Olivia
Online
ticarpi
@ticarpi
Pentester, Vulnerability Researcher, Hacker of things.
My views are entirely my own.
England, United Kingdom
Joined February 2015
367 Following
485 Followers
544 Posts
ย Pinned Tweet
Congrats @RadioTimes for getting someone to write a @OfficialBlueyTV article without ever seeing the show before, let alone the episode in question.
๐
That's an impressively inaccurate sentence.
@jyopur can you drop me a line? It's about a vulnerability in one of your NPM packages. I've emailed, but wanted to connect to make sure the fix is in hand. Thanks.
Ten years ago I was waiting sooooo patiently as each of the beautiful 'Color Editions' of Scott Pilgrim were released. Still pride of place on my shelf. So perfect. So wild and yet so relatable.
And now this, @bryanleeomalley?! Explain yourself! How are you so damn genius?
Who to follow
Samuel
@saamux
Iโm learning ๐จ๐ฑ
Luke Young
@TheBoredEng
I find bugs and exploit them. Sometimes for money, mainly for free T-Shirts.
Aseem Shrey 
@AseemShrey
Founder https://t.co/gzIQqhCPZb - We handle security. You ship awesome products ๐
๐ ๏ธ Founder SecureMyOrg
๐น https://t.co/ZjN2YzePJW
#cybersec #privacy
What an amazing day at @bsidesbristol
Thanks so much to all the people who organised it, spoke at it, attended, and generally just made it great.
See you next year!
#BSidesBristol
@garethheyes @PortSwiggerRes @avlidienbrunn @fransrosen Just what I've used since building my first long payloads for the Cookieless Feature XSS in .NET
Ah, those were the days...
@garethheyes @PortSwiggerRes @avlidienbrunn @fransrosen ๐คฃ not picking holes, your research work is always stellar. I use it every frickin' day.
Good to know, just checking I wasn't going mad.
Did you ever see a technical tweet you didn't understand? No worries, I'm here for you! ๐งโ๐ซ
https://t.co/7M5Auo7EJi
Chipotle is the perfect seasoning for everything.
#provemewrong
I just completed @Pentesterlab's Yellow Badge!
RCE in several server applications, authentication bypasses and privesc == fun!
Give it a go.
@nullenc0de Thanks for that. Always glad to see it's helpful ๐
One day we might actually be able to report directly from @Burp_Suite... maybe.
Good effort with this, keeping things tagged and organised sounds really useful.
You can now attach notes to requests via the new 'Organizer' tab, on @Burp_Suite's early-adopter release channel! More details here:
https://t.co/L7c3QDgS1I
@fuzz_sh Interesting like flashy? Or impactful?
Personally I usually try to find an authed page on the site with sensitive data, and use onsite request forgery to fetch() it in the victim's session and show that in an alert. Good fun to pop the user's password that way.
@fuzz_sh CSP misconfigured can weaken browser defenses, as can X-Xss-Protection. Sometimes Cache-Control.
@fuzz_sh Cookies missing attributes is a misconfiguration, and has impact only under certain contexts. I only report on Session/sensitive cookies, but they usually work out to a 3.1 Low anyway due to AC:H
@fuzz_sh CVSS requires direct impact on C/I/A, and best practice headers aren't exploitable directly without other vulnerabilities being present. The one exception IMHO is Strict-Transport-Security. Some of the others can have a score if misconfigured of course.
@TheSteveMair Perhaps ironically these are used by forensic investigators to prevent data being lost or encrypted at the time of acquisition. So sometimes #infosec #security #win ? ๐
Calling #pentest and #BugBounty pros: how often do you find #SQLi?
I'm trying to impress on a client how bad it is that I've found SQL Injection on EACH of the 3 apps I've tested for him in the last 6 months...
Watched it a hundred or more times and somehow only just realised that the opening credits of @OfficialBlueyTV is a game of musical statues.
Oh man. #sleepdeprivation #dadlife
Last Seen Users on Sotwe
Stranger ๐คซ
Seen from France
๊ฐ๋๐ณ๏ธโ๐
Seen from Korea
ChiraqThroat
Seen from United States
OopsFamily
Seen from Turkey
EdgeHimClub
Seen from Singapore
DaphneThickAss
Seen from France
Defne kudret รงift
Seen from Germany
kalaisexy
Seen from Malaysia
Femdom slave dog
Seen from Turkey
iremdiren
Seen from Turkey
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.2M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
61.9M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers