cocky about their defensive capabilities in front of the board
Censys @censysio has gone from the greatest source of certificate intel to the best internet ports/services intel as well. Impressed in the last year with the coverage. 🙇
#LockBitSupp Stay thirsty my friends
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers