gmack @__gmack__
VA Joined September 2009-
Tweets543
-
Followers183
-
Following509
-
Likes955
The coming cyberwar: China may already be monitoring your electronic communications thehill.com/opinion/techno…
We at @icebrgdotio have been busy the past couple days. We discovered an Adobe Flash 0-day in the wild with an interesting attack chain and coordinated the disclosure. Shout out to @dancaselden @b0n0n @thedude13. Also, thanks to Adobe team for quick work. icebrg.io/blog/adobe-fla…
After a lot of work with @xorrior I am pleased to release the BETA version of the Empire (multiuser) GUI. This is a pre-release with basic functionality. Please help us test and submit issues as we continue to add features. We hope you enjoy! github.com/EmpireProject/…
The recording for my webcast on removing dangerous legacy permissions in Active Directory is now up on the BlackHat webinar site. Click this link, hit the register button, fill out the form, and you'll be taken directly to the video: blackhat.com/html/webcast/0…
Congrats @424f424f ! x.com/specterops/sta…
#BloodHound 1.5 enables easy GPO enforcement analysis. Here's my write-up on how red teams can take advantage of this on their tests: posts.specterops.io/a-red-teamers-…
Very proud to announce the release of BloodHound 1.5! This update introduces Group Policy control and attack path analysis, OU structure mapping, and several other enhancements and bug fixes. For full details see posts.specterops.io/bloodhound-1-5…
How BloodHound's user session collection works, how to easily get MORE user sessions, and how to measure how comprehensive your user session information is: youtu.be/q86VgM2Tafc
Google gives anyone with Gmail account a free Debian 7 VM with 5Gb of storage. console.cloud.google.com/cloudshell
In part one of a two part series, @_wald0 demonstrates how to understand, measure, and reduce Active Directory attack surface using the Active Directory Adversary Resilience Methodology: posts.specterops.io/introducing-th…
It's been a huge piece of work, but it's done: here's more than half a billion passwords for you to download for free and use to help protect your systems. Or use the online k-Anonymity API developed in conjunction with @Cloudflare. It rocks! troyhunt.com/ive-just-launc…
From @mattifestation: Assessing the Effectiveness of Hash-based Application Whitelisting Blacklist Rules posts.specterops.io/assessing-the-… tl;dr Hash-based blacklisting (a requirement for script-based bypasses) is a weak mitigation.
Need some help on how to do recon? @_ruby and I created "A Visual Guide to Recon" for hackers and bug bounty hunters!
Installer plugins enable an attacker to load their (unsigned) code into a native (signed) macOS application. This is now my favorite payload for initial access on macOS. 🙂 posts.specterops.io/malicious-inst…
Hi guys, I just published Massive Pwnage on my site 10degres.net/massive-pwnage/
ICYMI: @_wald0 and @CptJesus will be presenting a #webcast on Hardening an #ActiveDirectory Environment. 2/8 at 11AM PT / 2PM ET. Register here: brighttalk.com/webcast/15713/…
#Nmap comes with 586 #NSE scripts. 148 of them are default (-sC) or version (-sV) scripts. The rest (438) have to be invoked directly or by category, so many folks don't use them. Here are my top 18 NSE scripts you should run in 2018: #DiscoveringNSE
[Blog] Reviving DDE: Using OneNote and Excel for Code Execution posts.specterops.io/reviving-dde-u…
We will be teaching our Adversary Tactics series at #BlackHat USA this year. Early bird rates are up! Links: Red Team Ops: blackhat.com/us-18/training… PowerShell: blackhat.com/us-18/training… Detection (Sat-Sun): blackhat.com/us-18/training… Detection (Mon-Tues): blackhat.com/us-18/training…
melo @nullvivi
1 Followers 904 FollowingFitX Sports USA @FitxUsa
281 Followers 5K Following OUR MISSION IS TO ENHANCE ATHLETIC PERFORMANCE WITH SAFETY AND EFFICACY THROUGH INNOVATIVE GEAR.Raj Agrawal @itsrajag
493 Followers 3K Following Software Developer, @Microsoft, #entrepreneur #startup, #bootstrapping #cyclingcicigogogo @cicigogogo1
21 Followers 1K FollowingSonny @_Zeleene
3 Followers 331 Followinggoogle @google1054
18 Followers 2K Followingola hultberg @BlixtenOla
10 Followers 290 Followingams gofree @GofreeAms
9 Followers 536 FollowingJake F @mrjak318
336 Followers 2K Following Technologist | Finance | Cybersecurity | Cloud | Software | Blockchain - “There is a difference between knowing the path and walking the path” - MorpheusJEM @JEMTouch
313 Followers 5K Following JEM a sleek new device that remembers all your usernames and passwords – so you don’t have to. It safely stores your data in a vault secured by your fingerprintKevin Mitnick @kevinmitnick
287K Followers 4K Following Chief Hacking Officer @knowbe4, Security Consultant, Public Speaker, & Author Whistling ICBM launch codes since 1988René Soria @bapster_sd
17 Followers 1K FollowingSmittix @smittix1
2K Followers 793 Following Pentester and Head of Offensive Security at Bridewell + Fedora Linux UK ambassador Tweets my own of course.Sprocket Security @SprocketSec
894 Followers 204 Following Continuous Security Testing - Reduce exposure time & prevent breaches using proven human-driven testing methodologies.↑↑↓↓←→←.. @5ynth3t1c
156 Followers 2K FollowingSpecterOps 🇺🇦 @SpecterOps
36K Followers 378 Following Know Your Adversary - Adversary Simulation | Detection | Resilienced00gman @d00gman
931 Followers 1K Following Husband, father, hacker/pentester, OSCP, CRTO, CISSP, OSWP...etc. @[email protected]Ben Bornholm @CptOfEvilMinion
451 Followers 303 Following https://t.co/TGJQ4rFEuM author. CSEC@RIT. Detection and Response Engineer at @Dropbox. Views and opinions are my own.Mr.unknown @belirsiz82
0 Followers 2K FollowingHacking tutorials @HackingTutors
48K Followers 10K Following #OSCP | Increasing security awareness, teaching the basics of security, pentesting and ethical hacking. #hacking #infoSec https://t.co/Qd3kyfNa2nKevin Neset @Chewdoge
9 Followers 330 Followingmrharvin.eth @S_Harvin
455 Followers 915 Following From the DMV to the Bay https://t.co/gjic4cVbnB https://t.co/xEscCufb4uBee Supreme @0Breath
4 Followers 398 FollowingBen Johnson @chicagoben
9K Followers 6K Following Executive CTO/Founder | Cybersecurity Innovator | Angel Investor; cofounder @obsidiansec @vmw_carbonblack; fmr @nsagov; advisor @thejusticedept @cepivaccinesOday_mem @aem_sec
2 Followers 245 Followingtamas @IcarusAffairs
8 Followers 290 Following Interested in it security, exploit development, fuzzing and moretresxcz @FaserFred
1 Followers 216 Followinggdwallasign @Gdwallasign
386 Followers 5K Following Application Penetration Tester and Cybers. Volunteer @OSPASafeEscape gdwallasign at IOC dot Exchange tootingAndrew @4ndr3w6S
2K Followers 2K Following Senior Manager of Detection Engineering @HuntressLabs | Prev. Practice Lead, TAC (Purple Team) @TrustedSec | @SpursOfficial Super Fan - COYS!Shirt @netsecnoob
1 Followers 158 FollowingChristopher Jones @SecuritySenpai
2K Followers 2K Following Web Developer and Security Researcher at Securable.io ( purple team )Paul Brandau @paulbrandau
325 Followers 425 Following Husband, Father - Chief, Red Team @ CISA. My views are my own and not those of my employer.Paul L @dcept905
555 Followers 418 Following Infosec - I fight for the users. "If it ain't audio, it ain't shit." - OTS Audio TechChris Waltrip @cawaltrip
78 Followers 387 Following Computer scientist & hacker. Opinions here are my own and do not necessarily reflect those of my {past,present,future} employer(s). He/him.wwp96 @wwp96
1K Followers 3K FollowingCyberwha? @cyberwha
6 Followers 52 FollowingoverflowingInt @overflowingInt
452 Followers 950 Following Hike. Hack. Brew. // The trick was to surrender to the overflow.Ronny Vaningh @netrusion
1K Followers 5K Following head of cyber detection & response @ ucb pharma, dog agility addict, former live sound engineerU.S. Cyber Command @US_CYBERCOM
126K Followers 313 Following Official Twitter page of U.S. Cyber Command (Following, retweets and links do not equal endorsement)780th Military Intell.. @780thC
32K Followers 550 Following Official Twitter page of the 780th MI Brigade (Cyber). The Army's only offensive cyberspace operations brigade (following, retweets and links ≠ endorsement).Andrew @4ndr3w6S
2K Followers 2K Following Senior Manager of Detection Engineering @HuntressLabs | Prev. Practice Lead, TAC (Purple Team) @TrustedSec | @SpursOfficial Super Fan - COYS!Bill Gates @BillGates
64.6M Followers 586 Following Sharing things I'm learning through my foundation work and other interests.SpaceX @SpaceX
34.6M Followers 113 Following SpaceX designs, manufactures and launches the world’s most advanced rockets and spacecraftJocko Willink @jockowillink
847K Followers 155 FollowingRon Perlman @perlmutations
1.1M Followers 2K Following Don’t get scammed. If you don’t see the blue check mark, it ain't me! @EasyStreetBook is now available. Order link below. Instagram: @perlmutationsNassim Nicholas Taleb @nntaleb
1.0M Followers 2K Following Flaneur: probability (philosophy), probability (mathematics), probability (real life),Phoenician wine, deadlifts & dead languages. Greco-Levantine.Canaan. #RWRIReuters @Reuters
25.7M Followers 1K Following Top and breaking news, pictures and videos from Reuters. For more breaking business news, follow @ReutersBiz. Our new daily podcast is here: https://t.co/KO0QFy0d3aBBC News (World) @BBCWorld
40.7M Followers 16 Following News, features and analysis from the World's newsroom. Breaking news, follow @BBCBreaking. UK news, @BBCNews. Latest sports news @BBCSportThe New York Times @nytimes
55.2M Followers 879 Following News tips? Share them here: https://t.co/ghL9OoYKMMKashmir Hill @kashhill
262K Followers 2K Following Privacy pragmatist. @nytimes journalist. Author of YOUR FACE BELONGS TO US. Named after the Led Zeppelin song.DefCon Darknet @DCDarknet
7K Followers 2K FollowingProject Zero Bugs @ProjectZeroBugs
35K Followers 0 Following A bot that posts the latest blog posts and disclosures from Google's Project ZeroLeeroy Jenkins @SirLeeroyJenkin
1K Followers 67 FollowingPortSwigger Research @PortSwiggerRes
88K Followers 7 Following Web security research from the team at @PortSwiggerWeb Security Academy @WebSecAcademy
108K Followers 5 Following Free web security training from @PortSwiggerMatthias Kaiser @matthias_kaiser
6K Followers 1K Following Vulnerability Researcher. Tweets are my own. @[email protected]Source Incite @sourceincite
3K Followers 4 Following We are Incite Team. Providing high quality Vulnerability Research & Training Services.ESET @ESET
293K Followers 3K Following For over 30 years we‘ve helped watch over your progress, protecting it with our digital security solutions. Ours is the story of Progress. Protected.Kaspersky @kaspersky
321K Followers 123 Following Kaspersky is the world’s largest privately held vendor of Internet security solutions for businesses and consumers. For support, visit https://t.co/enRPRUIwcmRogue Fitness @RogueFitness
378K Followers 159 Following Leading manufacturer of strength & conditioning equipment. Official supplier to #crossfitgames, #USAW, #worldsstrongestman, #arnoldclassic. #ryourogueButch Bracknell @ButchBracknell
574 Followers 799 Following Int'l security lawyer, career Marine, father, Truman NSP member, Sorensen PLP fellow. Personal views only, not any govt or intl org. RT = consider; =/= endorse.Guglielmo Scaiola @S0ftwarGs
608 Followers 257 Following Solution Architect @iCubed - I.T. Consultant, Speaker, Trainer, Red-Teamer,PenTester and Security Consultant, former Army Paratrooper. Opinions are my ownThe Register @TheRegister
105K Followers 46 Following Enterprise tech news and views since 1998 – Biting the hand that feeds IT – Part of @SitPub – Tip us off: https://t.co/UTSGHfn6hq👩🏻💻 Jane .. @JaneScott
4K Followers 393 Following cybersecurity geek • python herder • vuln hunter • infosec sprite • molgen/biotech nerd • ex-sysadmin • she/her • opinions (most certainly) my own • ☕️🏃♀️🔑Josh Lospinoso @jalospinoso
1K Followers 964 Following Cybersecurity, software, startups. C++ Crash Course @nostarch. @Shift5co. Army vet. Dad.Eivind @0xPRIME
186 Followers 795 Following Assume that I do not know what I'm talking about. He/HimVulncode-DB @vulncodedb
592 Followers 0 Following News and updates regarding the vulnerable code database Vulncode-DB.Matthew Garrett (@mjg.. @mjg59
29K Followers 310 Following Not here. Fedi: @[email protected] Bsky: @mjg59.eicar-test-file.zip Signal: @mjg.59 Blog: https://t.co/CVivdtMBWeDirk-jan @_dirkjan
25K Followers 173 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.PREATT&CK legacy acco.. @MITREpreattack
1K Followers 1 Following PRE-ATT&CK was deprecated in 2020, this account is inactive. Please follow us at @MITREattack for updates.Red Team Journal @redteamjournal
5K Followers 18 Following Discussing and promoting analytical red teaming since last century. See our consulting arm, @recipstrategies.CNN Breaking News @cnnbrk
63.9M Followers 122 Following Breaking news from CNN Digital. Check @cnn for all things CNN, breaking and more. Download the app for custom alerts: https://t.co/8bf79vV51NLaura Jarrett @LauraAJarrett
74K Followers 705 Following @NBCNews Senior Legal Correspondent • co-anchor of Saturday @todayshow • toddler wrangler • lawyer and footnote reader • Instagram: @laurajarrettdade @0xdade
17K Followers 839 Following Seasonal Influencer. Python dev, security engineer, former red team, former SSD engineer. Hacker, rapper, writer. he/him. @[email protected] / @0xda.deRP Strength @RPstrength
11K Followers 136 Following Renaissance Periodization offers online diet and training programs to some of the world's strongest and fittest athletes.Jessica Haworth @JesscaHaworth
2K Followers 1K FollowingPOLITICO @politico
4.6M Followers 1K Following Politics. Policy. Power. Congress nerds 👉 @politicongress Longreads and opinions 👉 @politicomag Got a news tip? 👉 https://t.co/JBzpu58Gx6The Hill @thehill
4.4M Followers 345 Following The Hill is the premier source for policy and political news. Follow for tweets on what's happening in Washington, breaking news and retweets of our reporters.Interesting maldoc was submitted from Belarus. It uses Word's external link to load the HTML and then uses the "ms-msdt" scheme to execute PowerShell code. virustotal.com/gui/file/4a240…
Just dropped a big investigation with @VICENews: The U.S. will have almost fewer 21,000 Election Day polling places in 2020 than four years ago. That's a 20% drop from 2016. vice.com/en/article/pkd…
RT this if you understand the cultural reference of using this song as the background for Obama’s speech yesterday
We are moving soon. The new place has is much larger with 2 floors and a basement, what do you recommend for wifi coverage? Some people have suggested NEST. Open to suggestions.
Self promotion time - if you are testing a payment system or a shop, check the whitepaper that I had written and updated last year: nccgroup.trust/globalassets/o… 💰💰💰 #bugbountytip #pentest #Financial
✨ANNOUNCEMENT✨ I am incredibly happy to announce that I signed TWO book contracts with Wiley! 🤩 This is a dream come true and I could not be more excited to share it with you. 🤍 So excited, I even created a facy page and a newsletter for updates. arm-exploitation.com
Since @Zoho typically ignores researchers, I figured it was OK to share a ManageEngine Desktop Central zero-day exploit with everyone. UnCVE'ed, unpatched and unauthenticated RCE as SYSTEM/root. Enjoy! Advisory: srcincite.io/advisories/src… Exploit: srcincite.io/pocs/src-2020-…
I live in Seattle, I have all symptoms of COVID-19 and have a history of chronic bronchitis. Since I work in a physical therapy clinic with many 65+ patients and those with chronic illnesses, I decided to be responsible and go to get tested. This is how that went.
Hey hackers! You get a low priv shell on a linux box. 🎉😀 You have 10 minutes before blue detects you. ⏱🥶 After you've done the quick & basic whoami/pwd type stuff... 🐣🐒 What are any TWO of the next ten commands you run to get the most gains/enum in your 10 minutes? 🗜🤑
@mijaresluis419 @jacobfhsmith @AdamParkhomenko My humanity does not depend on what someone else would do.
Thank you @realDonaldKnuth for being there when I needed you most.
New blog post and updates to SharpShooter including some tradecraft musings by @domchell mdsec.co.uk/2019/02/macros…
In less than 8 hours this @SenatorBennet video has more views than any other C-SPAN video from the Senate floor. Watch complete speech here: youtu.be/1LlCn-HZDuY
.@SenatorBennet responds to @SenTedCruz: "These crocodile tears that the Senator from Texas is crying for first responders are too hard for me to take."
As of Thursday, DOD will be run by a former senior Boeing executive. EPA is run by a former coal lobbyist. HHS is run by a former pharmaceutical lobbyist. And Interior will be run by a former oil-industry lobbyist. Welcome to 2019.
unauth, unassoc remote code exec on the Marvell Avanstar Wifi chip SoC used in Playstations, Xbox, Surfaces, Chromebooks, Samsung phones and more in under five minutes attack time. Bonus second stage escalation in the linux drivers, PoC on steamlink. 2018.zeronights.ru/wp-content/upl…
How I was able to exploit Host Header to find out SQL injection, bypassing rule using sqlmap tamper script and later on dump the database of India's popular Sports company. #bugbounty medium.com/@logicbomb_1/b…
awesome-security : A collection of awesome software, libraries, documents, books, resources and cools stuffs about security : github.com/sbilly/awesome…
For everyone who wants to level up their C skills: Project Based Tutorials in C - A list of tutorials that work towards the making of small to large projects in C. github.com/rby90/Project-…