initstring @init_string
AT&F&C1&D2&K3%C0 https://t.co/FcLLHui5wV | https://t.co/zOit06UquA | @[email protected] Melbourne, Victoria Joined March 2017-
Tweets92
-
Followers1K
-
Following71
-
Likes65
@techspence @who1sroot Love hearing this success story, thanks so much for sharing! Seen similar results on general cracking campaigns too - this tool doesn't return volume but it occasionally gets those really high-value ones. :)
Local Privilege Escalation in Fedora Linux (CVE-2025-12744). Red Hat has made this public, but patches aren't out yet. Reliable root for any local user. Mitigation: sudo systemctl disable --now abrtd Writeup + PoC: initblog.com/2025/abrt-root/
Drive-By Attack in Ollama Desktop v0.10.0 Found a bug in Ollama desktop GUI (not the core API) where malicious websites could hijack all private chats. Ollama crew patched it within hours. Make sure to update! Tech details, video, IoCs, and PoC here: gitlab-com.gitlab.io/gl-security/se…
@Ne0nd0g @gitlab We also do research and "opportunistic attacks" which may be more narrowly focused on identifying new attack paths, exploits, initial access vectors, etc: handbook.gitlab.com/handbook/secur…, handbook.gitlab.com/handbook/secur…
@Ne0nd0g @gitlab Thanks @Ne0nd0g. We try to include assessing/improving detections, controls, and processes within the context of a stealth op. More info here on how we track those outcomes: handbook.gitlab.com/handbook/secur…
@DJBretschneider @DailyOsint Thanks for the ping! If you open an issue in the GitHub repo, we can troubleshoot it. Have a good day :)
A lot has happened in a year! I’ve refreshed the dynamic data sources for passphrase-wordlist and generated a new file. If you’re into cracking complex passwords, this may be for you. Enjoy! github.com/initstring/pas…
I'm not very active on here, and probably won't be on the next one either. But just in case, here's the new Mastodon profile I set up: @[email protected]
Spent some time recently formalizing our Red Team workflow at GitLab. The process is open-source, and we're sharing our issue templates to track logistics, goals, TTPs, reports, etc. about.gitlab.com/blog/2022/05/1…
@qualys Brilliant work! I spent a long time looking for privesc in snap-confine as well, but couldn't quite get one over the line. Congrats to your team members who discovered these.
Sometimes I like to just grep random things and see if it made it into the list. $ grep covid ./passphrases.txt | wc -l 5937 Well, some of those are... interesting.
Just pushed an update for passphrase-wordlist. Massive list of passphrases with hashcat rules for offline cracking of long, complex passwords. Enjoy! github.com/initstring/pas…
@TychoTithonus @freeroute_one @CyberWarship I spent some time this weekend re-scraping sources and updating documentation. Just pushed the new version. Thanks everyone!
@fomm_io And yes, you'll also need to use the uBlock method in combo with whatever rebind protection you're using. It blocks local IPs, while the rebind protection blocks DNS names that resolve to local IPs.
@fomm_io I'm not familiar with Fritzbox. Try to resolve the DNS name `192.168.1.1.nip.io`. If your rebind protection is working, it should not resolve to a real IP.
Wanted to share this combo, as it's such a cool protection from drive-by attacks. 1. uBlock Origin with the "block access to LAN" filter-list 2. DNS rebind protection (available in pihole, NextDNS, dnsmasq, AsusWRT-Merlin, etc) JS can no longer easily target your LAN!!!
I've not yet spent time trying to bypass the combo, but that could be a fun adventure for the future.
I discovered a drive-by #RCE in the @gitlab Development Kit (it's now fixed). This took chaining multiple vulnerabilities and would have allowed me to remotely compromise developer machines. Details and tips to protect yourself from similar exploits here: about.gitlab.com/blog/2021/09/0…
@joernchen The NeverEnding Story because you get to fight a wolf and ride a dragon if you read it.
LiveOverflow 🔴 @LiveOverflow
160K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
shubs @infosec_au
58K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
Marco Lancini @lancinimarco
7K Followers 383 Following 💼 Director of Security 📬 @CloudSecList 📚 https://t.co/TrQKzxfnYg 💬 I write about security strategy, technical leadership, and cloud security.
sagitz @sagitz_
8K Followers 889 Following Cloud Security Researcher at @wiz_io • Microsoft Most Valuable Researcher 21/22/23 • Black Hat Speaker • Ask me anything about https://t.co/57lyhfcUee
siddu @sidduvastrad2
0 Followers 53 Following
secaggr @secaggr
128 Followers 4K Following
Larryxi @1arryx1
92 Followers 295 Following
FAMASoon @FAMASoon
1K Followers 857 Following Security research blog: https://t.co/iTsZ04qDQ8 GitHub: https://t.co/nfFPKkjf5O
spencer @techspence
16K Followers 3K Following 🛠️ Former Sysadmin, now Pentester | Microsoft MVP | Helping IT teams make their environment harder to attack | @SecurIT360 & @CyberThreatPOV
Polyduekes @polyduekes
8 Followers 264 Following
Anderson Nascimento @andersonc0d3
4K Followers 6K Following Director & Security Researcher @alleleintel
test domain @User2Micro
704 Followers 5K Following
悠乃 (ゆの) @j2F5084rK7f9h4M
6 Followers 1K Following セクシー桜花娘、奔放で夜のデート無限。文芸少女の外見、内面は乱れ、デート映画館で暗闇のキス。今夜空いてる、デートすぐ来て、妖艶全開。
who3ver_momo @m01e_exp
151 Followers 1K Following
Peter Schawacker @PeterSchawacker
957 Followers 7K Following Cyber Business Innovator & Strategist | CISO | AI | GRC & SOC | DFIR/TTX | SecOps | Drive Margin | Nearshoring | LATAM-USA | Emerging Markets | GTM Advisor
AISecHub @AISecHub
9K Followers 7K Following 🚀 AISecHub | AI & Cybersecurity | Securing AI systems, and sharing insights on emerging challenges | https://t.co/YeYtqq5tJC
Shubham Singh @Sin85879Singh
6 Followers 358 Following
Ganesh Udutha @GaneshUdutha2
3 Followers 232 Following
Alright @Rooftop_Korean1
0 Followers 26 Following
jimi2x303 @jimi2x303
209 Followers 483 Following
🍓Thomas Anderson @SecurityParadox
1K Followers 4K Following 🍓The Master Builder 33rd Degree Developer at https://t.co/1lS7BItvjg https://t.co/FaKbeoYdaU ⚕️🦾 LLM Dev @NexusAi you can just build things
Whothoyth @WhothoythaiQ2L
17 Followers 880 Following
Offensive Brute @OffensiveBrute9
19 Followers 1K Following
VeronicaHicks @b662L3x0fa69vgL
54 Followers 3K Following
Shinobyx @crypticrebel337
20 Followers 1K Following Bug bounty hunter who is a bit inactive on social media, so don't expect too much from me here...
Akshay Suthar @AkshaySth
79 Followers 731 Following Nihil timendum est! Opinions & views are solely my own
DEFENCE™ @bolu_esq
2K Followers 6K Following (upcoming) tech bro. @money23green regen. actively rediscovering the joy in doing things for their sake. trusting the work. qui audet adipiscitur.
vDitchDigger. @Bjarniji
321 Followers 7K Following RoadsLessTravelled, SysAdmin/Infosec, Nvr Enuff Books/Guns/Whiskey, NAP, Meditation, Husband, INTP, LoudPipes, RTFM, KE0JPC, Pronouns are Shall/Not/Be/Infringed
Ath3r1s @Ath3r1s
43 Followers 433 Following
︎ @0xocdsec
4K Followers 8K Following ︎ 🏴☠️ 🇪🇺 💚 🇺🇦 | computers & features | 💚 🏴☠️ party | 603,628 km² https://t.co/F5dgX7AEoL
crypto Tabi 🟧base.... @crypto22799
0 Followers 78 Following
vx-underground @vxunderground
438K Followers 357 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
PentesterLab @PentesterLab
204K Followers 0 Following We make learning web hacking and security easier. Online systems, code review, videos & courses that can be used to understand, test and exploit bugs!
Marco Lancini @lancinimarco
7K Followers 383 Following 💼 Director of Security 📬 @CloudSecList 📚 https://t.co/TrQKzxfnYg 💬 I write about security strategy, technical leadership, and cloud security.
Lightning Labs⚡️�... @lightning
161K Followers 290 Following Lightning scales and speeds up #bitcoin. We build lnd, taproot assets, lightning loop.⚡️ Support: @lightning_help
Rene Pickhardt @renepickhardt
33K Followers 287 Following #Bitcoin & #lightningnetwork developer & educator demanding open knowledge! Proud member of @wikimediaDE @de_Serlo & former #BTW17 Frontrunner of @piratenpartei
mandatory.bsky.social @IAmMandatory
12K Followers 498 Following Red Teamer @OpenAI, meme archivist, XSS Hunter author, DNS/TLD/web security researcher.
Jakub Kaluzny @j_kaluzny
1K Followers 1K Following Bringing the `oh, we didn't expect it` phrase earlier in the SDLC. Leading innovative AppSec initiatives.
Edward Snowden @Snowden
5.6M Followers 1 Following I used to work for the government, but now I work for the public.
Janine @J9Roem
7K Followers 245 Following ThatOnePrivacyGirl. #Cypherpunk. Journalist a.k.a. Archival Extremist. Wanderess. Board @opensats. "Freiheit ist eine Reise ohne Ankunft." 🏔🌃
Luke Childs ☂️ @lukechilds
6K Followers 1K Following Cofounder & CTO @umbrel Previously @bitcoinjs @browserify
Infiltrate @InfiltrateCon
7K Followers 158 Following The original offensive information security conference.
Felix Gröbert @fel1x
4K Followers 620 Following Principal Engineer, Product Security Engineering at Google Cloud. Opinions own. Tweets deleted periodically.
Michael Skelton @codingo_
38K Followers 767 Following VP of Operations @bugcrowd, Hacking Content @ https://t.co/Ov3ZXfNg5P tools @ https://t.co/4X3ot71JLf @SecTalks_GC & @BSidesGC co-organiser
Andreas (aantonop Tea... @aantonop
781K Followers 0 Following My team uses this account now. Find me on https://t.co/xXqqqjq7Mt or https://t.co/DrzRPDF6ug #Bitcoin & Open Blockchains, since 2012. Author of 6 books.
J @Morpheus______
26K Followers 0 Following An author that can't sell his books on AMZN anymore. Evolving far beyond Darwin. And no longer here. d750ba1de8af276f1bb6044ba1f61db5 !
Sergey Toshin @_bagipro
7K Followers 187 Following Ranked as the #1 security researcher for Google Play Security Rewards Program. The founder of @OversecuredInc Android and iOS vulnerability scanners
Aditya Gupta @adi1391
8K Followers 2K Following Founder @ Attify - Breaking LLM/IoT/Mobile - CFSE Author - Formal Logic & World-Model RE - Teaching Offensive Intelligence Engineering
Attify @attifyme
2K Followers 3K Following We train security teams to break complex systems — IoT, Mobile, AI. Methodology-led. Evidence-backed. Open for corporate delivery.
Attack and Defense @attackndefense
1K Followers 8 Following @[email protected] - Mozilla's Security Internals for Security Engineers, Security Researchers, and Bug Bounty Hunters.
Lukas Stefanko @LukasStefanko
24K Followers 700 Following Malware Researcher at @ESET Android security, malware analysis, app vulnerability research https://t.co/dnQvb9BCZj
Zerodium @Zerodium
26K Followers 0 Following Zerodium is the world-leading acquisition platform for premium zero-days exploits and advanced cybersecurity research. We pay BIG bounties, not bug bounties!
SSD Secure Disclosure @SecuriTeam_SSD
24K Followers 2 Following SSD provides the support you need to turn your experience uncovering security vulnerabilities into a highly paid career. [email protected]
Ron Chan @ngalongc
19K Followers 610 Following
@[email protected]... @2600
52K Followers 5 Following The Hacker Quarterly Bluesky: @2600.com Mastodon: @[email protected]
Black Hills Informati... @BHinfoSecurity
49K Followers 2K Following Specializing in pen testing, red teaming, and Active SOC. We share our knowledge through blogs, webcasts, open-source tools, and Backdoors & Breaches game.
wtm @wtm_offensi
3K Followers 976 Following Security researcher, bug bounty hunter, owner at Offensi. My opinions are those of my employer.
C Sto @C__Sto
622 Followers 454 Following Sarcastic wannabe hacker. Professional ‘I wonder what would happen if I’-er
Google VRP (Google Bu... @GoogleVRP
42K Followers 0 Following We ❤️ 🐜🐞🦗🦟🦋. {echo,{{{Google,Chrome,Android,Abuse,Mobile,OSS,Cloud}Vulnerability,Patch}Reward,VulnerabilityResearchGrants}Program}
Robert M. Lee @RobertMLee
75K Followers 398 Following Co-Founder & CEO @DragosInc | SANS #FOR578 & #ICS515 course author & Faculty Fellow |@_LittleBobby_ writer | NSA & USAF Veteran
kat traxler @NightmareJS
2K Followers 3K Following proficient at drawing the rest of the 🦉| security impact junkie
Rhino Security Labs @RhinoSecurity
7K Followers 2K Following Rhino Security Labs is a top penetration testing and security assessment firm with a focus on cloud (AWS, GCP, Azure), network, and web application pentesting.
Beau Bullock @dafthack
18K Followers 646 Following Hacker, trainer, and guitarist | Black Hills InfoSec #RedTeam | @BreakForge Training | Produces music to hack to at @N0BANDW1DTH
Mudge @dotMudge
63K Followers 336 Following Make a dent in the universe. Find something that needs improvement: go there and fix things. If not you, then who? {he/they}
Eduardo Vela @sirdarckcat
13K Followers 614 Following not mad. mentally divergent. personal profile, opinions my own. everything I say is probably wrong. @Google
T0py @InfoSecFriends
3K Followers 773 Following Hacker. Breaker. Lock Picker. Physical Security Enthusiast. Photography. HackHouse. @OzSecCon. Curious. IBM Z9 Owner. Warranty Void If Removed.
codeEmitter @code_emitter
189 Followers 599 Following Staff Security Engineer, Red Team @GitLab, GCPN, GWAPT, Experienced InfoSec Newb, Coder, CrossFitter, Musician, Internal combustion chamber enthusiast.
Mel @momowowo
181 Followers 229 Following
Silvio Cesare @silviocesare
11K Followers 1K Following CTO of @infosectcbr. Co-founder of @bsidescbr. Still hacking.
joernchen @joernchen
8K Followers 517 Following Your mom's favorite hacker. Also at @[email protected]
ATT&CK @MITREattack
117K Followers 515 Following MITRE ATT&CK® - A knowledge base for describing the behavior of adversaries. Replying/Following/Re-tweeting ≠ endorsement. @ https://t.co/wt46ArkZVt
nixCraft 🐧 @nixcraft
397K Followers 0 Following Love Linux/Unix, open source, and programming? Into Sysadmin & DevOps? Follow us! Boost your IT career with daily new tools, apps, and humor ⤵️
unix-ninja @unix_ninja
6K Followers 586 Following Team Hashcat + Hacking stuff + Running Information Security in FinTech + I like chess + Cracking Passwords + Making music
Matt Bush @ DEF CON @mattdoeshacks
18 Followers 79 Following @3xocyte at DEF CON (The Missing Link and Shenanigans Labs)You might like
