Graham Helton
@GrahamHelton3
Followers
6,979
Following
448
Media
1,063
Statuses
4,105
Red Team Specialist @Google :wq He/him
Your Cluster
Joined September 2018
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
#Kalki2898AD
• 295363 Tweets
BENVENUTA A CAPRI JENNIE
• 100315 Tweets
連続テレビ小説
• 89225 Tweets
Abema
• 73165 Tweets
Yolanda Díaz
• 67043 Tweets
AG SPACE LIVE WITH BUILD
• 66450 Tweets
世界配信
• 42256 Tweets
FAYE HEART SOLO COVER
• 39663 Tweets
12Days Left Kabir Prakat Diwas
• 36989 Tweets
#TOBE
• 33489 Tweets
1st Time with MUMUTOFU
• 33240 Tweets
#どうなるでSHOW
• 24753 Tweets
#アンメット
• 23014 Tweets
システム再構築
• 22900 Tweets
ティザー
• 20861 Tweets
システム全体
• 19416 Tweets
篠澤広の肋骨
• 18234 Tweets
封神演義
• 18087 Tweets
#ツダケンお誕生日会2024
• 17790 Tweets
メビちゃん
• 16358 Tweets
スラムダンク
• 13130 Tweets
What are some tools you can't live without? Here are a few I use:
1. Bpytop: A better version of the Linux `top` command
119
804
5K
I think I'm just going to put my entire phishing course on Youtube for free... 👀👀👀
27
47
659
🚨Free Stuff🚨
It's my 23rd birthday. Lets celebrate by giving away some free training. Two
@TCMSecurity
courses + a
@nostarch
book of your choice. I've been lucky enough to get most of my training paid for, the least I can do is give some away.
To enter retweet and/or comment!
328
584
613
I am once again asking why everyone is not freaking out that you can authenticate to a windows machine with the hash of the password that is sent to you if someone types in the wrong SMB fileshare name.
25
73
592
I spent entirely too long explaining every useful feature of SSH. This includes:
- Local,Reverse, and Dynamic Portforwards
- Jumphosts
- SSH config file
- SSH helper utilities
- The SSH ~C console
All with pictures to help you follow along. Enjoy :)
6
148
532
🚨 I'm super excited to announce the project I've been pouring all of my free time into this past month.
The Kubenomicon: An open source offensive security focused threat matrix for kubernetes with an emphasis on walking through how to exploit each attack. Get more info below!
10
121
504
I'm super excited to announce that I'll be joining
@Google
(Google Cloud) as a Red Team Specialist at the end of the month :)
55
4
463
Some random thoughts on what I've learned over the past few years of doing cyber security. A thread 🧵
15
83
401
Weekend reading just showed up. Figured I should know how Active Directory is supposed to work instead of just how to break it.
14
26
388
As promised, I just released my entire phishing course for free.
I'll also be uploading content more regularly to help people either get into security or advance in their security careers. Let me know if there is anything you want to see me cover! 🪝🐟
I think I'm just going to put my entire phishing course on Youtube for free... 👀👀👀
27
47
659
6
112
343
Just posted a massive blog on my experience job hunting in these strange times that ended in me getting hired on Google's red team. It's basically a long list of "lessons learned" from my 5ish month long job search. Enjoy!
8
73
343
Lots of people talk about creating a blog if you're in this field, but I never quite new why it was so important until I started one. I decided to lay it all out in part 1 of "Why you should create an infosec blog"
13
57
304
If you had to choose between learning C and Go which would you learn for malware development?
94
24
293
@IanColdwater
I once tired to explain to the vet why I named my cat /etc/
My cat's name on the vet records still ended up being "Etsy"
6
9
295
You don't need to know how to code to get your first security job. But if you're looking to land a more technical job in the future or automate your current job it can be helpful. Here is some advice that has served me well: 🧵
4
47
256
Working in security is an endless battle between learning and forgetting information. I've recently realized on of the most important decisions I made early on to combat this was learning to take notes in markdown. A Thread🧵
12
32
247
2. Flameshot: Without a doubt the best screenshot utility. (Yes, even better than greenshot)
5
7
241
Here's a hot take:
I fear a hacker who uses a generic distro such as ubuntu (or, god forbid, arch) more than a hacker that uses kali.
37
17
237
Super excited to launch my course Practical Phishing Assessments. Huge shout out to
@thecybermentor
and
@TCMSecurity
for making this a super easy process! Full disclosure, if you use this link I get a little more money than if you buy from the store.
6
34
232
Want to highlight text in a file but still see the rest of the file contents? Very helpful grep command:
grep --color 'LOOKFORME\|$' file.log
7
42
225
Why is a nice wooden plaque no longer an option considering each class is nearly $10,000?
Old certification on the left vs new certification on the right.
@SANSInstitute
31
15
225
One time I was doing a CTF and identified a hashed password in a configuration file. I spent the next couple hours trying to crack the password but never end up cracking it.
Come to find out the "hash" was the plaintext password...
This still haunts me to this day 😭
10
4
225
What are your 2022 security goals?
Here is mine:
- PNPT
- First two blocks of SANS masters
- GSEC
- GCIH Incident Handling
- GSTRT IT Security Leadership
- GDSA Security architecture
- SSAP Managing Risk
- GCIA Advanced net. Intrusion
- 12 (meaningful) Blogs
- OSCP
26
16
217
Learning shouldn't stop when you pass a certification exam.
7
14
201
Hi. Enjoy some quick proof of concept code to steal a WiFi password with a certain IOT device running on it.
5
31
194
Phishing course update: I've decided to pull practical phishing assements from both
@TCMSecurity
and
@udemy
: A thread 🧵
10
10
167
Passed GSEC with an 84%.
A thread of what I learned! 🧵
16
1
159
Pentesting in non-internet connected environments can have some challenges but one of the most frustratingly simple ones is running python tooling that requires installing dependencies from ✨ the internet ✨
Here is one of many ways you can ease this burden:
4
24
158
Had someone reach out and ask how to learn web app pentesting. This is all you need to be deadly in web app pentesting. If you learn everything that
@PortSwigger
has available (for free) you will know exponentially more than most webapp pentesters.
4
25
151
I'm starting my PNPT shortly. I'll be updating this 🧵 every hour or so. (Obviously very vague updates as to not spoil anything) Hopefully you can learn a little bit about my methodology:
12
15
152
I've been living and dying by this list recently. It helps immensely with tracking what I need to learn and what I should be working on.
9
7
150
Here is part two of my phishing course. If you haven't seen part 1, make sure you view it first for a quick into to why I'm releasing it on Youtube.
This is the same course that was on
@TCMSecurity
but is now free. Part two will be up tomorrow, enjoy :)
3
31
143
3. Peek: A lightweight gif recorder that just works.
1
7
139
Starting my C learning journey today. Wish me luck. Send coffee.
15
2
142
Alright, I hate twitter threads as much as the next person but I have some info that I wish I knew when looking for InfoSec jobs🧵:
7
23
133
If you're not reading the Data Breach Investigation Report each year, you really should consider it.
2
33
137
Here's the long awaited part two of "Why You Should Create an Infosec Blog" In this part I go into excruciating detail of 𝐡𝐨𝐰 to create a blog. Enjoy.
Now if you'll excuse me I need more coffee.🥱
8
16
132
Over the last year or so I have been working on some research into the world of punycode domains. These domains allow you to purchase a domain like ỵoutube[.]com. Here is what I learned, I hope you find it as interesting as I did. Excited about this one.
3
32
130
I made an open source tool called Spoofpoint, a domain monitoring tool that allows your to check a list of domains to see if they exist and if they have email MX records which would allow them to send email, the first indication of a
#phishing
attack.
7
34
123
6. Vagrant: Easily spin up virtual machines for testing. I'm working on a blog on this right now, it is incredibly useful.
8
6
118
It's been a long week, what better way to turn that around than to give away Practical Phishing Assessments for free. Use ITSBEENALONGWEEK to get the course for FREE. If you like the course, consider funding my caffeine addiction :)
10
32
120
Here is an unsolicited mindmap I made for how to pass a SANS course (or really any course)
7
17
117
I'm so honored to have found my course on a pirate site. If you're going to steal my content at least make it free and don't charge the same price as udemy lmao
10
3
114
@thecybermentor
Second half should be dropped for free but you have to find it using OSINT from the first half. 👀
8
0
115
One of the more useful cheat sheets I have seen.
Best of Linux Commands for OSCP
Credit
@b0rk
#infosec
#cybersecurity
#pentesting
#ctf
#oscp
#windows
#cheatsheet
#redteaming
1
348
912
0
21
111
5/5 For example: Don't really know what Active Directory is? Make a note called Active Directory and spend an hour learning the basics. The goal is not to become and expert, just familiarize yourself with what people are talking about. Find it interesting? Learn more, do a lab
3
2
110
Was just talking to someone very early in their security career about "bullet proofing" their career.
I don't claim to have all the answers to every situation, but looking back on what has worked for me (and what didn't), here is the advice I gave:
4
11
109
4/5 The over arching theme I heard when trying to get into security was to learn X. The best idea I ever had for my career was making a list of all the words I kept hearing but didn't understand. Then when I had free time I made a roadmap for learning that technology/tool/etc
5
4
110
I've been putting a ton of time into my upcoming
@bsidesatl
talk on how to build an actually useful note taking system
I'm also going to be releasing an insanely detailed blog post detailing everything I do to make the most out of my notes. Should be released in the next 2 weeks
5
11
107
2/5 The reason OSCP or eCPPT or PNPT or eJPT or whatever certification is valuable to an employer is not because the cert teaches you some profound knowledge you can't get elsewhere... It's because it shows that you're willing to sit down and work through difficult material.
1
5
99
4. I3wm (window manager): A window manager that automatically tiles your windows and has a very easy config file that defines everything you need. When I use I3 I very rarely have to use a mouse.
4
3
97
1/5 I'm convinced that capacity to sit down and follow a checklist to learn a topic or technology is the only differentiator between people who are good at security and people who are not. Yes, lots of thing are complex but you don't need to be an expert in every tool/technology.
2
5
96
The other day I went down the rabbithole trying to figure out what SSH-Agent does and how you can abuse it to move laterally across a network (and bypass private key passwords). Enjoy.
2
20
89
🚨 New tool 🚨
I wanted a secret searching tool that made identifying potentially sensitive information on a Linux system easier so I wrote Dredge.
Dredge is a tool for finding and logging secrets on a filesystem for manual inspection...
4
22
93
🚨 New Blog Post 🚨
Part of being a a good red teamer is avoiding showing up in logs. In this blog I share what I learned after investigating how logs are generated in Kubernetes.
Turns out there are some detection mistakes that are very easy to make... Check it out 👇
1
14
93
PNPT starts tomorrow. Excited to take a break from these business focused certs.
11
0
88
Thanks to everyone who listened to me rant for an hour about how to take effective notes in this strange field
@bsidesatl
My entire talk (and much more) can be found here:
4
8
88
I made a quick tool to catch attackers hacking into your cloud applications called IMDSpoof. Its a cyber deception tool that spoofs the AWS IMDS service to return AWS HoneyTokens (such as from
@ThinkstCanary
) that can be alerted on
You can see more here:
3
21
84
As I'm re-reading Hacking APIs by
@hAPI_hacker
(Which everyone should read)
Here are some quick summaries of the 10 common vulnerabilities you will find in API pentesting. A Thread 🧵
1
16
82
5. Vimium firefox extension: Allows you to control your browser with vim keybindings. I can't use a browser without it.
8
1
79
If you're a cybersecurity company and you're not making branded electric toothbrushes to put into conference swag bags, you're missing a golden opportunity.
6
11
80
RE: New GSE requirements.
I am no longer eligible for the GSE even though I have 8 SANS certs.
This is a reminder that you can step off the certification hedonic treadmill at anytime.
Use the time and money you save doing cool stuff in your homelab and blogging about it.
6
9
79
@JackRhysider
DPAT is a cool blue team tool to analyze passwords. It will give you a report of various password patterns.
1
8
75
I've just published my blog on Vagrant. This blog attempts to reign in all the disparate knowledge I've acquired over my time working with Vagrant into once concise place.
Vagrant has made a lot of work I do much more efficient, I hope you find it useful!
4
19
77
Passed my cloud security automation class today which puts me at 69% done with my masters...
3
0
77
I have a secret... I started a side company called Low Orbit Security fairly quietly a few months ago to do security work through.
The goal is to take on work when I want for clients I want. So far I've succeeded in both of those goals and have already done ~300 hrs of work :)
7
0
73
I passed GXPN this morning with previous 0 experience in exploit dev and assembly.
Most proud of myself for not letting the studying consume my life for the past few months.
The look on my face when I clicked submit and it said "certification passed":
10
2
76
Check out my blog on how to use Spotify from the terminal like a true Linux elitist. I spent a while tinkering with this and found a lot of the documentation out there was lacking so I made my own.
4
5
73
You can get certifications and experience at the same time. Certifications are simply a formalized way of learning.
Do you need them to learn something new? No. Are they a bad way to learn something new? Also no.
Never discourage someone from learning something new.
1
4
70
@whitecyberduck
Honestly if you're using chatGPT to write small scripts for you... more power to you. This seems odd.
1
0
66
5. I've been evangelizing creating your own blog for a while but it really is super important in our field. In the words of
@_JohnHammond
"Show your work". You can read more about why you should start a blog here.
4
11
64
@JackRhysider
I love my
@Leatherman
skeletool. I've had it for years and is the perfect balance of small but useful.
4
5
65
This post is a fantastic overview of Kubernetes security. We really appreciate your work
@redcanary
🫶🐦
2
13
66
Something I've been thinking about: Would you recommend using Kali to someone just getting into security/IT? I'm slowly beginning to lean more towards just recommending Ubuntu or Mint and showing people how to install tools from scratch and learning how to use github. Thoughts?
26
3
65
Doing some auditing/testing of an IOT device I recently got to see if there's any 🚩🚩🚩 with its security. New blog post on it soon.
2
1
63
Reading up on CVE-2024-0204:
> Using "Advanced tooling"
> findstr /s "InitialAccount" .\*
💀
3
9
63
Practical phishing assessments is now live on udemy for those who would like to purchase on there. Use this link and I'll get a few extra $$ :)
5
10
64
I will not spoof someone's MAC address to get free wifi on the plane...
I will not spoof someone's MAC address to get free wifi on the plane...
I will not spoof someone's MAC address to get free wifi on the plane...
5
7
62
Passed GDSA this morning. That puts me at slightly over 50% done with my masters degree 🥳🎉
9
2
62
Someone gave me some career advice a few months ago and it has been immensely helpful so I thought I would share.
There are three important factors to moving up at an organization.A thread because of character limits: 🧵
4
11
62
Doing
@hackthebox_eu
machines is such a great way to learn a wide variety of different technologies.
5
1
61