Tib3rius
@0xTib3rius
Followers
56,724
Following
445
Media
782
Statuses
9,815
Web App (mostly) Hacker | OnlyFeet Member | Cybersecurity Educator | AutoRecon Dev | Ex-Brit | Links: (he/him) 🇺🇸
Burp Suite Pro
Joined July 2019
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Rio Grande do Sul
• 193799 Tweets
Madonna
• 145897 Tweets
Bucks
• 69080 Tweets
Dame
• 57177 Tweets
#虎に翼
• 49403 Tweets
Pacers
• 38376 Tweets
#ラヴィット
• 35641 Tweets
憲法記念日
• 33375 Tweets
Vitória
• 32427 Tweets
#911onABC
• 27918 Tweets
bruno mars
• 27731 Tweets
憲法改正
• 24187 Tweets
FDNY
• 23492 Tweets
Tiffany Titan Launch
• 23395 Tweets
Dua Lipa
• 21171 Tweets
Pabllo
• 20497 Tweets
Giannis
• 19063 Tweets
Anne Hathaway
• 13819 Tweets
Lillard
• 13444 Tweets
DANNY OCEAN
• 12801 Tweets
#SnowMan結成12周年
• 12306 Tweets
Bruins
• 11609 Tweets
浮所くん
• 11022 Tweets
Last Seen Profiles
Pinned Tweet
Use coupon code TWITTER to get 25% off my courses (and bundles) at my website or
@Hackers_Academy
:
Or use coupon code DEC2023 on Udemy:
#OSCP
#InfoSec
#CyberSecurity
Please share!
3
6
48
I'm a penetration tester with 10 years experience, specializing in web application security. I have an MSc in
#InfoSec
, created AutoRecon and two popular PrivEsc courses for the
#OSCP
labs/exam. I stream on Twitch and create
#CyberSecurity
YouTube videos too.
Ask Me Anything! 😊
194
163
1K
PSA: If you make fun of someone because they were excited about getting root on a CTF box you found "so easy", you're an asshole.
29
119
1K
@HackingButLegal
What's extra sad is the people in the replies suggesting she go by a gender neutral name on her actual CV, which yeah, might work to get her interviews, but it's not fixing the actual problem.
5
8
1K
Just got asked a great question by a student: “why do you use port 53 for your reverse shells?”
Based on my experience, having tested a number of firewalled environments, port 53 is the least restricted port for exfiltration, shells, etc. because most services rely on DNS.
#OSCP
27
218
1K
If you want good examples for SQL injection, use these.
Auth Bypass: admin'; -- -
SELECT * FROM users WHERE username = 'admin'; -- -' AND password = 'password'
Boolean: ' AND '1'='1 / ' AND '1'='2
SELECT * FROM articles WHERE author = 'admin' AND '1'='1'
OR 1=1 should not be the go-to example for SQL injection. I understand why it is, but using it without mentioning the risks is teaching bad practice.
OWASP, Portswigger, Wikipedia, Rapid7, Snyk etc. are all doing it.
I'm gonna die on this hill. 🤬
39
123
734
18
244
1K
It's me!
I'm delighted to announce that on October 10 I'll be joining
@TCMSecurity
in a hybrid role as a pentester and content creator!
Can't wait to help educate more of the next generation of Cybersecurity!
Did you hear the news? 👀
We've got another absolute rock star joining our team soon!
This year for TCM has been legendary, and we still have a little over 3 months left. What else can we make happen?
Happy Hacking, everyone!
6
8
168
91
61
1K
The xz backdoor was only discovered because a nerd was benchmarking their SSH logins.
In short...we were fine, we were always going to be fine.
9
84
1K
Are you an
#OSCP
student that, like me, couldn't find any decent buffer overflow binaries with badchars other that \x00, \x0a, and \x0d? Want to practice for the exam without setting up your own VM? Well here's a new (free)
@RealTryHackMe
room for you:
25
254
876
I have 7 free coupons for my Windows & Linux
#PrivEsc
courses that expire in 4 days. To win one, like & RT this tweet in next 24 hrs.
If you don't win you can get the courses for $14.99 each here:
#OSCP
#InfoSec
#CyberSecurity
39
618
767
Fellow hackers, what are your favorite repos? Could be a tool you use daily, an epic script you used once, a collection of cool resources, etc. I'll start us off:
#CyberSecurity
#InfoSec
#Hacking
21
233
787
I was wondering why an Nmap scan was taking so long and it turns out I forgot to press enter. 🤦♂️
32
30
761
Ethical hackers, wearing dark hoodies and hanging out in server rooms since the dawn of computing. 🙄
#Cybersecurity
#InfoSec
#Hacking
56
52
739
OR 1=1 should not be the go-to example for SQL injection. I understand why it is, but using it without mentioning the risks is teaching bad practice.
OWASP, Portswigger, Wikipedia, Rapid7, Snyk etc. are all doing it.
I'm gonna die on this hill. 🤬
39
123
734
Here's the thing. I care about this community. If a group within this community feel like they are being treated unfairly and voice their concerns, I listen to them and try to help by amplifying & defending whenever I can.
If you can't stand the occasional few tweets about the…
50
47
746
@lauriewired
Unethical life pro tip: program delays into everything you write so whenever you need to look impressive you can tell you boss you "dreamed up a faster way to implement x function", then remove the delay and look like a coding God.
7
18
715
This kinda blew up. 😅 The answer is no, there isn't anything insecure here (in terms of vulnerabilities). The code was purposefully written to look vulnerable to SQL injection, but Flask actually prevents any non-positive-integer values of "foo" from ever reaching the SQL.
Of…
33
64
585
Imposter syndrome is where you think you're an imposter but your peers say you're brilliant.
When you think you're brilliant but your peers say you're an imposter...you're an imposter.
16
71
567
A puzzle for anyone interested. Assuming you have no other access to the server this Flask app runs on, is it possible to get full command execution (e.g. a reverse shell)?
#Cybersecurity
#InfoSec
30
67
548
Ok, I have 9 copies of each of my PrivEsc courses to giveaway on Christmas. Winners will be randomly selected. To enter you just need to be following me and also retweet this tweet.
64
748
537
100 internet points to people who can give me reason(s) why the SQL injection:
' AND '1'='1
can often be better than:
' OR '1'='1
28
67
487
I dunno how unpopular this opinion is going to be, but in my view, if you create a *screenshot* that:
1. is of 100% publicly accessible information
2. contains no transformative content (e.g. labels, arrows, boxes, heck even highlighting)
You shouldn't be able to make some kind…
We would like to issue an apology to
@HaxRob
, even though he won't be able to see this post because he has blocked us.
Recently we discovered that the images used in our xz backdoor tweet, which gained a monumental amount of traction on Twitter, were initially his photos.
He…
42
53
1K
6
19
483
SQL Fiddle () and DB Fiddle () are underrated resources if you want to play around with SQL injection concepts in multiple database variants.
6
126
446
The InfoSec community on Twitter has the occasional drama, but every day I see people helping and encouraging each other. You're all amazing. 😊
13
27
441
More SQLi tips! If your input causes a server error (e.g. 500) when you inject a ' (for example) but you don't get reliable results using boolean inferential injections, try these payloads which should trigger the 500 when the red condition is true.
#bugbountytips
#Cybersecurity
13
118
440
Are there any security vulnerabilities in this code? If you think there are, please provide a proof of concept and if possible, an explanation.
Assume unauthenticated users are authorized. Negative points to anyone who thinks Python or Flask is a security vulnerability. 🤨
39
34
442
This is absolutely insane. Tried it on a TryHackMe box with a known LFI and got full command execution using only php filters. 🤯
Converting LFI into RCE by chaining PHP encoding filters - superb research by
@_remsio_
!
17
307
898
2
76
428
Last Friday was my last day at
@TCMSecurity
. Nothing bad to say about the company or the people who work there, they are doing awesome things. My departure was for personal reasons.
Had fun and enjoyed the content I made along the way. Not sure what comes next but I'm taking a…
28
14
430
More SQLi tips.
1. Append a ' or " to a valid param value.
2. If the response changes, replace the ' or " with each of these in turn (sub ' with " as needed):
' '
'||'
'+'
3. If you get the original response back, you likely have SQLi.
#bugbountytips
#Cybersecurity
#InfoSec
8
99
398
You literally charge $8,000 for a
#Cybersecurity
bootcamp course. If I paid $8,000 for that and ended up as a sysadmin, I wouldn't be in poverty, sure, but I'd be pissed that my new job isn't actually in Cybersecurity.
46
20
397
Imagine being so insecure that the only form of "hacking" you consider to be "hacking" is the one you just so happen to be good at.
Don't gatekeep the term.
Social engineering is hacking. It's been referred to as "hacking the human" / "human hacking" for years.
26
38
394
I'll be doing a Black Friday / Cyber Monday deal for my PrivEsc courses. $9.99 each (unfortunately the best discount Udemy lets me do). However I might also release a limited amount of 100% off coupons on Twitter so snag one if you can. 🙂
19
39
381
Would anyone be interested in a Burp Suite AMA stream? i.e. I fire up Burp, we get something like OWASP's Juice Shop loaded, and then chat can ask "how do I do x, y, z in Burp?". Maybe we can even code an extension live...
41
31
387
Give me a web vulnerability and I'll try to describe it in 3 words.
#CyberSecurity
#InfoSec
124
44
369
I live in fear that this will be the cleverest joke I'll ever think up.
12
15
389
Fun fact: it's ok to look at walkthroughs of boxes if you get stuck. The more you do it, the less you'll need to. It's also helpful to find out that you're doing it right but the box isn't working properly. Happened to me on stream the other day, time saved for everyone.
16
44
371
AutoRecon v2 is officially released. The README has been updated. I am working on documentation for the plugin system, but most people won't need that.
Huge thank you to everyone who helped beta test it.
4
104
359
Last week I reached a financial milestone on Udemy and today I reached 13,000 total enrollments, so I figured its probably time to once again thank everyone for the support, encouragement, and feedback. Never thought I'd get to this point and I appreciate you all. 😊
13
7
355
Here she is, after about a month of late night and weekend development, AutoRecon v2 (beta):
Documentation will be updated over the next week or so, but for now please try it out and report any bugs and/or improvements.
#OSCP
10
92
353
Would anyone be interested in a stream where I do a simulated web app pentest against OWASP Juice Shop ()?
35
18
348
Just had the realization that people who don't use military time (24hr clock for non-Americans) are unaware of the mini celebration we have at 1:37 pm if we happen to glance at the time.
It's tragic. You poor people. 😩
20
23
351
If you're looking to start or further your career in
#InfoSec
, consider joining the InfoSec Prep discord server:
I joined it back in 2018 when I was doing my OSCP. We now have 15k members and close ties with many certification orgs!
7
52
344
I'm aware I cough/sniff a lot on my videos/streams. A few people have left nasty comments about it. There is a medical reason for it. One day I'll discuss it in more detail. Right now, it's nobody's business but my own. Try to enjoy the content regardless, or just don't watch. 🤷♂️
53
5
342
No Googling. What do you think this python code should output? Then execute it and check.
import os
print(os.path.join("/home", "/tib3rius", "/flag.txt"))
49
55
338
Absolutely phenomenal effort! All my web appsec questions answered in a great deal of detail. Amazing!
3
89
340
Employers that make penetration testers sign non-competes (e.g. no being a pentester for x years after you quit) or "no moonlighting" agreements (effectively blocking you from bug bounties) aren't worth working for, and they should really stop being so absurd.
20
42
339
Not sure if this counts but the fact there's a feature in Burp Pro to make it look like you're working when you're not has always amused me. 😂
Have you ever spotted Easter eggs in Burp? If yes, how many?
Personally, I know one and a half (because the second one doesn't add any functionnality, it's just fun) 🥚
0
1
2
10
34
334
After a pretty intense interview process, including live hacking a web app on Zoom, I got offered a job and accepted. Thanks everyone! 😊 Great way to end the year, especially this year.
I'm currently looking for a new position if any of my followers are aware of any. Would prefer 100% remote work, web app focused. I have 8 years of experience pentesting, so looking for a senior role. I would also be fine with more management type roles like a team lead.
17
81
225
37
3
326
If you aren't using
@albinowax
's Param Miner tool on every web app test, you are missing bugs. Last week I found a secret URL parameter that reflected its value into JavaScript code, which resulted in XSS.
#bugbountytips
5
53
323
A year ago I had a few hundred followers, and today I passed 15,000. Has been a crazy year but am glad I'm making content that so many of you enjoy! Here's to the next 15,000! 😁
12
10
321
Ok, so after 2 "looks insecure but isn't" code examples I threw a curveball and gave you something that looks secure but actually contains a significant vulnerability.
Even still, some people were convinced that directory traversal was possible. So far, nobody has come up with a…
Are there any security vulnerabilities in this code? If you think there are, please provide a proof of concept and if possible, an explanation.
Assume unauthenticated users are authorized. Negative points to anyone who thinks Python or Flask is a security vulnerability. 🤨
39
34
442
15
45
319
FYI, I have a free Buffer Overflow Prep room on
@RealTryHackMe
aimed at OSCP-level BOFs:
I also have an timestamped walk-through on YouTube:
Several students say it helped get their
#OSCP
exam BOF time to under an hour!
#InfoSec
8
60
317
As someone with two tech/cybersecurity-related degrees and over 10 years of pentesting experience, I can confidently say this to recruiters and hiring managers:
If you dismiss candidates who only or mainly have bug bounty experience, you do so at your own peril. Times have…
13
29
315
@vxunderground
@haxrob
What a stupid thing to complain about, not to mention block someone for.
They weren't "photos" in the sense that they required any actual talent to produce. They were screenshots, which anyone could have created since the actual source in each image were public.
🤨
7
1
317
A vendor whose product was a target in Pwn2Own 2023 Toronto released a firmware update the day before the event.
This patched a vulnerability which one of the competitors was planning on using in their attack chain, effectively removing them from the competition before it…
12
20
310
I am currently looking for a remote, US-based, webapp-focused pentesting position. Though I'm not in a hurry, I understand how long interview processes can be.
If you're looking for a candidate with over 12 years experience in the industry, plus the ability to effectively…
20
74
305
I think I should make something clear since multiple people have been contacting me about this.
On no account should you use OR 1=1 in SQL injections…UNLESS…you are
@_JohnHammond
.
👍🏻
6
17
296
Who are some good InfoSec content creators on YouTube? Bonus if they are bug bounty / web app focused. Trying to expand my subscription list. 🙂
32
46
290
One of my students wrote a detailed overview of his
#OSCP
journey. Worth a read for anyone considering taking it or currently taking it!
6
94
287
Men really be going to women pentester's GitHubs, not seeing a lot of code, and then commenting that they were only hired because they were hot.
Not all pentesters are developers, ffs. In fact, most aren't. Most know how to code, but its for single-purpose scripts. In other…
22
16
289
My eldest kitty just died, very suddenly. Will probably take a few days away from social media. Appreciate all the support earlier.
RIP Tyri. ❤️
43
1
287
Today was my last day
@WhiteOakSec
. Have a lot of fond memories and leaving on good terms. Will miss working with the entire team there.
Onwards though, to a new adventure with
@TCMSecurity
creating content for the next generation of hackers! ❤️
10
7
285
"I've never actually written a single line of code." -
@RachelTobac
This was kinda a throwaway line in the interview (which you should go listen to) but I think it's important to highlight you can be extremely successful in Cybersecurity and not know how to code.
Ep 144: Rachel
@racheltobac
is a social engineer. In this episode we hear how she got started doing this and a few stories of how she hacked people and places using her voice and charm.
32
190
910
19
39
282
I haven't talked about my upcoming web app pentesting course for a while here, but I believe I'm still on track to have it finished by the end of the year.
As of today, there's over 500 slides, plenty more to come.
21
23
274
This
@RealTryHackMe
room has taken me waaaay longer than I thought it would to complete, but it's so almost there.
7
27
276
I've recently started playing 5D chess and after finally understanding how the pieces move, I managed to beat the computer with a quadruple checkmate. My bishop is attacking a past king, while my queen in another universe is attacking one king in the past and two in the present.
17
29
273
Thanks
@RealTryHackMe
for the gift! Much appreciated! Advent of Cyber has been a lot of fun this year, glad I was able to be a part of it! 😊
9
4
274
Have finally got around to updating the example scripts on my
@RealTryHackMe
Buffer Overflow Prep room to Python 3.
Check it out if you are doing your
#OSCP
! My methodology can be applied during the exam and will speed up your exploiting!
5
49
277
Happy to announce I’ll be releasing a free Windows
#PrivEsc
room soon on
@RealTryHackMe
to go along with my course. Will include most of the exploits from the course (no kernel exploits) as well as RoguePotato & PrintSpoofer!
#TryHackMe
#InfoSec
8
54
275
FYI, if you're testing for SQL injection against apps using MySQL (and its variants), be wary of these injections:
'-'
'+'
In almost all cases, this will result in our injection being converted into an integer 0. This is because MySQL attempts to subtract / add two strings. In…
5
67
271
I lose a tiny amount of respect for a person when I hear them say "sequel" instead of SQL, and I'm not ashamed to admit it.
😛
84
19
270
I think some people wanted AutoRecon to export to Cherrytree right? 😎
Coming soon...
13
20
271
If you've signed up for my Linux PrivEsc course you'll be receiving an email about the linPEAS / OSCP issue at some point. Apologies if you've already taken the exam, but I felt it would be best to at least try and reach people who may not otherwise know to upgrade their tool.
8
30
268
145
31
257
Burp PSA:
If you want to use a large file of payloads in Intruder, *DO NOT* use Simple list's "Load" feature. Simple list is designed for "simple" lists, and it loads the entire file into a GUI JList. This is fine for small wordlists, but will absolutely become a memory issue…
9
40
261
Anyone have advice on improving public speaking, especially minimizing "ums and ers"?
108
26
249
So you think you know web app hacking? Challenge yourself with 55 (and counting) questions that go beyond the basics:
#Cybersecurity
#InfoSec
#AppSec
#Hacking
#BugBounty
5
75
252
Sorry everyone, you'll have to excuse me while I die laughing.
😄😁😆😂🤣
27
5
251
This is disgusting. If you associate with or support BowTiedCyber and you're even a half decent person, you should denounce him and anyone who thinks this is acceptable in any industry, let alone Cybersecurity.
“She’s dumb as fuck, she might be the horny one tho”
“Should send her to jerry”
“The babies would be a sight to see”
“She’s at least physically attractive”
“I wouldn’t kick her out of bed if she kept her mouth shut”
From BowTiedCybers discord server
Should I continue?
130
111
913
13
31
249
Back in January I started at a new company. Today was my last day. The culture wasn't a good fit for me, and there's not much you can do about that. Was a real shame but I'm onto hopefully better things. 😊
10
2
248
This is your yearly reminder that not everyone wants to learn by searching the Internet, and would rather learn from someone who has compiled that information together into one easily digestible source.
Also, "selling snakeoil" implies there is no legitimate content in this…
This is your yearly reminder that ALL Bug Bounty courses are a waste of money.
The content you need is out there, completely free.
This is selling snakeoil.
Waste of money, waste of time.
👇
16
16
142
23
12
246
Couldn't sleep. Now AutoRecon exports to Obsidian and Joplin (and presumably any other Markdown note-taking app). Will double check and commit code later.
🥱
14
22
246
I have it on good authority that AutoRecon got featured in
@Cyberarms
' new book "Advanced Security Testing with Kali Linux" which was very kind. It's available here:
3
32
240
Notice how he made this about Serena's gender for literally no reason at all.
What JD1 doesn't realize is
#InfoSec
is inclusive and welcoming, just not to charlatans and scammers. That's a good thing.
16
14
239
Considering starting my own "academy" online for my current and future courses. I won't leave Udemy or HackersAcademy, but it would be nice to have my own platform where I have full control. 🤔
19
4
241