Olivia
Online
sender
@senderend
Pentester, Red Teamer @Specterops | OSCP
San Francisco, CA
Joined April 2024
95 Following
117 Followers
19 Posts
Pinned Tweet
Much-delayed release of my tool, the result of some really fun research, especially the Windows kernel stuff!
Relayed NTLM creds are powerful, if you can use them.
@senderend shows why browsers fail through ntlmrelayx SOCKS and introduces ghostsurf to make NTLM-authenticated web apps accessible.
Read more ⤵️ https://t.co/BdtzoKquD1
Developed a much-needed C2 channel for Mythic with @KingOfTheNOPs during a 24hr hackathon! *.blob.core.windows.net is often one of the only egress methods from more mature client environments.
New from @KingOfTheNOPs + @senderend: azureBlob, a Mythic C2 profile that uses Azure Blob Storage as transport.Supported Agents:
🐍 Medusa
🪽 Pegasus (new test agent)
❤️ Your fav agent (with simple integration guide)
https://t.co/0jNpt5978o
🧵: 1/2
WSL2 is a powerful attacker hideout because it runs as a separate Hyper-V VM, and defenders rarely monitor it.
Daniel Mayer explains how attackers pivot into WSL2 and what it took to build tooling that works across WSL2 versions.
Read more ⤵️ https://t.co/TaPsDDW4Cq
Credential Guard was supposed to end credential dumping. It didn't.
@bytewreck just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more ⤵️ https://t.co/mYPHg1mTKj
MATCH (c1:Computer)-[:MemberOf*1..]->(g:Group) WHERE g.objectsid ENDS WITH '-516' WITH COLLECT(c1[.]name) AS dcs MATCH (c2:Computer) WHERE c2.enabled = true AND (c2.operatingsystem contains '2025') AND (c2[.]name IN dcs) RETURN c2[.]name
If this query hits, you're in.
Had an amazing time at @BSidesSF this weekend! Super fun and well done CTF, solved quite a few and came agonizingly close on some of the harder ones, including one that remained unsolved by anyone! I was thrilled to run into Erik from @badsectorlabs and talk Ludus.
As a follow up to my research on a GLPI command injection vulnerability, I've updated the @pdnuclei
template for this CVE to detect the more advanced RCE vectors I researched. The PR is merged and live in the latest version of Nuclei, check it out below!
https://t.co/N1G5dz71QB
Awesome talks, great food, inspiring people, and excellent community building from @SpecterOps last Wednesday! I look forward to the next one.
📆 Mark your calendar!
We are hosting a BloodHound user group meet-up in the Seattle area on Weds., May 29. Join @_wald0, @JustinKohler10, @harmj0y & @tifkin_ at @AscendBellevue to get the latest on managing Attack Paths, AD CS & Nemesis.
Register 👉 https://t.co/kFd9V56FPe
In his new post, @jaredcatkinson examines how changing the implementation of tradecraft can have as much of an impact on detection programs as changing the behavior.
Read more ⤵️ https://t.co/gKsHNLXLLi
As a follow up to my PrivEsc Server scripts, here's another writeup with some of my most useful shell aliases and functions. These saved me lots of time and repetitive keystrokes on the #OSCP exam, and made my terminal workflow much more fun!
https://t.co/cD2fwNOHZ5
Check out my OSCP Privilege Escalation Server Scripts to save some time on the exam
#oscp #offensivesecurity
https://t.co/LmmpKwvyEO
Here's my in-depth guide to the #OSCP course and exam. Check it out for all the tips and tricks I wish I had when I was studying.
https://t.co/jUlXsRcV9g
I recently published an exploit script PoC as a result of some really fun research. Check out my in-depth writeup and try it for yourself on my GitHub! #applicationsecurity #appsec #cybersecurity #hacking #offensivesecurity
https://t.co/ZNRCBXnxgs
I'm thrilled to announce that last week, I passed the OSCP exam and got my certification!
Thanks @offsectraining for the learning experience!
#OSCP #offensivesecurity #cybersecurity
turns out, with enough finesse and research, the LSA will give you what you want if you ask nicely. all without touching LSASS memory! excellent wiki here as well.
https://t.co/UQK7l9SLV7
Today I'm releasing AtlasReaper, a .NET tool designed for red teamers to interact with Confluence and Jira via C2 agents.
Discover secrets and launch targeted attacks.
Check out the blogpost for more details:
https://t.co/PtRuXP5Fap
Github Repo:
https://t.co/cWrQLagnTJ
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers