Joe Helle - Mayor of Hacktown
@joehelle
Followers
27,855
Following
60
Media
1,106
Statuses
8,847
Proud Girl Dad | U.S. Army Iraq & Afghanistan Veteran | Former Mayor | Penetration Tester | PPG Trike Pilot
t.ly/tMJu
Joined January 2020
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Rio Grande do Sul
• 147269 Tweets
Boeing
• 126570 Tweets
Madonna
• 126523 Tweets
Nathan
• 115745 Tweets
Irak
• 66029 Tweets
Bhuvi
• 32793 Tweets
Marselino
• 24548 Tweets
Bruno Mars
• 23199 Tweets
#CHETOT
• 22128 Tweets
#الاهلي_ضمك
• 19339 Tweets
Guinea
• 18448 Tweets
زياد
• 18049 Tweets
Ange
• 16392 Tweets
Ernando
• 15728 Tweets
Canna
• 15469 Tweets
ALGS
• 13427 Tweets
Guillaume Meurice
• 12856 Tweets
Brasília
• 12345 Tweets
Sundowns
• 11032 Tweets
Pinned Tweet
I live with anxiety and depression. I'm a suicide survivor. When things get hard, those thoughts flood back in. And many days are a struggle.
You aren't alone. You can make it. And you are stronger for enduring it.
That's the tweet.
12
14
172
Compromised a domain tonight in the craziest of ways.
VNC Server with no authentication -> LastPass vault open in browser -> main DA account in LastPass vault -> $$$
37
74
901
Course update - Working on the automation script for you all to run in your lab environments so you aren't spending days trying to build it out manually. Need to add around 5-10 more users, add them to appropriate groups, create and modify ACL & add Kerberoasting. Then testing!
24
154
794
It's time to look beyond Offensive Security in this industry. Training diversity matters when building diverse teams, and that applies to any field.
If you're a hiring manager, take note of some of these alternatives you may see on resumes and accept them. A thread 🧵
30
233
771
Let's bypass Windows Defender using reflection in Powershell.
6
251
697
Cybersecurity can absolutely be entry level - the industry just needs to train you to do it and stop pawning off ownership of the field on everyone else.
It's time to reinvent the wheel on cybersecurity hiring.
34
86
699
Never stop hustling. People recognize hard work, and in this field being recognized is half the battle. Everyone's path is different, but one thing should always remain the same - make it impossible to be ignored.
Here's my hustle. What has yours been?
41
73
670
What do you say? 300 likes and I'll make the repo public?
9
47
659
A year ago my yearly wage was my VA check - $24,000. This year it'll be closer to $150,000. Why do I say this? Because a guy with big dreams and ambitions and little IT experience figured this out, and so can you.
So how did I do it? (1/7)
35
70
648
Learn the basics of hacking with Powershell FOR FREE. These are basics that every pentester needs to know and understand to be successful. -
8
176
584
Thinking about creating a start-to-finish series on Youtube for various pentest engagements. We'll use fictional environments or random apps from Github that are self-hosted, but include everything from fictional client contact, testing, and reporting.
Would that interest you?
85
18
510
Well fam, we did it. Tomorrow I officially start as a Security Engineer. It's been a long, hard road, and I have so many of you to thank for your love and support through it all. And to
@thecybermentor
, for letting me intern and teaching me WAP - web app pentesting. Thank you all
42
9
470
Why in the shit were social security numbers in source code?
Through a multi-step process, an individual took the records of at least three educators, decoded the HTML source code, and viewed the SSN of those specific educators.
We notified the Cole County prosecutor and the Highway Patrol’s Digital Forensic Unit will investigate.
5K
337
1K
37
33
462
New article up on Medium - Windows Persistence Using Windows Subsystem for Linux. Check it out here and let me know what you think.
11
135
448
We all too often see folks bragging about their successes - found a bug, earned a certificate, etc. We never see failures. So when a person fails, they feel like they can't cut it. So let's do something about it.
I failed eJPT my first time. Your turn.
102
22
410
Reminder that my FREE Powershell for Pentesters course is live on Youtube at . We've had a ton of great feedback so far, and I would love to hear from you too.
8
129
406
Just accepted 700 new connection requests on LinkedIn using this command since they don't have a select all option.
var x = document.querySelectorAll('button.artdeco-button--secondary'); for (var i=0 ; i<x.length; i++) x[i].click();
Take that,
@LinkedIn
8
37
371
Obligatory we did it picture. Look forward to a written review in the next day or two. Thank you all so much for your amazing support the last many months. I truly appreciate all of you.
39
4
343
Hit my one year today at
@TCMSecurity
, got a promotion, and found a zero day in this web app I'm testing.
Epic.
19
3
339
Twitch won't add in a section for cybersecurity content, but they sure as hell have one for people licking fake ears for subs.
17
19
335
May I introduce you to Dork Dump. Dork Dump is a Google Dork File Finder, scraping Google search results for file extensions connected to a domain, and downloading them locally. Check it out here.
7
81
333
It's nearly ready. Just need the Github repo created.
14
46
330
If you aren't using Rockyou2021 you really should be.
17
33
327
Since
@mttaggart
and
@HuskyHacksMK
are over here making moves, I'll jump on it too.
From now until next Sunday at 11:59PM est, you can get Movement, Pivoting, and Persistence for a dollar.
Discount Code - OK_FINE_I_WILL_TOO
👇
17
78
328
Look what I found in Microsoft Flight Simulator.
8
22
321
Don’t forget to change you password to Winter2022! Thanks.
14
38
296
Step One - Get shell
Step Two - Create a bunch of directories?
How in the world is this "Linux for Hackers?"
52
20
278
Hardest part is done. Hoping for a tomorrow afternoon release still.
6
23
270
Friends! We are OFFICIALLY approved for Udemy! Please use my link below and referral so that I get more money than Udemy does on it. Cheers!!!!!
14
48
272
No more trying to remember ldapsearch queries.
5
45
264
OSCP is the new bachelor's degree. Everyone has it and that diminishes the value of it.
This is why alternative training opportunities and certifications are so important. There has to be a way to stand out from the crowd when the crowd is all the same person.
21
22
262
Not sure it's real, but if it is, Conti can't escape Vim either.
12
35
254
Security compliance will never be taken seriously until consequences are serious. Imagine the impact on cybersecurity if credit card companies blacklisted a company like T-Mobile for breaching 40 million accounts.
14
30
248
Did another thing. Look forward to a review in the coming days.
16
9
255
Happy holidays! I'm giving away 1,000 free Movement, Pivoting, and Persistence course vouchers and 1,000 PowerShell for Pentesters course vouchers over on Udemy for Christmas. Get them below with the following links.
41
67
250
We did it! As promised - 10KFREETIME good until 9am EST Saturday, August 14th 2021.
38
56
238
Staring at my OSCP thinking, "I don't think I'll use Burp Pro on this web app. My client won't care if I work inefficiently and never find anything."
10
9
231
My city is literally plowing Lake Erie right now.
11
32
228
Since some folks expressed interest, I put the Powershell for Pentesters course up on Udemy. It's $9.99 with the discount below, and good for a few days. Please keep in mind this is free on Youtube, and buying it on Udemy is simply supporting my effort.
12
35
223
PowerShell for Pentesters goes LIVE at 4pm EST (less than 20 minutes). Catch the premiere below, at which point the rest of the videos will go live as well. I hope you all enjoy!!!
5
66
213
Check out my article on malicious shortcut files and how they can be leveraged to capture NTLM hashes quietly and dominate a network or domain.
8
65
207
Stop pirating my shit. Get it for free from me for the next hour, not some shady website in Iran.
FREEFORMESIR
33
41
204
It's not quite a million dollars like
@thecybermentor
, but we've given away $25,000 in MP&P courses in the last couple of days, which is twice as much as I've pocketed since I released it.
Just don't tell my wife. 👀
8
4
199
Legitimate question - do the pentesters on these go for 24 hours straight too?
OffSec offers penetration testing services for a limited number of clients each year.
Learn more about what we do, review a sample report, and find out if we're right for your organization.
Now booking for dates in 2022:
0
6
67
12
13
196
Hey, we got ANSI working in Oh365 User Finder.
4
30
191
If you haven't already, would you consider subscribing to my Youtube? It's stupid difficult to break the algorithm on the platform, and I would love to keep producing videos and content. Make sure to check out my new PowerShell course too! Thanks!
38
38
194
I turned down a job offer this week that came with a 40% pay increase. Why would I do something that crazy?
Some things are more important to me than money. Like work-life balance that doesn't place a strain on my family, and knowing I'm valued where I am.
15
4
195
I learn by seeing. Maybe you're the same. And there's nothing wrong with it. Don't fall for elitist mentalities that suggest you have to figure this all out on your own.
Use that walkthrough. Ask for help. We all learn differently. Don't worry about what others say think.
14
27
191
It's beyond crazy that I can help other people get a job, stream and teach people five days a week, create content, labs, and more, but not a single company I have applied to will take a chance on me because I lack 3 to 5 years of experience.
17
18
190
Free training -
Powershell for Pentesters -
Create Your Own DNS Resolution Tool -
Create Your Own Subdomain Enumeration Tool -
6
58
185
Get me to 10,000 and I'll do another giveaway.
10
36
181
Free until I turn it off. Maybe in 10 minutes, maybe in 10 days. People complaining that they missed out will be shamed forever.
Coupon code FREESIRPLEASE
24
46
176
If you're a demonstrative learner like me, it's ok. Some people need to see the solution to understand the problem.
Know that you aren't alone. There are people in this field like you, and you can make it.
12
11
176
Only 22 days since I submitted it. We'll have a review for it soon.
8
1
176
I did a thing. Here are my thoughts on Pentester Academy's Attacking and Defending Active Directory course and Certified Red Team Professional exam.
@SecurityTube
20
16
172
Got my graduation pictures this week. First in my family to graduate from college. First in my family to graduate with a masters.
27
0
167
Exam completed. Four of five boxes rooted, and local on the one I missed. Report submitted.
15
5
165
Don't forget that Powershell for Pentesters is live on Youtube and 100% free. Get started here and learn some of the ways I enumerate and take over client domains in real environments.
3
29
167
SQL injections are when I feel most like a hacker.
10
2
163
I got mine. Have you scheduled yours yet?
Test your ability to conduct initial recon, enumeration, gaining footholds, moving across network boundaries, and more at
11
7
162
New article up with my favorite internal attack, and probably the least known - escalating users when the relayed account isn't actually an administrator.
2
55
161
The next time someone asks you a question or for help, be the person that you wish you had when you were in their shoes.
5
26
157
And there it is! My first CVE. CVE-2020-28351.
CVE-2020-28351 The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack (via the PATH_INFO to index.php) due to insufficient validati...
0
4
10
10
8
157
The worst thing that CTFs do is culture people into thinking that everything has to be "rooted."
5
16
158
Thinking about taking on a small group of 2-3 people for individualized mentoring, in an almost bootcamp type format. Something like 6-12 weeks. Give assignments, offer guidance and mentor towards an individualized goal for each. Thoughts?
38
4
155
Obligatory confetti post.
I'm happy to answer questions below if anyone has one.
30
1
154
@msgmoney2u
@dbleitzsey
@morghanchambers
As an actual Veteran, I'm honored to see others expressing the rights I swore and fought to defend.
3
0
149
Looks like someone finished the course already.
7
0
156
Unfortunate to see
@ine
moving towards in-browser based Kali machines in their lab environments. The amount of knowledge and experience students gain having to maintain their own distribution is a skill necessary to employers, and this strips that need away from students.
26
5
151
Movement, Pivoting, and Persistence is LIVE!!!!!!!! Get it on the TCM Academy at . I love you all for your amazing support. Thank you so much.
6
28
152
@cybersecmeg
While I am employed, those I regularly chat with are still stuck behind the experience issue - can't get a job without experience, and can't get the experience without the job.
We need to reinvent the hiring wheel in this field. It's beyond broken.
8
7
146
It's the weekend. Get a jump start on learning with my free content.
Persistence via WSL2 -
Powershell for Pentesters -
CVE Hunting -
Create Your Own Python Series Videos -
0
48
147
