This still hurts! Finding a good vulnerability is like raising a baby, you cannot help but have hope.

This is a risky tweet, but I signed up for Blue for the boost on my tweets. That being said, I didn't notice a huge boost in views but have enjoyed the "Top Articles". It was usually on point, but there is one that was questionable. Then saw who shared and laughed. Troy Hunt

The sheer glorification of working for extensive hours is so crazy. Can we actually like just tell each other that we are humans? Like sometimes...

Read this paper, This concept is so cool, Using CDN to cause DDOS. Can head godzilla loading up sounds.. usenix.org/conference/use…

Scored a Zero Day, after a simple code review, guess the vulnerability. #BugBounty #bugbountytips

My go to method is waybackurls, collect params and test. Few dutch government tshirts incoming hopefully. Still waiting on one for last 1.5 years.

Watching people tweet they bypassed a certain EDR is just cringe at this point. When you ask them what did they bypass, they dont know what. So let me take you back to school... Executing OpenSource tool is not a bypass. An EDR employs several mechanisms for detection. Getting a

You feel like crying? Try implementing sockets in C from scratch, i love my life.

In windows you can make exclusion paths defender never looks at, but you have to be an admin you DON'T have to be an admin to take a little sneak peak at what files/paths/extensions/process' that they themselves added as exclusions you can still use if you know where to look

Why this is true ?

We'll tell you a secret. Not very many people know this. Most malware development courses and papers cover the same material: process injection, persistence, basic anti-reverse engineering techniques, etc This doesn't scratch the surface of what malware or malware research is.

Bobby Cooke Florian Roth ⚡️ hasherezade Blue team todolist be like: 1. Dont share detection tools online 2. Dont want to improve knowledge on latest TTPs 3. Sell snake oil EDR for millions 4. Cant detect shit 5. Blame offsec tooling 6. Tweet red team helps threat actors 7. loop