Discover and read the best of Twitter Threads about #INFOSEC

Most recents (24)

Friday #infosec thoughts on knowledge share // training with my team.

Thread.
We regularly document processes and train.

I am at a place where I am comfortable with this.

I used to work at a place who had me document the things no one else could do and they then fired me.

So I don't shame people who hoard knowledge. I get it.
At good employers, documenting and training are part of a larger overall cultural plan about moving up and filling the role behind you as quickly as possible.

It's easier to find a helpdesk employee than a Security Engineer.

My company has learned this well.
Read 14 tweets
Here's a couple of things worth a try to get an IDOR

Comment below if you've other useful tips & techniques.

🧵👇

#bugbounty #bugbountytips #infosec
1. Change file type

If you've an endpoint such as /users/passoword you might want to try /users/password.json or other extensions like .xml etc.
2. Convert ID to json body or array

If you've {"id":111} that gives you 401, you might want to try {"id":[111]} and {"id":{"id":111}}
Read 10 tweets
Shodan detects devices that are connected to the internet at any given time, the location of those devices and their current users.

It's a thread 🧵👇
You can search, hack and even get a bounty if lucky enough with @shodanhq
#infosec
1) To find vulnerable Databases:
2) To find sensitive files and directories:
Read 7 tweets
15+ 🔑 USEFUL SERVICES FOR OUT-OF-BAND EXPLOITATION UPDATED 2021 🔥

😁You might have come across

Read about them below, It's a 💯 thread. 🧵
Let me know if I missed any.
#infosec #oob #CyberSecurity #bugbountytips #BugBounty @theXSSrat @ADITYASHENDE17
👇👇👇👇👇
Retweet for 📈
1. Burp Collaborator

Documentation portswigger.net/burp/documenta…
2. WebHook(.)site
🔗webhook.site
Read 20 tweets
Spent some time today at work playing with @msftsecurity Windows InstallerFileTakeOver LPE (CVE-2021-41379 bypass - github.com/klinix5/Instal…) and managed to create some detections on it.

Detection will be based on Sysmon/SIEM, here we go... 1/n #threathunting #detection #dfir
The exploit requires the user to overwrite elevation_service.exe with a compromised one (in this case with InstallerFileTakeOver.exe).
We can monitor this using #Sysmon event ID 11 - File Creation events:
event_id:11 AND event_data.TargetFilename:*\\elevation_service.exe
Read 14 tweets
1\ #dfirtips #dfir #infosec

Windows Event Logs can be daunting especially if it's a lot. No one can actually sit in front of their computer to check each of those logs one by one thru a manual approach. Here are some of the newest EVTX tools that can really save our lives as IR
2\ #Zircolite can be very useful where you can use your favorite sigma rules to detect bad stuff

github.com/wagga40/Zircol…
3\ #Chainsaw is such a wonderful tool and it's SO FAST! Whatever EVTX logs you have during your engagement, you can literally get a result in a few minutes. Shoutout to @countercept for having this for free to us!

github.com/countercept/ch…
Read 8 tweets
Useful Linux🐧 Networking🌐 Commands📜 for Sysadmins/Regular Users🧑‍💻

A thread🧵
Hello everyone👋, Today I'll be doing another quick, easy to follow thread🧵 on some of the most used command-line tools and utilities for network management in Linux

#infosec #CyberSecurity #Linux
1. Ifconfig🌐
Ifconfig stands for Interface Configurator, it is one of the most used commands for finding network details, nitialize an interface, assign IP address, enable or disable an interface. It also display route and network interface.
2. Ip🌐
ip command is the latest version of ifconfig. It is more powerful than ifconfig command as it can perform several other tasks that the ifconfig cannot do. The utility is used for displaying and manipulating routing, network devices, interfaces.
Read 21 tweets
I've created an overview of the Smart Contract Auditing Process for pentesters, devs, bug bounty, or anyone vested in blockchain security.

Shoutout @Mudit__Gupta who really helped solidify this process from his walkthroughs.

#bugbountytips #infosec #web3 #CyberSecurity Image
As always open to feedback if I missed something / or if you feel the structure could be improved
@Mudit__Gupta @immunefi @metaversable @thedawgyg @BHinfoSecurity If anyone has any other processes they'd like modeled (blockchain security related) feel free to reach out! @julianor I know you mentioned threat modeling, if you have a process in mind dm me and I'll whip something up and give you credit :)
Read 3 tweets
🧵Heading home after a great time at #CYBERWARCON yesterday. IMO, a good threat intel or #INFOSEC conference should mainly 1. Stimulate new thinking and grow the field 2. Facilitate genuine networking 3. Be fun! This conference is definitely all three.
I’m in awe of @JohnHultquist and Amy’s ability to basically will this thing into existence year after year with only a small volunteer force to help them. Thank you to them, the rockstar review board of John, @ridt, @olgs7, @t_gidwani for producing an outstanding agenda…
…and to everyone else who helped put the conference on! My gratitude to the various sponsors that also made this conference possible. Congrats to all on another fantastic year.
Read 24 tweets
Basic Linux 🐧Commands📜 For Text Manipulation

A thread🧵

Hello everyone👋, Today I'll be doing a quick, easy to follow thread🧵 on basic Linux commands for text manipulation.
#infosec #cybersecurity #Linux
1. Echo🐧
The echo command is used to display line of text to the standard output(stdout).
2. Cat🐧
The cat command is used concatenate files and print their contents on the standard output. In other words it's just used to display the contents of a file.
Read 27 tweets
OSCP (Offensive Security Certified Professional) Pass and Preparation - Tips and Tricks💡

A thread🧵

#oscp #CyberSecurity #infosec
2. [0x4D31/awesome-oscp: A curated list of awesome OSCP resources (github.com)](github.com/0x4D31/awesome…)
Read 16 tweets
Hoax Email Blast Abused Poor Coding in FBI Website
The FBI confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation
> krebsonsecurity.com/2021/11/hoax-e… by @briankrebs #hacking #infosec Image
According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities. Image
Late in the evening on Nov. 12 ET, tens of thousands of emails began flooding out from the FBI address eims@ic.fbi.gov, warning about fake cyberattacks. Around that time, KrebsOnSecurity received a message from the same email address.
Read 4 tweets
BEGINNER👦 LINUX PRIVILEGE 🔐ESCALATION⬆️
Abusing SUDO rights and popping r00t shells

A thread🧵
#infosec #CyberSecurity #bugbountytips Image
In this thread🧵, I will be discussing how you can pop a root shell by abusing SUDO rights misconfiguration and will be demonstrating this using this box: tryhackme.com/room/linuxpriv…
First things first, let’s start with theoretical concepts!!😄
What is SUDO👑?
Sudo (Superuser Do) - is a Unix and Linux based utility that gives users permissions to run commands at the `root` level (most powerful user).
Read 21 tweets
Networking is a massive topic, but when starting into cyber security; you have to know the commonly used methods to uncover the potential areas of interest as an attacker you can leverage.

It's a thread 🧵 👇
#infosec
1. The OSI Model: can be seen as a universal language for computer networking. It’s based on the concept of splitting up a communication system into seven abstract layers, each one stacked upon the last.
Read more: bit.ly/3DkBEZs
2. Encapsulation: This is the process of adding additional information when data is traveling in the OSI or TCP/IP model. The additional information has been added on the sender’s side, starting from the Application layer to the Physical layer.
Read more: bit.ly/3wNOGMh
Read 9 tweets
The Linux🐧 commands you should NEVER use.
Disclaimer DON'T🚫 run these commands.

A thread🧵👇
#CyberSecurity #infosec #Linux Image
1. Recursive Deletion🔁🗑️
This is one of the most dangerous commands. Once this command is run, it deletes all the content of the root directory forcefully and recursively. Thus, all your directories and subdirectories will be deleted and the data will be lost. Image
2. Fork Bomb🍴💣

My personal best😄,this is a simple bash recursive function which once executed creates copies of itself which in turn creates another set of copies of itself. This consumes the CPU time and memory. Thus, it runs recursively until the system freezes. Image
Read 14 tweets
I flatter myself that I'm pretty secure online. I've written global bestsellers about #infosec, worked for @EFF for nearly 20 years, given keynotes at some of the world's largest infosec conferences. And yet, I have been hacked. It wasn't even very sophisticated! 1/ A cliched 'Hacker in a Hoodie' image; the inside the hoodie
If you'd like an unrolled version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

pluralistic.net/2021/11/13/ops… 2/
It was in 2010. My kid had made a fuss about going to day-care so my wife and I were late walking to work. The cafe we always stopped at for a coffee had longer lines at that hour, so I stood in line while she sat down and read a paper.

locusmag.com/2010/05/cory-d… 3/
Read 57 tweets
9 OSINT Tools, you might have come across.

Read about them below, it's a thread 👇.

Let me know if I missed an awesome OSINT Tool.
#OSINT #infosec
1. Maltego: Specializes in uncovering relationships among ppl, companies, domains, and publicly accessible information on the internet. It’s also known for taking the sometimes enormous amount of discovered info and plotting it all out in easy-2-read charts and graphs.
#maltego
2. Mitaka: Available as a Chrome extension and Firefox add-on, #Mitaka lets you search over six dozen search engines for IP addresses, domains, URLs, hashes, ASNs, #Bitcoin wallet addresses, and various indicators of compromise (IOCs) from your web browser.
Read 10 tweets
Apple HomePod Mini Data Dump - Extended Logging #iphone #infosec #iOS #siri twitter.com/i/broadcasts/1…
Show all recent files that have changed in a specific directory.

find . -exec stat -f '%m%t%Sm %N' {} + | sort -n | cut -f2-

find . = search in the current directory that you are in.
change the . to any dir to see all changes in dir.
developer.apple.com/bug-reporting/…

You can get the latest mobileconfig files here
Read 4 tweets
Another issue I want to raise is the hate train...Let me get this clear, I have no issue with @thecybermentor Heath Adams, I'm a supporter of his content, but I don't support hate. Thankfully, the hate is directed towards me, but the "hate" stems from my human rights activism.
Along with being a phone hacker, I am a digital human rights defender. What Heath sees as me seeking attention is not the truth at all. I have supported even my biggest and hateful opposition in their time of need, I will always help anyone that is being wronged the best I can.
Read 8 tweets
Hey #infosec n00bs!!

One of the worst habits we have in security is speaking in absolutes. Saying things like "Unhackable", "Breachproof", "Fully Secure", "No Risk". They're simply untrue.

But this also includes when we talk about skillsets. There are no absolutes.

1/
So when someone says, "You must know x, y, z" or "You have to do a, b, c" to get a certain job (or any job) in security, you can simply toss out those absolutes in with all the other fallacious absolutisms that security people throw around. Simply ignore them.

2/
The reality is we need people of all different skillsets, all different backgrounds, and with all different perspectives in order to be successful. Security is about problem solving and problem solving is strongest when different viewpoints collaborate.

3/
Read 7 tweets
Why #threatmodeling doesn't work well with developers: a hypothesis based on cognitive science #tech #infosec
I've mentioned this study before but Sweller et al. (1998) point out that humans are bad at complex reasoning particularly long chains of complex reasoning in working memory. They're esp bad when they have no previous experience to reference. +
Sweller & co looked at chess players & asked them to reproduce board configurations. Experts were able to reproduce board configurations more accurately than novices as long as those board configs came from previous matches they had played. If the experts were given random +
Read 11 tweets
Michael Flynn is trending on Twitter this morning after explosive allegations from Everett Stern, a former HSBC Bank whistleblower & GOP candidate for PA Senate. He is accusing Flynn & operatives of trying 2 recruit him 2 find dirt & blackmail area politicians @davetroy Image
Everett Stern, in a press conference in Philadelphia on Saturday claimed a group called the "Patriot Caucus" led by General Flynn was also potentially plotting upcoming malign operations in places like Virginia. Virginia has a critical election for Governor on Tuesday #VAGOV
He later provided this photo via his twitter account @EverettStern1 where he is pictured with Andrew Meehan on the left and an unidentified Flynn supporter on the right. Andrew Meehan ran against and lost to @RepBrianFitz who is currently the Rep. for PA's 1st district. #PAGOP ImageImage
Read 15 tweets
RE tip of the day: IDA Freeware is shipped without FLIRT sigs for Delphi but you can use a great tool called IDR to extract sample's symbols, export them as IDC and use it (or part of it like MakeNameEx-based values) in IDA
#infosec #cybersecurity #malware github.com/crypto2011/IDR
The precompiled binaries for IDR can be found here: github.com/huettenhain/dh…
NB: always make a copy of your IDB first before applying any IDC scripts!
Read 3 tweets
BREAKING: @MaddowBlog tonight. So it WAS a covert communication channel between Trump, Alfa Bank, Spectrum ect. in 2016? Quote, "Its clear there's hidden communications between Trump and Alfa Bank". So John Durham lied about this in his investigation? @RepAdamSchiff @RepRiggleman
Here is a link to last night's segment on @MaddowBlog who expertly goes through the new implications that seems like ABSOLUTELY warrants new investigations and an investigation now into John Durham. #infosec #osint democraticunderground.com/1017690476
Our thread from earlier this month on yrs of collected details on the purported covert communications channel between Trump & Alfa Bank that has NEVER been explained. Their newest conspiracy that it was actually made up has fallen flat in a HUGE boomerang
Read 5 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!