Discover and read the best of Twitter Threads about #infosec

Most recents (24)

#BurpHacksForBounties - Day 1/30

Turbo intruder: Power of Python with @Burp_Suite Intruder.

I use it to tailor my pen-testing for a specific target and targetted #bugbounty

#infosec #appsec #bugbountytips #bugbountytip #security
How to - 🧵🙃👇
1/n
Using: CE so that everyone can explore.
Intruder in CE is limited in multithreading, Turbo-Intruder can overcome that.
- Install through Extender
- Send req to the plugin.
2/n
Once you send req to the plugin, a python editor will open. This will show a couple of existing python scripts to take reference from and to use.
Read 5 tweets
Thread: Protecting Mobile Devices

Contrary to the popular belief, doing a factory reset on your phone does not guarantee removal of sophisticated spyware. As per recent analysis by @citizenlab , Pegasus spyware can persist a factory reset on certain android phones.
If you are a high profile target, always assume that your mobile devices are likely to be targeted. While, the following steps can't ensure protection against sophisticated cyber weapons they will surely help reduce the attack surface.
1. Do not link any cloud accounts to your mobile device.

2. Change your password on regular basis, use a different password for each service and if you use a password manager, only use it to store "Password Hints" instead of actual passwords.
Read 8 tweets
Was it something I said? #AZaudit Image
Apparently Dylan who claims to be an "Arizona Democrat" was very subtly suggesting there was vote flipping of 6000 votes in Antrim, MI presumably because of Dominion voting machines. That of course has been thoroughly debunked months ago. And when I called him out he blocked me. Image
No there was no software driven vote flipping in Antrim, MI and No, Michigan didn't use an algorithm to manipulate 2020 election results. Folks there was a paper ballot recount. Its not complicated & there is no mystery as to who won. #AZaudit
politifact.com/factchecks/202…
Read 14 tweets
1/35 In 2017, the tax-exempt Koch Foundation and Koch Institute donated over $2 million to conservative media outlets, including $980,000 to the Daily Caller Foundation, the tax-exempt entity that underwrites Tucker Carlson’s The Daily Caller. doi.org/10.1017/978110…
2/35 Now, why would the Koch brothers be spending money on that? Probably for the same reason the far more reclusive billionaire Robert Mercer invested in Breitbart. bloomberg.com/news/features/…
3/35 With the rise of movements defending specific groups a la FDR and LBJ: labor, civil rights, consumer, environmental, and women’s movements, too much power had slipped into the hands of people who made excessive demands (fairness) of government and corporations.
Read 36 tweets
1/14 I know 2020 we had big problems so some less pressing ones went unnoticed. This one must be addressed. EPA scientists found a toxic chemical damaging fetal hearts. In Feb of 2020, the White House edited the report on that chemical.
3/14 After scientists submitted the final risk report in Dec of 2020 the report received a considerable edit.
Read 14 tweets
1/Quick and Dirty S3 Hacking:
#bugbountytip #infosec
> Always look through source code of subdomains.
> If you find an S3 bucket, navigate to it. If you see file/directory listings, download the AWS CLI tool.
> sudo apt install awscli
> create free AWS account; aws.amazon.com/free/
> sign-in to console.aws.amazon.com/iam/ with that account
> click on users, click on add user
> name user whatever, click the programmatic access box
> click create group, click AdministratorAccess
> add the user to that group
> click next, click next, create
> click on the user, click on security credentials
> click on create access key, grab the access key id and the secret access key
> go back to terminal
> sudo aws configure
> enter access key/id
Read 12 tweets
You see a weird openssl command running on one of your Linux systems. Here's how to investigate whether it's a bindshell backdoor operating on the box and hiding traffic inside an encrypted tunnel. Thread. #DFIR
The server and client to run the attack. The reverse bindshell causes openssl to connect back to us and is encrypted so network monitoring is blind to what is going on. Need to look at the host to figure it out.
We log into the host after seeing the weird outbound connection and need to investigate. Run ps -aux and lsof -p <PID> to see the process. Throw in netstat for good measure. We see openssl and /bin/sh -i running that look strange.
Read 12 tweets
A scannable QR code advertisement created by drones above the skies of Shanghai.

Beautiful. Image
Wild to see this post of mine blow up. I think sychronized drone swarms like this are amazing when used for creative displays and new forms of art, which is why I shared that photo. I also like to fly drones for racing and photography. ImageImageImageImage
Join me and @Lawesomesauce on a @bitrefill #TwitterSpaces tomorrow (Monday) at 1pm EST if you'd like to talk about #drone tech and how it intersects with #infosec and #opsec! Image
Read 4 tweets
Trying to start a business when you are Disabled + suffering from Executive Function issues is a MAJOR reason why you don't see more Disabled Business Owners.
I'm also un-medicated, so I'm trying to do the absolute BEST I can while pushing through. I am absolutely panicked in this process, but I REFUSE to just give up.

I've given up before. I've failed before.

So why not just WIN???

And it sounds so easy, but DAMN.
Consistency is the key to a Hell of a lot.. and as someone with ADHD (CONSISTENCY ISSUES HELLO), it can very tough to stay on track - but dammit, if I have to CHEW ROCKS to get Reparations.Tech off the GROUND, I WILL!!!!!!!!!!!!!!!!!!!
Read 95 tweets
Doing an investigation on Windows Security Event Logs? These will make your life easier!

Guide to Windows audit and security policy settings - activedirectorypro.com/audit-policy-b…

Windows Event Logs Analyst Reference - forwarddefense.com/pdfs/Event_Log…

#infosec #CyberSecurity
EventID Encyclopedia -
ultimatewindowssecurity.com/securitylog/en…

EventID Cheat Sheet - andreafortuna.org/2019/06/12/win…

Logon Type Details - techgenix.com/logon-types/

DeepBlueCLI - a PowerShell Module for Threat Hunting via Windows Event Logs. github.com/sans-blue-team…
APTHunter - Python tool to quickly perform threat hunts of Windows logs. github.com/ahmedkhlief/AP…

Sigma rules - github.com/SigmaHQ/sigma/…
Read 3 tweets
Here’s some Infosec / cybersecurity GitHub links I have found recently.

Resource Lists -

github.com/pascalschulz/I…

github.com/archanchoudhur…

github.com/GoVanguard/lis…

github.com/ShilpeshTrived…

1/3

#CyberSecurity #infosec
Security auditing tool for Kubernetes - github.com/vchinnipilli/k…

Collets information from an email and shows in nice GUI - github.com/kennbroorg/iKy

Public cybersecurity datasets - github.com/gfek/Real-Cybe…

2/3
Takes an array or file of URLs and returns a report with screenshots, application headers and src/href references. - github.com/TypeError/crys…

Dictionary of cybersecurity terms - github.com/securityarch/c…

3/3
Read 3 tweets
A thread on how I managed to encrypt and store a video using #Flutter

Scroll for links, code snippets, and my general thought process...
Recording and saving videos locally isn't too difficult.

Dependencies:
- camera
- path_provider

#flutter #android #s21 #video #coding

Below is the code for getting a file reference:

Created with @carbon_app   /// One call to get a file reference, set temp = false to
Encryption on the other hand is a foreign language to me. From my research, I learned that each user needs an #AsymmetricKeyPair that can be used to #encrypt and #decrypt data.

To generate these, I used the rsa_encrypt package.

pub.dev/packages/rsa_e…
Read 19 tweets
Yes SIEMs can be expensive, but are you getting full value from yours? Or are you just using it for security monitoring?

Here are some other things a SIEM can be used for, to provide much more value to a business.

#siem #infosec #CyberSecurity

1/6
Dashboards. Yes, your security team has dashboards, but have you thought of creating ones to be used by Networking, Desktop Support and other teams? Ask them what dashboards could be useful, and provide them access to the SIEM which only allows access to these dashboards.

2/6
Threat Hunting. There are bountiful threat hunting resources online - Perform these threat hunts on your SIEM logs! This could find things your alerts or analysts have missed; and can lead to future detection opportunities.

3/6
Read 6 tweets
This thread brings together all my #infographics until today (2years of work).

These are all infographics about #infosec 🔐

Feel free to share this tweet if you think it may be useful for your #community 📚

Follow me ➡ @SecurityGuill fore more about #security #hacking #news ImageImageImageImage
How does an #Antivirus works? Image
Quick presentation of the different #Bluetooth Hacking Techniques Image
Read 44 tweets
Again!! 11 Crore Indian Cardholder's Cards Data Including personal details & KYC soft copy(PAN, Aadhar etc) allegedly leaked from a company's Server in India. 6 TB KYC Data and 350GB compressed mysql dump.
@RBI @IndianCERT #InfoSec #dataprotection #Finance ImageImageImageImage
This happened 2nd time this year. Hacker claiming that he was having access in company's server since Jan 2021 to till today. They also posted some DB structures with sample. Hope someone will take responsablity for this breach. @RBI should investigate this issue. ImageImageImageImage
We all are using Credit Debit cards online on daily basis. Companies should take responsablity of users data strongly. there should be a data leak disclosure policy too. ImageImageImageImage
Read 4 tweets
Die gezeigten #Reaktionen bestätigen mich darin, dass man seitens der #rechtsextrem|en den #Mord an #Lübcke und andere Formen von #Rechtsterrorismus als legitim betrachtet.

Ich stelle mir die Frage, wann man dies auch endlich politisch ernst nimmt.

Und damit meine ich nicht in Form von #Angstkultur & #Entrechtung, sondern damit, vielleicht mal 1% der #OSINT der #Antifa nachzugehen...

Ist ja nicht so, als seien deren #Recherchen streng geheim...
Deshalb eine #UnbequemeWahrheit:

#Antifa ist der bessere #Verfassungsschutz!

Das @BfV_Bund sollte sich schämen, dass #Ehrenamtler*innen weit mehr #Verfassungstreue beweisen.
Read 17 tweets
On facebook's data privacy. I have never installed facebook or instagram on my android test phone yet zuckerberg and co won't leave me alone. How do i know, because i proxied web traffic through a mitm tool and caught fb sending data about my phone to its data centers. Here's how
Facebook leverages its sdk installed across diverse apps to create and maintain profiles of consumers even if they don't use any of its apps. In my case, the culprit is an English Premier League app. Data sent to facebook datacenters includes phone orientation in 3d space - x,y,z
Battery stats, rooted/non-rooted, GDPR applicability - no in my case, my location, app with fb sdk, time, phone model, consent status - of course this rides on consent granted to app with fb sdk. Sneaky imho, among other data points. Where is all this data sent to,
Read 8 tweets
I’m thinking (maybe wrongly) that we, in #InfoSec, are still largely attached to the language of “People, process and technology” in how we design security practices.

I don’t think that’s the best lens to look at the Sociotechnical systems we wish to influence. Here’s why:

🧵
“People, process and technology” has built into it a mechanistic decomposition of what a security practice entails. It transpires as an analytical approach, in that we “tear it apart, study its parts and then build it back up”.

There’s nothing inherently wrong with analysis but
Processes of analysis, by their decomposition, promote a focus on properties of the parts and derive or assume those are the properties of the whole.

However, we now know that’s not how Complex Adaptive Systems behave. The whole has properties which are absent in its parts
Read 12 tweets
#learn365 Day-31: Captcha Bypass Techniques

Captcha is widely adapted by the applications to avoid automated attempts on specific functionality, commonly on the Authentication forms to avoid brute-force attacks.

#bugbountytips #appsec #infosec #Pentesting

(1/n)
(2/n)
However, it is possible to bypass Captcha, and sometimes if the function is critical, it can be paid well in terms of bounties.

1. Missing Server-Sides Validation
- Some apps send Captcha Parameters on the client-side but they do not validate this on the server side.
(3/n)
- Simply, Remove the "Captcha" parameters and see if the request is processed successfully.
- If yes, you can now use this request to perform your brute-force or rate-limiting attempts.
Read 10 tweets
So #infosec #jobs thread.
In the last 12 months, I've been involved with 60+ interviews for various SOC, IR etc roles. This has come from about 120+ CV/Resume submissions.
To start, a caveat though - this is all IMHO. Hiring is an amazingly individual event.
First CV length. The common wisdom is that it has to be under 2 pages and very tailored to the role. I disagree. A CV should be concise but it also needs to provide enough information to make the hiring manager want to speak to you. If there is an HR screen, it needs to contain
a tonne of possibly random keywords. If a job advert asks for 10 different skills, and you can fit this in to 1-2 pages, chances are the person reading it will find it missing detail and think it is unconvincing. If it's your first job a 1 page CV is ok but the more you've done
Read 20 tweets
The morphing of QAnon into a religion has me flashing back to my earliest days as a researcher. It was 1967, the Summer of Love, The Beatles were hanging out with Maharishi Mahesh Yogi, and I began my study of non-Christian belief systems. (See (en.wikipedia.org/wiki/The_Beatl…) 1/10
Although I was raised by a church-going family, I am not, and never was, a Christian. Theologically-speaking my parents' church was very liberal and believed in adult baptism based on informed choice. My interest in other faiths was not discouraged. 2/10
In fact, when a former minister of that church visited my folks in 1968 and heard of my interest in different belief systems, he suggested I read "Mysticism Sacred and Profane" by R. C. Zaehner (1957). He and Zaehner were students together at Oxford! en.wikipedia.org/wiki/Robert_Ch… 3/10
Read 11 tweets
#learn365 Day-29: Common Business Logic Issues (Part - 2)

(cont'd...)
5. Premium Feature Abuse
- Try forcefully browsing the areas or some particular endpoints which come under premium accounts.

#bugbountytips #AppSec #infosec #pentest

(1/n)
(2/n)
- Pay for a premium feature and cancel your subscription. If you get a refund but the feature is still usable, it's a monetary impact issue.
- Some applications use true-false request/response values to validate if a user is having access to premium features or not.
(3/n)
- Try using Burp's Match & Replace to see if you can replace these values whenever you browse the app & access the premium features.
- Always check cookies or local storage to see if any variable is checking if the user should have access to premium features or not.
Read 8 tweets
How many of you will agree that @PortSwigger @PortSwiggerRes @burpsuite is the best #Web #AppSec #bugbounty Tool available on the internet?

This thread includes some of the best Burp Extensions, which I personally love.

#pentest #security #infosec #bugbounty
Turbo Intruder

Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
portswigger.net/bappstore/9aba…

#pentest #security #infosec #bugbounty
Retire.js
This extension integrates Burp with the Retire.js repository to find vulnerable JavaScript libraries.
portswigger.net/bappstore/3623…

#pentest #security #infosec #bugbounty
Read 20 tweets
I have seen a lot of #pentesters struggle with tunneling and port-forwarding concepts. All #hackers should definitely understand these concepts for successful tests.

This thread is dedicated to Tunneling/PortForwarding tricks.

#infosec #pentest #tunneling #security #bugbounty
Local Port2Port

Open new Port in SSH Server --> Other port

ssh -R 0.0.0.0:10521:127.0.0.1:1521 user@10.0.0.1 #Local port 1521 accessible in port 10521 from everywhere

ssh -R 0.0.0.0:10521:10.0.0.1:1521 user@10.0.0.1 #Remote port 1521 accessible in port 10521 from everywhere
Port2hostnet (proxychains)

Local Port --> Compromised host(SSH) --> Wherever

ssh -f -N -D <attacker_port> <username>@<ip_compromised>

#pentest #security #infosec #bugbounty
Read 13 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!