Olivia
Online
niph
@niph_
red / purple teaming at @codewhitesec - my tweets, my opinions -
🏔️
Joined April 2013
587 Following
470 Followers
1.2K Posts
You like technical deep dives into binary exploitation and crazy heap wizardry? Then you'll like our blog post by @0xor_solo about unauth'ed RCE in NetSupport Manager aka CVE-2025-34164 & CVE-2025-34165 https://t.co/qTobSqOjrY
I wrote Task Unmanager: keeps killing processes Russian Roulette style, until your machine crashes
Last week I hosted family for Thanksgiving.
My 12-year-old nephew asked for the WiFi password.
He wanted to play Roblox on his iPad.
I looked at the device.
Unmanaged. No antivirus. No encryption.
I’m an IT Professional. I don't run an open network.
So I didn’t give him the password.
Instead, I spent 45 minutes provisioning a Guest VLAN.
I set up a captive portal.
I throttled the bandwidth down to 56kbps.
Then I blocked all traffic on ports 80 and 443.
He came back crying. He said it wouldn't load.
My sister screamed at me to "just let him play."
I told her that Zero Trust architecture doesn't care about bloodlines.
We didn't have a "fun" Thanksgiving.
But we had a secure perimeter.
You’re welcome for the compliance.
We know that Microsoft improved the overall printing security in 2025, now using DCE/RPC for callback, you can force NTLM local auth and reflect back machine auth even without CredMarshalTargetInfo() trick 😇
Who to follow
Latest ≠ Greatest? A Retrospective Analysis of CVE-2025-59287 in Microsoft WSUS from our very own @mwulftange who loves converting n-days to 0-days https://t.co/2ev64hf2Ng
🚨Our governments are about to decide whether 450M Europeans deserve privacy - or not.
Help ensure your country says NO to Chat Control: Call you local representatives!
Privacy is not negotiable. Speak up now. ✊ #privacy
👉 More on how to stop Chat Control: https://t.co/JLei3q4sLi
Malicious executions of compiled JavaScript, leading to the of JSCEAL — a stealthy, multi-stage crypto stealer :
⚠️ Malicious ads for fake crypto apps installers
🧩 Modular PowerShell loaders
🕵️ Unique evasion techniques that kept the campaign undetected
https://t.co/S9DTH0QU0i
For those like me who prefer to stay in the terminal and want to call REST APIs like the Microsoft Graph without complicated commands or copy/pasting tokens: roadtx now has a graphrequest command to perform simple requests against these APIs and parse the JSON.
We have reproduced "ToolShell", the unauthenticated exploit chain for CVE-2025-49706 + CVE-2025-49704 used by @_l0gg to pop SharePoint at #Pwn2Own Berlin 2025, it's really just one request! Kudos to @mwulftange
Turns out you can just hack any train in the USA and take control over the brakes. This is CVE-2025-1727 and it took me 12 years to get this published. This vulnerability is still not patched. Here's the story:
It was great to attend #TROOPERS25! Beautiful city, nice weather, talented researchers.
My talk was just based on how Entra works but I hope it contributed to the community.
Thanks for everyone I had a chance to talk to!
No jet lug now. Time to go home😂
https://t.co/VPV45RsbmE
Thanks to everyone who attended our (@unsigned_sh0rt) talk at @WEareTROOPERS! Here is the companion blog post: https://t.co/0AYVl3hp7E
New attack vector: FileFix.
A phishing trick that executes PowerShell straight from your browser no Run dialog, no pop-ups.
Just a fake file path + clipboard + File Explorer.
Red teamers, this one’s wild.
📽️ PoC + write-up: https://t.co/65BgBrTPvq
Lets go, looking forward to the next few days ;)
What if you skipped VirtualAlloc, skipped WriteProcessMemory and still got code execution?
We explored process injection using nothing but thread context.
Full write-up + PoCs:
https://t.co/Sa1oUSYyqU
I'll be returning to #BHUSA @BlackHatEvents this summer for a brand talk about moving laterally from AD to Entra ID. I don't think I've ever been this excited about a talk, with lots of cool stuff to share 🎢 😄.
⚡️ Loki C2 just leveled up! 🍄🧙♂️
🔗 Agents can now link to each other, and across platforms! 🔗
No internet? No problem.
Chain them, pivot deep, and keep moving!
@XForce @IBM @IBMSecurity
Check out the new release here: https://t.co/fR44ukJu8u
I blogged about my discovery of CVE-2025-26684 - Microsoft Defender for Endpoint (MDE) on Linux Elevation of Privilege https://t.co/mjtUQ9YOmW
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers