nol @nol_tech
Infosec 🟨⬜️🟪⬛️ Joined September 2020-
Tweets1K
-
Followers824
-
Following897
-
Likes5K
If a website uploads your pictures to S3 as public objects and serves them through a reverse proxy, you have XSS even if the website's implementation is safe! I wrote about this in full in this post: blog.voorivex.team/content-type-o…
Can you spot the XSS vulnerability? 👀 Test it out live at: pwnbox.io/challenges/mim…
@0xocdsec the script itself is indeed a bit messy and can definitely be improved
@0xocdsec i've used this on dozens of networks and never got detected my the IT teams, i've never seen MACSEC implemented anywhere, and from what I've seen, it's a PITA to implement and practically impossible for most companies
@0xocdsec this reuses the MAC from the device you mitm so I'm not sure you will see any obvious difference at layer 2 either. running stuff like responder or any network spoofing attacks on such implants is usually considered a bad idea and an instant giveaway.
@0xocdsec pretty sure you're not supposed to request your own DHCP lease with this kind of implant, aren't you supposed to just impersonate the legitimate device you're mitm-ing ? apart from network stack fingerprinting or MACSEC, there should be no easy way to detect a well done implant
owo sowwy autism made me hack the london subway >w< its not my fault
⚠️ JUST IN: Earth2Star/Operator (@autistic) and Owen Flowers ("Holy") have plead guilty to a hack that caused $39M in damages Earth2star and Owen were caught in 2025 for hacking offenses linked to Scattered Spider, they now face sentencing on July 15th Operator is the same
"Why are you reverse engineering malware on your main PC? Why don't you use a VM? If you used a VM you wouldn't have infected yourself"
french government productivity drops by 1000000%
🇫🇷 FLASH | "On se doit de montrer l’exemple". Sébastien Lecornu a lancé des "dépistages de drogue inopinés et obligatoires" sur les ministres et leurs cabinets ministériels.
@incendiumrockz hey, just wanted you know I wrapped this in a netexec module for pentests and it works well indeed, thanks for this work again
@buzz3r_ cool project! i had the same idea a few weeks ago, but instead of static files, I implemented this through a dynamic FUSE fs so that each functions automatically updates when live reversing the binaries
@BriiHD this is actually common in many sectors like banking
@apiratemoo yeah this seems unlikely to be exploitable in practice, isn't MSRC is usually pretty conservative about exploitability? maybe we're missing something ?
@theluemmel this looks like AI slop, it doesn't mention the fact that the vulnerability requires >50 chars long domain names, and has probably not even been tested against an actual domain controller. see: aretiq.ai/research/vul26…
Toffy @toffyrak
268 Followers 230 Following
Cyprien @wixyvir
201 Followers 392 Following sysadmin, developer and infosec enthusiast. FR || EN Bluesky account: https://t.co/D2m2K4MtZV
Elliptyc @elliptyc
2 Followers 802 Following
Allele Security Intel... @alleleintel
1K Followers 2K Following Allele Security Intelligence is an independent company specializing in Information Security research.
Nancy Q @meziyet1786451
5 Followers 658 Following crying to playlists in the dark 🎧 follow back always
Everton Patitucci @epatuti
179 Followers 2K Following Tinkering with low-level, security, gfx, and perf @ Activision
Shayan H. 🇺🇸�... @shayanhl
375 Followers 1K Following CS grad | AI Engineer | Micro-SaaS Evangelist.
Jeremy C. @Jerrawik
16 Followers 7K Following
pirate.moo @apiratemoo
7K Followers 4K Following \x6d\x6f\x6f\x62\x69\x74\x63\x68 I break things for a living. Opinions are my own.
MuMu @mumu4ctf
47 Followers 100 Following Security learner from Taiwan, post learn progress or other cool technical. DC: _._.mumu._._
sid @sid2822
0 Followers 59 Following
Fāter מיכאל @MichaelFater3
13 Followers 105 Following
voydstack @voydstack
2K Followers 1K Following VR @Synacktiv | CTF with @RMUBYGG, @Hexagonctf, @ECSC_TeamFrance 20/21/22/23/24
bl4ck4rch @bl4ckarch
229 Followers 430 Following Security Researcher & Pentester at @orangecyberdef | CTF enthusiast | @hackthebox_eu MVP 2025
Lalit_m3c4 @Lalitbhosale6
54 Followers 1K Following Lets H4ck | Pentest | Research | Bounty | CTFs | Researcher 🄱🄴🄻🄸🄴🅅🄴 🄺🄰🅁🄼🄰
CTI Updates @CTI__Updates
690 Followers 2K Following Updates about all things threat intelligence & updates about stuffs going on in the cybersec, ransomware, OSINT, SOCMINT, and hacking communities #threatintel
ice @ice98079542
60 Followers 4K Following
Gabriel (Umanhonlen |... @sudosu01
1K Followers 2K Following You are the strength behind the system | CVE-2025-63289 | Cyber Security Professional | Security Researcher
Lucio Almeida @lucio_c_almeida
256 Followers 651 Following
HKEY @HKLM_SYSTEM
2K Followers 5K Following #Bayern in my DNA ||👨💻 CloudSec Engineer ||wanna be Pentester and Vuln researcher| C, PHP 🤡 dev
pfiatde @pfiatde
2K Followers 1K Following "Every machine is a smoke Machine if you operate it wrong enough" RedTeamer by day, sleeping at night! https://t.co/ZcTfWHeGZO
Jordan - JCXYZ @TheLastHuntsman
52 Followers 483 Following Unc / Technowizard / 'Software Engineer' In his mad scientist era🦾 Building solutions to problems with lightning and magic sand🧙♂️
hanlon’s mortola ra... @rhizomaticthot
888 Followers 656 Following special interest librarian at the second amended and restated Xerox PARC successor corporation holding company
gelid氷 @_gelid_
52 Followers 3K Following
Onede Sela @OnedeS7629
0 Followers 65 Following
Mikhail Klyuchnikov @m1ke_n1
5K Followers 151 Following n1 | Security Researcher at Positive Technologies | OSCP, eWPTX
Zoro @work_zoro
0 Followers 28 Following
m @m_7uk5
15 Followers 190 Following
Luke Jahnke @lukejahnke
3K Followers 6K Following
Vivien @VivienTouvier
303 Followers 1K Following
Anderson Nascimento @andersonc0d3
4K Followers 6K Following Director & Security Researcher @alleleintel
jskew @jskew2012
22 Followers 2K Following
test domain @User2Micro
703 Followers 5K Following
SinSinology @SinSinology
13K Followers 741 Following Pwn2Own 20{22,23,24*2,25*3,26*2}, i look for 0-Days but i find N-Days & i chase oranges 🍊
bik3te @bik3te
338 Followers 1K Following
El Coco @elabricotio
15 Followers 161 Following
DuckywantDucky @DuckyWantDucky
798 Followers 1K Following
Tanner @wbmmfq
1K Followers 562 Following Senior Security Operations Analyst @HuntressLabs | @[email protected] | Views my own, obv.
Melanie Keenan. Tiffa... @melanie_ti21561
8 Followers 269 Following
︎ @0xocdsec
4K Followers 8K Following ︎ 🏴☠️ 🇪🇺 💚 🇺🇦 | computers & features | 💚 🏴☠️ party | 603,628 km² https://t.co/F5dgX7AEoL
Toffy @toffyrak
268 Followers 230 Following
john @nyan_satan
17K Followers 149 Following demonic beast from another era (with F20.0) | https://t.co/W7w9FmL4Fd
CodeX @codex_tf2
2K Followers 218 Following advanced persistent clown 🤡 📕 redteam blog: https://t.co/ihAv2kFvUj 🛠️ github: https://t.co/VhmOUAVF3R opinions are my own
Eric Woodruff | MVP |... @ericonidentity
2K Followers 736 Following Chief Identity Architect @SemperisTech. Microsoft Security MVP, Entra nerd. Part-time hiker, full-time dad and partner. Opinions expressed are from my cat.
Silky @S1lky_1337
1K Followers 459 Following German IT-Security Researcher | 𝐎𝐒𝐄𝐏 | 𝐎𝐒𝐂𝐏 | 𝐂𝐑𝐓𝐏 | Pentester | Freetime Malware Dev
pleias @pleiasfr
2K Followers 1 Following
Gi7w0rm @Gi7w0rm
19K Followers 821 Following Threat Intelligence Analyst | Projects: https://t.co/azRpNg9NJQ & https://t.co/SyvUfXpbmI | If I post false intel, contact me! Support me: https://t.co/5WgDqr0K8p 🇪🇺🇩🇪🇺🇦🌈
Andrew Northern 𓅓 @ex_raritas
5K Followers 1K Following 🔮 Principal Researcher at Censys ARC 🔮 | formerly Proofpoint | Knowledge Piñata 🪅 | Attack Chain Connoisseur | Aspiring Stoic
𝚊𝚕𝚔𝚊𝚕�... @alkalinesec
3K Followers 598 Following mobile security / symbolic execution. opinions are mine. @[email protected] . he / him
Nellies Nest @Nellies_Nest
35K Followers 75 Following Web Comic Artist Smeller Of Armpits https://t.co/iJM4rSMA4P
BeyondTrust Phantom L... @btphantomlabs
311 Followers 44 Following Phantom Labs™ is driving innovation with cutting-edge threat research, vulnerability discovery, and real-world security insights.
REcon @reconmtl
18K Followers 708 Following REcon: Annual reverse engineering and security conference held in Montreal.
Alice @AliceInDisarray
757 Followers 23 Following professional antagonist and part time narcissist. all opinions are of my own, because that's how opinions work. ex GSM engineer. Feds were after me
Allele Security Intel... @alleleintel
1K Followers 2K Following Allele Security Intelligence is an independent company specializing in Information Security research.
cr3ghost @cr3ghost
3K Followers 378 Following A university student who likes C/C++, reverse engineering, exploit dev, deobfuscation, detection engineering, anti-cheats, malware analysis, threat intel.
OS Dev @OSdev_
4K Followers 896 Following Senior Engineer @Qualcomm - Performance Engineering | Windows kernel | C/C++ | ARM64 | CPU & Memory Microarchitectures | SoC's
Worawit Wang @sleepya_
2K Followers 39 Following
lief-project @LIEF_project
2K Followers 1 Following Official Twitter account for LIEF - https://t.co/wVwUSWbGjy Discord: https://t.co/UUUIrtZIbs
Romain THOMAS @rh0main
4K Followers 943 Following No longer here. https://t.co/7pANImx70w https://t.co/uhAhqoJWhH https://t.co/9MSpkLkKPz
Everton Patitucci @epatuti
179 Followers 2K Following Tinkering with low-level, security, gfx, and perf @ Activision
zzz on i2p @i2p
6K Followers 194 Following I2P Anonymous Network -- GPG: 2D3D 2D03 910C 6504 C121 0C65 EE60 C0C8 EE72 56A8
ς๏гєɭคภς0�... @corelanc0d3r
26K Followers 607 Following Corelan | Infosec Researcher&Trainer, Hacker | Outgoing Introvert (INFJ-A) | Book lover | Fountain pen affictionado | Chess amateur | Foodie | 🖤
_SiCk @encrypted_past
3K Followers 467 Following Meow. Probably the closest thing to an APT without breaking the law. Adapt or Die. SAUCE boss. VR, Kernel Exploits, Firmware Feline. Romans 1:27-29
Anderson Nascimento @andersonc0d3
4K Followers 6K Following Director & Security Researcher @alleleintel
pirate.moo @apiratemoo
7K Followers 4K Following \x6d\x6f\x6f\x62\x69\x74\x63\x68 I break things for a living. Opinions are my own.
Random832 @Random832
409 Followers 511 Following
kuzushi @kuzushi
2K Followers 638 Following guadalajajaja offensive ai @bugcrowd phd candidate @udegcucei board: @cactuscon @hackgdl ex: @bishopfox @spiderlabs opines are mine - sola gratia
reverseame @reverseame
22K Followers 1 Following RME-DisCo research group from University of Zaragoza. Special interest on software and systems security. Link to our Telegram channel: https://t.co/UmkcXVG8MU
Essential @only01Essential
3K Followers 95 Following Bug huntoor GoLang | Rust | Move | C++ | Solidity
Cantina 🪐 @cantinasecurity
19K Followers 0 Following Cantina is an agentic security operating system that handles it all, from detection to remediation, autonomously. Check it out @ https://t.co/De6Z1HZK4h
The Dustin Childs @dustin_childs
2K Followers 350 Following Parked account. I usually post stuff over where the sky is blue.
Katie🌻Moussouris (... @k8em0
110K Followers 10K Following @LutaSecurity CEO @payequitynow MIT&Harvard visiting scholar, @MasonNatSec fellow, 1/2 Chamoru, hacker @k8em0.bsky.social Legacy blue check
Ivan @Ivanklydz
571 Followers 88 Following Security researcher with deep focus on vulnerability detection. 2 google bug bounty awards.
Dominic Chell 👻 @domchell
18K Followers 553 Following Just your friendly neighbourhood red teamer @MDSecLabs @nighthawk_c2 | Creator of /r/redteamsec | https://t.co/3k3EBAZqGd | https://t.co/KwO2OwDOkl
𝚔𝚒𝚖𝚖𝚢.... @kimmydotzip
9K Followers 1K Following Highly Unprofessional | Cyber Treat Actor | Hardcore Wholesome | Hackery Type | Failed Man | Polyam | XY(ZZY) | Taller than you | Threat actors say I'm hot
Keith Ramphal @KeithRamphal
418 Followers 509 Following https://t.co/mC1FmHzlwr Reluctant Mathematician (No relation to the chef on Instagram)
CryptoCat @_CryptoCat
9K Followers 228 Following Security Researcher @rapid7 😈 Hacking Content @ https://t.co/U7jVhNr9sC 💜
























