Pepijn @xstplanet - Twitter Profile

over 3 years ago

https://t.co/41EtihxSNx It's been well over 20 days to say a single f... word on the hackerone report I have with them. @Hacker0x01, @TMobile when can I publicly disclose?

0

1

0

880

xstplanet retweeted

Stephen Sims

@Steph3nSims

over 3 years ago

Zero to Hero: The process of reversing and exploiting complex vulnerabilities! https://t.co/TvQsPzhNGH

2

431

114

200

58K

xstplanet retweeted

an0n @an0n_r0

over 3 years ago

Here is why NetNTLMv1 should be disabled in prod networks ASAP. Besides cracking the hash back to NTLM (and then forging Silver Tickets) is straightforward, there is also a lesser known but immediate relay attack path by removing the MIC and doing RBCD abuse. Demo in screenshots.

an0n_r0's tweet photo. Here is why NetNTLMv1 should be disabled in prod networks ASAP. Besides cracking the hash back to NTLM (and then forging Silver Tickets) is straightforward, there is also a lesser known but immediate relay attack path by removing the MIC and doing RBCD abuse. Demo in screenshots. https://t.co/0LlnKltWqD

26

1K

339

403

0

xstplanet retweeted

vx-underground

@vxunderground

over 3 years ago

We are excited to announce our friend @corg_e will be the new manager of vx-underground merchandise. In the following days (or weeks?) we will have a new e-commerce domain. tl;dr kawaii merchandise, or something

20

358

22

5

88K

Who to follow

Defcon Holland

@DefconHolland

DefCon Holland Group meet up for Dutch Hackers in a Dutch bar after work. DC3115 (DELFT) & DC3120 (AMSTERDAM)

Queen Fennec

@Queen_fennec

CISO @Kiesraad / Gamer / Criminologist. Views are my own, mostly. Sometimes views are my mom's. Schokkendt d/t gebruik. *not an actual fox. Podcaster @CISOpraat

Drangolype

@iekruttjgk

xstplanet retweeted

Nguyen Van Hiep @meulody_

over 3 years ago

@testanull

2

58

4

1

7K

xstplanet retweeted

Pepijn @xstplanet

over 3 years ago

@vxunderground maybe start replying to hackerone reports

0

1

0

459

xstplanet retweeted

Paul Seekamp @nullenc0de

over 3 years ago

I have like 50 RCE bugs on this BB target. But EVERY time I have submitted a bug to this company it's a dup. So I'm conditioned to not submit them. I think bug bounties are creating some type of bystander effect...

4

28

3

1

10K

xstplanet retweeted

Radar by Qrator @Qrator_Radar

over 3 years ago

January 22, 2023 — AS21859 — ZEN-ECN [US] — leaked 1348 prefixes creating 1349 conflicts with 44 ASNs in 8 countries. Propagation: 100%. Duration: 1 hour 20 minutes.

Qrator_Radar's tweet photo. January 22, 2023 — AS21859 — ZEN-ECN [US] — leaked 1348 prefixes creating 1349 conflicts with 44 ASNs in 8 countries. Propagation: 100%. Duration: 1 hour 20 minutes. https://t.co/wEqWGJKUOt

0

19

6

1

2K

Pepijn @xstplanet

over 3 years ago

@infosec_au May be @DIVDnl can help informing the owners of vulnerable instances? :)

0

733

xstplanet retweeted

x0rz @x0rz

over 3 years ago

When I see TikTok being used as C2, this is how I know I’m getting too old for this shit

11

417

42

23

87K

Pepijn @xstplanet

over 3 years ago

https://t.co/ZF7NGbdlCS

0

266

Pepijn @xstplanet

over 3 years ago

@vxunderground maybe start replying to hackerone reports

0

1

0

459

Pepijn @xstplanet

over 3 years ago

@stokfredrik ❤️

0

1

0

268

xstplanet retweeted

MakerThrive

@MakerThrive

over 3 years ago

Get idea. Buy domain. Watch domain expire. Repeat.

352

14K

1K

498

2M

xstplanet retweeted

Nasreddine Bencherchali

@nas_bench

over 3 years ago

Palo Alto vs Crowdstrike giving credit. 😂 cc @Purp1eW0lf

9

130

23

17

62K

xstplanet retweeted

Xeno Kovah @XenoKovah

over 3 years ago

It’s like I always say: “These sequence diagrams aren’t going to animate themselves!” CVE-2021-1732 (win32k kernel type confusion -> OOB-R/W) (Based on https://t.co/EmpEzw3nyq)