x0rz
@x0rz
Followers
97,907
Following
422
Media
3,226
Statuses
24,986
Cybersecurity & Threat Intelligence. Knowledge is power, France is bacon 🥓
France
Joined September 2009
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Rio Grande do Sul
• 160450 Tweets
Madonna
• 125663 Tweets
Nathan
• 121544 Tweets
Tottenham
• 54943 Tweets
Spurs
• 45826 Tweets
#CHETOT
• 35127 Tweets
#الاهلي_ضمك
• 25911 Tweets
bruno mars
• 24842 Tweets
Ange
• 20528 Tweets
Guinea
• 19548 Tweets
Boris Johnson
• 19383 Tweets
Sundowns
• 19379 Tweets
Hayer
• 18299 Tweets
#debatBFMTV
• 16951 Tweets
Kaizer Chiefs
• 13978 Tweets
Mudryk
• 11862 Tweets
if (score <= 85) {
printf("FAILED");
}
if (score >= 85) {
printf("PASSED");
}
🤦♂️
57
463
3K
Obfuscating IPv4 addresses is fun, try:
$ ping 0177.1
$ ping 134744072
$ ping 0x8080808
$ ping 010.0x0000008.00000010.8
$ ping 8.0x0000000000000080808
That works both on Linux and Windows 👌
43
1K
2K
apt-get install python
A man tried to smuggle a python onto a plane inside a hard drive
22
85
176
39
751
2K
Shit just got real with fake profiles: generate fake faces in one click - endless possibilities
#Fake
#MachineLearning
89
984
2K
Why use P2P when you can use Google and the full speed of other people's servers 😏
intitle:"Index of" {MOVIE_TITLE} mkv 1080p
29
436
2K
Cisco patches bug by... denying access to "Curl" User-Agents 🤦♂️
@info_dox
@TheHackerNews
@bad_packets
@hrbrmstr
We were also quite surprised to find this /etc/nginx.conf in 1.4.2.20
48
417
1K
41
712
2K
If you want GPS algorithms to avoid going through your street, here is a nice tip
24
251
1K
| ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄|
Hackers
You’re all awesome
|___________|
\ (•◡•) /
\ /
---
| |
14
326
1K
Researchers, beware of impostors trying to get information out of you with false pretexts (fake journalists, researchers, etc.).
Here is most likely some Iranian dude working me...
Next time, try something better than that, "kevin"
#osint
#cyber
#counterintelligence
54
433
1K
Really cool
#vulnerability
/exploit search engine, using multiple source feeds 👍
#exploitdb
#pentest
#redteam
10
637
1K
How I see IT certification hoarders
ie. John Doe (CISSP, CISA, CGEIT, ITIL, CEH) 👌
73
594
1K
When you suddenly realize you're out of scope 🙈
12
365
1K
Photon: fast web crawler which extracts URLs, files, intel & endpoints from a target
#pentest
#pentesting
#redteam
19
425
1K
Darknet OSINT is a thing, and it's pretty awesome: check out
#FreshOnions
at zlal32teyptf4tvi[.]onion
#darknet
#tor
#osint
15
477
1K
Using the computing power of Google to defeat Google, noice
This projet defeat ReCaptcha with 91% accuracy 🤩. How? You might ask. They ask for the audio challenge, dl the mp3, forward it to Google Speech2Text API and submit the answer back... and it works 🤦🏻♂️
74
3K
6K
9
517
1K
11
544
1K
Dear follower, I appreciate you reading my tweets.
Just wanted to give you my appreciation. Always glad to hear my (re)tweets can help you. Good vibes in this community, share knowledge when you can and don’t feel stupid for asking questions 👌
37
69
1K
How to create the perfect anonymizing botnet by abusing UPnP features — and without any infection
#botnet
#upnp
#vulnerability
#inception
27
538
1K
Hospital security: unsupervised & unlocked computers sitting in an open hallway. Screens showed names + medical data of patients... yuck 😷
67
419
1K
"No logs VPN"
FBI arrests PureVPN user with log data that was said to not exist
L:
C:
16
205
330
31
470
958
If this isn’t cyberpunk I don’t know what is
12
335
902
When you open Wireshark to see what’s up on your LAN
13
135
916
Someone just burned two 0days because some idiot uploaded the PoC that pop a calc.exe on VirusTotal: priceless 😂💸
22
366
904
Windows 7 Meltdown patch opened up a new vulnerability (on Win7 & Win Serv 2008): arbitrary memory read & write 😱
#windows
#vulnerability
14
743
879
Infinite money trick:
1) Buy 0day RCE from Zerodium
2) Hack into Zerodium IT systems with that RCE and get all other 0days for free
3) Sell them to highest bidder
4) Go back to step 1 with another vuln vendor
24
224
873
If Elon Musk and Jeff Bezos could start investing money into what we already have (ie. planet earth) instead of super-rich-dudes mars projects, that would be cool.
59
132
827
So FYI, "redteam" doesn't mean "above the laws". A CEO can't allow someone else to hack into your personal email address to prove a point.
This is plain wrong, unethical and privacy invasive.
IMO, company email address is fair game. Personal email: nope! 🙅♂️
74
270
830
Recovering a blurred QR Code to access a
#bitcoin
wallet private key 👌
#crypto
#cryptocurrency
#fail
18
521
804
It's totally crazy, after all these years, simply detecting `whoami' activity during non-working hours can spot the most sophisticated APT.
10
115
838
Could you imagine the cable management needed to use these... 😱 yep, that’s a sliced phone trunk cable
47
253
798
20 years behind the competition, but it’s really cool to see this happening! ;)
Microsoft today unveils "Windows Terminal" — a new, powerful, and productive terminal application for command-line lovers.
66
960
2K
19
199
799
The ssh-decorator package from Python pip had an obvious backdoor (sending ip+login+password to ssh-decorate[.]cf in cleartext HTTP)
9
608
759
That's why I use the good old KeePass.
No browser extension. Not an online password manager either. Just an encrypted file that stores my passwords with a simple GUI to manage them. It covers my threat model and I don't need more. Less is more 👌
lastpass: bypassing do_popupregister() leaks credentials from previous site
7
306
637
54
190
765
The one bug to bring them all down - CVE-2018-1000136 (including, but not limited to: Signal Desktop, Slack, Discord, Atom, Visual Studio Code, Github Desktop)
#electron
#vulnerability
13
567
761
When I open my DMs (and yes it's a real DM I got, except for the mixed case) 😩
30
127
746
Everytime I read "POS malware" I can only think of "piece of shit malware" (when it really means Point-of-sale malware). Am I the only one? 🤣
56
48
743
Microsoft manually patching a binary, did they lost the source code? 🤔
#legacy
#vulnerability
21
461
749
Nice trick, if you don't have netcat on a box, you can use `whois' to upload/download arbitrary file to a remote server 🤩
8
306
741
Fuck off
A technology company has created an electronic badge that can monitor workers’ conversations, posture and even time spent in the toilet. This type of office surveillance raises concerns about workers’ rights and privacy
220
785
834
51
204
699
Source code repositories (like Git) are most definitely targets of choice. Here is a way to hide arbitrary code (could be some bugdoor) content from Git logs/diff 👏
#SupplyChainAttack
7
389
698
Here is the full video of the Polish CBZC (Central Bureau for Combating Cybercrime) arresting individuals associated with DDoS as a Service providers.
Viewer discretion is advised. The levels of dorkiness are off of the charts.
42
98
523
11
79
689
Typical illustration of how bad the internet is centralized nowadays: Cloudflare is down, most websites & services being disrupted by this.
28
245
670
Facebook, Snapchat and other US companies have been doing so for years. Pretty sure TikTok (Chinese company) has been gathering tons of data as well, and millions of Americans have probably used it too.
Users deserve privacy no matter the origin of the company.
16
330
679
Dumping Windows Credentials from the Credential Manager with
#PowerShell
, doesn't require any admin rights 👌
#windows
#pentest
#redteam
7
405
689