Really excited to have been asked to speak at #BHUSA by Black Hat. I'll be going over how you can set up Social Media Phishing campaigns and demoing Social Attacker; a brand new, free, open source tool to automate the entire process on multiple sites blackhat.com/us-19/briefing…

Social Attacker is the first open-source, multi-site, automated social media phishing framework. It allows you to automate the phishing of users on a mass scale by handling the connecting & messaging of targets. Jacob Wilkin leads a demo at #BHUSA Arsenal ow.ly/ndS250uJ98x

Just released an update for Social Mapper (github.com/Greenwolf/soci…) upgrading it from Python2.7 to Python3. Also removed one of the social media sites, RIP Google Plus! Managed to make it before the deadline! #Python #PythonRetirement #Python3 #SocialMapper

The first episode of my new blog series 'Stories from the Shell', a look at some of the more interesting hacks of my penetration testing career! Username enumeration is a low risk issue right? medium.com/greenwolf-secu…

Really excited to present our new OSINT tool AttackSurfaceMapper tomorrow with @Mr_AndreasGeo. Come by Black Hat Arsenal booth 6 tomorrow at 13:00 to learn about how you can expand your attack surface on engagements. Find hard actionable data such as subd…lnkd.in/gSFK_FX

Today I'll be talking at BlackHat about Phishing on Social Media, and releasing my new open source tool Social Attacker, the first automated multi-site phishing framework for social media. medium.com/greenwolf-secu…

Congratulations to the #SEC660 winners at #SANSCopenhagen. Thank you everyone for a great week. If you’ve never been to Copenhagen I highly recommend it! ⁦@SANSPenTest⁩

Just finished and coined on the amazing SEC660 course taught by Tim Medin @timmedin.bsky.social 🇺🇦, he really brought the material to life! Would recommend Tim & the course to anyone wanting to improve their infrastructure attacks and exploit dev skills. #sansemea #sans

Big thanks to @geoffwhite247 and Jacob Wilkin for the primer on #facialrecognition Science Museum #smlates

AttackSurfaceMapper v2.0 encompasses multiple tools for performing reconnaissance and extracting intel. New features have been added, including Active Port Scanning and “SuperFast” mode. See Andreas 💻 & Jacob Wilkin demo it at #BHASIA ow.ly/PeDx30qed3P

Awesome automated JavaScript linger for Burp. Thanks for the shoutout to my blogpost and for the great tool Parsia Hakimian! Fantastic stuff!

I think Emirates is the best airline I’ve ever been on, 15 inch full 1080p entertainment, opulent decor, even the seats feel wider and it was the cheapest on Skyscanner. Wow 😮

AttackSurfaceMapper is a #BHASIA Arsenal tool that automates a large part of repetitive reconnaissance tasks. Andreas 💻 & Jacob Wilkin demo how it takes domains as input & analyzes them using passive and active reconnaissance techniques ow.ly/BGoP50yiL55

Taking the GXPN and SEC660 with @SANS was fantastic. I finally got around to writing up my experiences. Would you take it too? 👨‍🎓👨‍💻 medium.com/greenwolf-secu… Thanks Tim Medin @timmedin.bsky.social 🇺🇦 and Helen Griffith for an amazing event! @SANSPenTest SANS Institute, EMEA

Just pushed an update to my eslint configs for static JavaScript analysis (helps you find DOM XSS etc). I added support for inline JavaScript in html files so you can run on your /var/www folder or to validate libraries that are part of your site. github.com/Greenwolf/esli…

Check out "Shell Wars: Episode II - Attack of the Code {Review}", as I walk through a black turned white box security assessment, from unauthenticated through to RCE in a web application. medium.com/greenwolf-secu…

Thank you SANS Institute for the Tournament of champions! The Wonka Factory was great fun. Looking forward to my 4th place coin! Take all the hints <insert meme>😁

Some PoC exploits for the latest Gitlab Critical Security Patch. Auth Bypass: github.com/Greenwolf/CVE-… Stored XSS Account Takeover: github.com/Greenwolf/CVE-…

How you can learn to hack web3 (and protect millions of dollars):