Sotwe logo Sotwe logo
ouadmoha's profile banner image
ouadmoha's profile image

Mohamed

@ouadmoha

Application security @Doyensec
Joined February 2016
561 Following
121 Followers
156 Posts
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
Our new post shows how #AWS ELBs break #security boundaries via rule shadowing, CloudFront/WAF bypasses, & alternate routing. 📢 Plus ELBaph - a new tool to map routing graphs, detect exposed paths & find attack chains across ALBs/NLBs https://t.co/K5Lq2V5Pws #AppSec #Doyensec
Doyensec's tweet photo. Our new post shows how #AWS ELBs break #security boundaries via rule shadowing, CloudFront/WAF bypasses, & alternate routing. 📢 Plus ELBaph - a new tool to map routing graphs, detect exposed paths & find attack chains across ALBs/NLBs https://t.co/K5Lq2V5Pws #AppSec #Doyensec https://t.co/LWroIb7Jt9
0
21
5
15
1K
ouadmoha  retweeted
lacerenza_fra's profile image
anaxim @lacerenza_fra
Just released with @ouadmoha a Malicious SSO IdP for OIDC / SAML / SCIM security testing. If you are trying to exploit a Service Provider, you should check maSSO 🪨 at https://t.co/JjRAgiyf3L Built at @Doyensec
lacerenza_fra's tweet photo. Just released with @ouadmoha a Malicious SSO IdP for OIDC / SAML / SCIM security testing. If you are trying to exploit a Service Provider, you should check maSSO 🪨 at https://t.co/JjRAgiyf3L Built at @Doyensec https://t.co/x3rd3loXdi
0
2
1
1
160
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
AuthN/Z is always a #security minefield & MCP adds even more complexity with agents, remote servers, and transitive trust. This @goteleport -sponsored deep dive breaks down attack vectors & why each step is a potential trust boundary. 🔗 https://t.co/vOXy5t7sxV #doyensec #ai
Doyensec's tweet photo. AuthN/Z is always a #security minefield & MCP adds even more complexity with agents, remote servers, and transitive trust. This @goteleport -sponsored deep dive breaks down attack vectors & why each step is a potential trust boundary. 🔗 https://t.co/vOXy5t7sxV #doyensec #ai https://t.co/HAyQzoiNry
1
32
14
15
2K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
🧞Your wish has been granted - the latest @pagedout_zine edition is out! In it, our @tell1c0 takes a quick look at #vibecoding, walking through the creation of an AI agent🤖. Check it out today! #doyensec #appsec #ai #Security https://t.co/s6279LYJzI
0
28
8
6
3K

Who to follow

lacerenza_fra's profile image
anaxim
@lacerenza_fra
mostly web && cloud sec Application Security at @Doyensec
cybersaiyanIT's profile image
Cyber Saiyan | RomHack Conference, Training, Camp
@cybersaiyanIT
A community | RomHack Conference, Training and Camp - more info https://t.co/15V29skoWi
n0sign4l's profile image
Leonardo Porpora | @n0sign4l
@n0sign4l
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
🚨Just posted🚨: Learn about real-world API authorization vulnerabilities we frequently see with the slides from @tell1c0's recent presentation at @CONFidenceConf in Krakow. https://t.co/a1BTDuFkUC #doyensec #appsec #security
Doyensec's tweet photo. 🚨Just posted🚨: Learn about real-world API authorization vulnerabilities we frequently see with the slides from @tell1c0's recent presentation at @CONFidenceConf in Krakow. https://t.co/a1BTDuFkUC #doyensec #appsec #security https://t.co/0pwKYoeZ6b
1
104
36
74
5K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
🥳The latest !exploitable is here! We're sharing all the joy that comes with exploiting an arbitrary file write in GitLab, while cruising the Mediterranean. 🚢 Everything from onerous configurations to spotty internet! Enjoy! #doyensec #appsec #security https://t.co/AMdtG4PWDX
Doyensec's tweet photo. 🥳The latest !exploitable is here! We're sharing all the joy that comes with exploiting an arbitrary file write in GitLab, while cruising the Mediterranean. 🚢 Everything from onerous configurations to spotty internet! Enjoy! #doyensec #appsec #security https://t.co/AMdtG4PWDX https://t.co/kJBjRAPoR9
0
115
27
38
7K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
Despite being central to their security, many orgs struggle to securely implement #OAuth. Our new post walks through common issues & how to prevent them, along with a useful checklist! Read it today & ensure your org is secure: https://t.co/UHLlE9vlQB #doyensec #security #appsec
Doyensec's tweet photo. Despite being central to their security, many orgs struggle to securely implement #OAuth. Our new post walks through common issues & how to prevent them, along with a useful checklist! Read it today & ensure your org is secure: https://t.co/UHLlE9vlQB #doyensec #security #appsec https://t.co/dGdvCgFQtp
2
206
64
150
11K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
In the latest Doyensec research, our Norbert Szetei (@73696e65) takes a closer look at the SMB3 Kernel Server (ksmbd) component of the Linux kernel. Check it out today & learn what he found, which led to multiple CVEs! #Doyensec #Appsec #Security #Linux https://t.co/ZxhGcobavc
Doyensec's tweet photo. In the latest Doyensec research, our Norbert Szetei (@73696e65) takes a closer look at the SMB3 Kernel Server (ksmbd) component of the Linux kernel. Check it out today & learn what he found, which led to multiple CVEs! #Doyensec #Appsec #Security #Linux https://t.co/ZxhGcobavc https://t.co/Ctnvq7mM6U
1
40
14
8
4K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
CSRF in modern web apps? It's still possible! Our latest research by @maxenceschmitt dives into using Client-Side Path Traversal to perform CSRF. Check out our latest blogpost and brand new #Burp extension for finding bugs. #doyensec #appsec #CSPT2CSRF https://t.co/9XUicACBRI
Doyensec's tweet photo. CSRF in modern web apps? It's still possible! Our latest research by @maxenceschmitt dives into using Client-Side Path Traversal to perform CSRF. Check out our latest blogpost and brand new #Burp extension for finding bugs. #doyensec #appsec #CSPT2CSRF https://t.co/9XUicACBRI https://t.co/OSoBcez8lc
1
117
48
87
14K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
Checkout @maxenceschmitt's presentation at @owasp's Global AppSec in Lisbon to learn how Client-Side Path Traversal can be leveraged for CSRF attacks! #owasp #appsec #doyensec https://t.co/0OfT8TLRdr https://t.co/bcGKroMZJZ
Doyensec's tweet photo. Checkout @maxenceschmitt's presentation at @owasp's Global AppSec in Lisbon to learn how Client-Side Path Traversal can be leveraged for CSRF attacks! #owasp #appsec #doyensec https://t.co/0OfT8TLRdr https://t.co/bcGKroMZJZ https://t.co/Wxq1z4hyRb
0
37
10
11
4K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
Congratulations 🎉 to Doyensec's own @73696e65 for discovering an out-of-bounds memory read vulnerability in the Linux kernel! Details: https://t.co/cEcbpp154c The fix has been committed here: https://t.co/ZdknDV8MFA #doyensec #appsec #linux #security
0
34
8
7
2K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
New blog post on our new Server Side Prototype Pollution Gadgets Scanner plugin for #BurpSuite! It features a modern detection approach and a focus on real-world exploitation. Download it today! https://t.co/qG3I3G6b9y https://t.co/N2DJK05Ywz #Doyensec #AppSec #websecurity
Doyensec's tweet photo. New blog post on our new Server Side Prototype Pollution Gadgets Scanner plugin for #BurpSuite! It features a modern detection approach and a focus on real-world exploitation. Download it today! https://t.co/qG3I3G6b9y https://t.co/N2DJK05Ywz #Doyensec #AppSec #websecurity https://t.co/DDnK909GDT
1
74
25
36
6K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
PoIEx, a new #Doyensec tool, identifies "Points of Intersection" where code & IaC definitions meet. Visualize & explore IaC, plus create & share real-time notes w/ teammates in VS Code. Try it out today‼️ https://t.co/Z0ekdlATFQ https://t.co/rBqOlBUEjU #CloudSecurity #appsec
1
23
10
5
3K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
Learn more about how having a security-oriented scheduling strategy for #k8s can limit opportunities for lateral movement within your environment in our latest blog post. #doyensec #Kubernetes #security #appsec https://t.co/B6ou4SaeL8
Doyensec's tweet photo. Learn more about how having a security-oriented scheduling strategy for #k8s can limit opportunities for lateral movement within your environment in our latest blog post. #doyensec #Kubernetes #security #appsec https://t.co/B6ou4SaeL8 https://t.co/Y57E8HYYd4
0
13
8
1
2K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
Just posted! Learn how to achieve privilege escalation via misconfigured #AWS Batch & the solution for our previous lab, in the latest installment of #Doyensec's "Cloudsec Tidbits" series by @ouadmoha and @lacerenza_fra. #cloudsecurity #DevSecOps #appsec https://t.co/0Fa49OWAFL
Doyensec's tweet photo. Just posted! Learn how to achieve privilege escalation via misconfigured #AWS Batch & the solution for our previous lab, in the latest installment of #Doyensec's "Cloudsec Tidbits" series by @ouadmoha and @lacerenza_fra. #cloudsecurity #DevSecOps #appsec https://t.co/0Fa49OWAFL https://t.co/EFXOBcsEFr
0
17
6
5
2K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
Zero Touch Production platforms improve security while also making auditing and IR easier. Our latest post talks about common pitfalls found in their implementations and how to avoid repeating past mistakes. https://t.co/ve5YFiuF1D #doyensec #appsec #devops #infosec #security
Doyensec's tweet photo. Zero Touch Production platforms improve security while also making auditing and IR easier. Our latest post talks about common pitfalls found in their implementations and how to avoid repeating past mistakes. https://t.co/ve5YFiuF1D #doyensec #appsec #devops #infosec #security https://t.co/K4mpW7zsUS
0
11
3
0
2K
ouadmoha  retweeted
hillai's profile image
Hillai Ben-Sasson @hillai
Read the full technical details here >> https://t.co/mVPHP3OYrO
1
992
123
148
186K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
Phishing scams targeting #crypto wallets are everywhere. In our latest blog post, @viktorot details one such attack and offers suggestions on how wallets can improve their security. #doyensec #appsec #phishing #infosec https://t.co/xxCjQ70NGy
Doyensec's tweet photo. Phishing scams targeting #crypto wallets are everywhere. In our latest blog post, @viktorot details one such attack and offers suggestions on how wallets can improve their security. #doyensec #appsec #phishing #infosec https://t.co/xxCjQ70NGy https://t.co/Y1JQXokoU4
0
9
9
0
1K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
In our latest blog post, learn how Szymon Drosdzol found a trivial SSRF bypass in #NodeJS 's `request` library (18M weekly downloads). Learn how to patch it and get the details on how other widely used libraries handle the same vector. #Doyensec #appsec https://t.co/LrTjTMIh0i
Doyensec's tweet photo. In our latest blog post, learn how Szymon Drosdzol found a trivial SSRF bypass in #NodeJS 's `request` library (18M weekly downloads). Learn how to patch it and get the details on how other widely used libraries handle the same vector. #Doyensec #appsec https://t.co/LrTjTMIh0i https://t.co/IVnCMdHF7T
4
66
26
20
26K
ouadmoha  retweeted
Doyensec's profile image
Doyensec @Doyensec
Check out @lacerenza_fra's new PESD @Burp_Suite extension. It converts proxy history to interactive diagrams! Easily document findings or convey complicated logical application flows in seconds! #Doyensec #appsec #Pentesting https://t.co/aUtKpbptTL https://t.co/vXEAYU5ukT
0
38
15
2
11K

Last Seen Users on Sotwe

Hi62439737's profile image
tth
Seen from Vietnam
masterfoo99's profile image
อาจารย์ ขอกินน้ำหน่อย
Seen from France
ESherance's profile image
Koleksi Gadis Borneo
Seen from Indonesia
alber2407's profile image
🥵caliente🥵
Seen from Egypt
Public_Catgirl1's profile image
❤️露出反差文化大使❤️(露出转推)
Seen from United States
pencariSTW69's profile image
Pencari nafsu ibu ibu
Seen from Indonesia
AdamEsl08812711's profile image
Black bird 🏳️‍🌈
acil15_keren's profile image
acil
Seen from Indonesia
bbiblekiming's profile image
07변태녀
Seen from Korea
pashaking321's profile image
mamoon 👽
Seen from Spain

Trends for you

1
ariana
Under 10K tweets
2
#StanleyCup
Under 10K tweets
3
ASML
Under 10K tweets
4
Bussi
Under 10K tweets
5
FedEx
Under 10K tweets
6
#NIJIGift_MiniLive
Under 10K tweets
7
All 20
Under 10K tweets
8
Mormons
Under 10K tweets
9
Raman
Under 10K tweets
10
SAFETY NET
Under 10K tweets

Most Popular Users

elonmusk's profile image
1
Elon Musk Verified account
@elonmusk
240.2M followers
barackobama's profile image
2
Barack Obama Verified account
@barackobama
119.3M followers
realdonaldtrump's profile image
3
Donald J. Trump Verified account
@realdonaldtrump
111.6M followers
cristiano's profile image
4
Cristiano Ronaldo Verified account
@cristiano
109M followers
narendramodi's profile image
5
Narendra Modi Verified account
@narendramodi
107M followers
rihanna's profile image
6
Rihanna Verified account
@rihanna
97.3M followers
nasa's profile image
7
NASA Verified account
@nasa
92.1M followers
justinbieber's profile image
8
Justin Bieber Verified account
@justinbieber
90.6M followers
katyperry's profile image
9
KATY PERRY Verified account
@katyperry
86.8M followers
taylorswift13's profile image
10
Taylor Swift Verified account
@taylorswift13
80.6M followers
ladygaga's profile image
11
Lady Gaga Verified account
@ladygaga
72.2M followers
kimkardashian's profile image
12
Kim Kardashian Verified account
@kimkardashian
69.4M followers
youtube's profile image
13
YouTube Verified account
@youtube
68.6M followers
imvkohli's profile image
14
Virat Kohli Verified account
@imvkohli
68.6M followers
billgates's profile image
15
Bill Gates Verified account
@billgates
63.4M followers
theellenshow's profile image
16
The Ellen Show
@theellenshow
62.5M followers
cnn's profile image
17
CNN Verified account
@cnn
61.9M followers
neymarjr's profile image
18
Neymar Jr Verified account
@neymarjr
61.1M followers
x's profile image
19
X Verified account
@x
60.9M followers
selenagomez's profile image
20
Selena Gomez Verified account
@selenagomez
59.9M followers