Profile picture
, 4 tweets, 4 min read
My Authors
Read all threads
📚tl;dr sec 19
* @shehackspurple & @j_opdenakker on getting into security
* Google's BeyondProd & code provenance (thx @MayaKaczorowski)
* Cloud, API, and file access bug security tools

... and I've got something big planned next week, stay tuned 🤫

tldrsec.com/blog/tldr-sec-…
Static analysis tools to find security issues in:

🌎Terraform scripts:
* github.com/liamg/tfsec
* github.com/bridgecrewio/c…
* github.com/cesar-rodrigue…

☁️CloudFormation templates:
* github.com/Skyscanner/cfr…
* github.com/stelligent/cfn…
Other #security tools:

Docker container that wraps 7 other #AWS security tools:
github.com/z0ph/aws-secur…

Automatic API attack tool that takes API specs as input:
github.com/imperva/automa…

Finding file access bugs:
github.com/google/path-au…
If you found this info useful 👍

and your New Year's Resolution is to keep up with the latest and greatest in #security 🎆

you should check out the tl;dr sec newsletter 📚

(and at $0, it's way cheaper than a gym membership 💪)

tldrsec.com
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Clint Gibler

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related hashtags

#security #AWS

Related threads

Profile picture
Jonathan Caras
@madcapslaugh
1/ oh gosh, please forgive me, @mhass33 and I just started writing this [THREAD] and now its gotten out of control....
@mhass33 2/ Over a year ago I began professionally following Ethereum. I made lots of friends, saw how valuable community is. Traveled the world, tinkered with my own dApps, analysed countless projects for token economics. I thought it would be good to publish my notes. Brace yourself
@mhass33 3/ Ethereum gets a bad rap in the crypto market today, its much more fun to hate it then appreciate what has been built and what can be built
coindesk.com/scam-or-iterat…
Read 139 tweets
Profile picture
Michael McKenzie
@SegaJunkie
To celebrate the impending 10th anniversary of @GamesDoneQuick , I've taken the liberty of compiling a list of 100 of the best runs showcased throughout its history. I'll be adding one run to this thread every day until the 1st of January, which marks ten years to the day.
Some caveats:
* No, these aren't literally the best 100 runs. How do you even measure that? But they're all runs I think leave their impact on the event's history.
* Obviously I haven't picked any of my own runs - but there are some I commentated on, and felt privileged to do so.
* I've got at least one run in here from all 20 live events to date - CGDQ, all 9 editions of AGDQ and SGDQ, and last year's GDQx. No JRDQ or HRDQ, sorry!

Also I won't be adding anything from the upcoming GDQx, which is this weekend, but you obviously should watch that anyway!
Read 691 tweets
Profile picture
Paul Furber
@paul_furber
"I realized that they were going to not only tamper with the elections, but use that tampering with the elections to essentially overthrow the United States."

Stick a fork in #Google, it's done.

projectveritas.com/2019/08/14/goo…

#treason
#Antitrust
#Google has no problem with using the white supremacist capitalist patriarchy to intimidate whistleblowers:

"the police .. started banging on my door .. They called in the FBI, they called in the SWAT team. And they called in a bomb squad.”

#Antitrust
#treason
Insider Zachary Vorhies also said "he sent those documents to the Department of Justice Antitrust Division."

Oops.

#Antitrust
#Treason
Read 7 tweets
Profile picture
Guillaume 🛡 | Infosec 💻
@Guillaume_Lpl
Thread updated of my infograhics : To make things more convenient and to help beginners in #infosec , I decided to regroup my #infographics with this tweet ! #Cybersecurity #Startups #IoT #ITsecurity #Security #tools
Some good tools useful in Infosec : by @Guillaume_Lpl #infosec #cybersecurity #Infographic
Some good tools for Mobile APP Security Testing : by @Guillaume_Lpl #infosec #cybersecurity #Infographic
Read 13 tweets
Profile picture
foone
@Foone
no one has ever tried to save an image and gone "oh, it's a .webp!" and had that be an excited, positive emotion.
also I suspect there's a dark conspiracy among some sites (like gawker and wikia) to convert images to webp just to make them harder to repost elsewhere
what's the first thing everyone wants to know when they get a webp?
it's apparently "what is this?"
but "how the fuck to I turn this into a jpeg" is only very shortly behind it
Read 28 tweets
Profile picture
Lea Coligado
@leacoligado
1/ 2 years ago, a couple months after joining #Google, I first noticed him. A white man in his 50s who must have toe-tally mistaken the Google bus for his personal Tinder because he was using it to hit on multiple Asian women. @googlewalkout
@GoogleWalkout 2/ I had just settled in for the long ride. I remember watching him board the bus, bee-line for the seat right next to mine, then stare at my feet like it was his job for Three. Whole. Hours.
3/ I thought, There’s no way this dude’s been staring at my feet this long! But an adherent to rigorous testing, I moved my foot to gauge his reaction, and his whole goddamn head moved with it.
Read 19 tweets

Trending hashtags

#ChroniclesOfTheCodingCurmudgeon #learning #AsItShouldBe #BourdainDay #iPhone #HandMarkedPaperBallots #China #UIDAImystery #automation #NetNeutrality #rehypothecation #medieval #HR3351 #programming #Wyoming #SEC #archives #ColorOfSurveillance #inspiration #poll #QualifiedCustodians #code #WednesdayWisdom #SaveNetNeutrality #ampconf
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!