If you miss Twitter back in pre-2010 days when it was just full of geeks sharing cool stuff, then get on Mastodon. is where I'll be now. 👋.

YES! You found one! I pretty much laughed all the way through that😂.

I did a thing.

RT @Nettitude_Labs: Popular document storage solution, ONLYOFFICE, affected by multiple vulnerabilities. Our latest post by @strawp shows h….

Oh Jesus 🤦‍♂️.

I used to do this as a software developer, but now I actually am a hacker I take it more seriously and have playlists and shit.

Oh yay, haven't had a fun OpenSSL vuln since heartbleed 🍿.

A masterclass of OSINT. It's wild that:. 1. RU military communicate by normal phone calls (I guess TEAMS would be a no-no 😁). 2. In RU you can just buy call records on the black market.

RT @saajanbhujel: Hey everyone👋,. Read my blog about "How I Got $10,000 From GitHub For Bypassing Filtration oF HTML tags". @GitHubSecurity….

This sort of methodology is very useful. Find something that talks HTTP, find the API endpoints, exploit.

How are there any Exchange servers left standing at this point?.

RT @mubix: Yup… every single time….

A year ago I would not have bothered attempting to get into an account with MFA, but last week I used this same technique and got 8 accounts in an org over 2 days on a remote SE test. MFA is snake oil.

RT @gentilkiwi: Always fabulous to see editors low the Windows Security level. When Citrix SSO is enabled. passwords are stored in *user….

I don't rate the new lock screen clock in iOS 16 🤨

So weird out of all the fancy places in London this ceremony happens outside what is now just a fancy shopping mall

Oh nice! This was a feature of Burp that I hadn't noticed was added.

RT @Nettitude_Labs: Learn four of the most effective network relaying attacks against Windows domains. Defenders - learn how to mitigate ag….

When were the terms of service for Truth Social written?

RT @mubix: This is something you should watch. These two individuals know more about scanning than a very large majority of Infosec combine….