Tom Van de Wiele

7.3K posts

Tom Van de Wiele banner
Tom Van de Wiele

Tom Van de Wiele

@0xtosh

Offensive R&D Lead • Hacker • Advisor • Speaker Founder Hacker Minded https://t.co/vUexQ0rpvQ | https://t.co/rMzYCRJQn0

Copenhagen, Denmark Katılım Mayıs 2010
695 Takip Edilen2.8K Takipçiler
Tom Van de Wiele
Tom Van de Wiele@0xtosh·
Seems a LiDAR scan is in progress over Sjælland, Denmark. Probably to measure elevation for flood calculation if it is indeed the Danish Agency for Data Supply and Infrastructure. The LiDAR scans have an accuracy of 5-10 cm.
Tom Van de Wiele tweet media
English
0
0
1
171
Tom Van de Wiele retweetledi
Brendan Dolan-Gavitt
Brendan Dolan-Gavitt@moyix·
I agree with folks this who say that this year will be an absolute deluge of CVEs found with AI. But I also worry that it will reveal the limits of the "we'll just fuzz out all the bugs" mindset
English
5
12
59
10.1K
Tom Van de Wiele retweetledi
Matthew Green
Matthew Green@matthew_d_green·
I would liken Tor to putting on Sauron's ring. The wearer is invisible to ordinary beings, like Men, but highly visible to the Nazgûl.
English
28
893
1.7K
0
Tom Van de Wiele retweetledi
gabsmashh
gabsmashh@gabsmashh·
a SIEM is not a dumping ground for every log your company generates. if your strategy is “ingest everything so we don’t miss anything,” you have built a data lake instead and your analysts are going to drown in it (pun intended).
English
76
131
1.2K
56.9K
Tom Van de Wiele retweetledi
rcegan
rcegan@rcegann·
Honeypots don't need an expensive product either. Thinkst Canarytokens are largely free and can be integrated into your SIEM with webhooks in minutes. What's even cheaper is deploying infra into your environment and setting up detection rules to see if they're ever touched. This is dead easy and looks great on pentest reports.
solst/ICE of Astarte@IceSolst

The most cost effective control to catch attackers are honeypots, here is how. Attacker behavior is predictable: - scan an internal network, go towards lucrative targets - cat ~/.ssh/id_rsa (and other spicy files) - try api keys you’ve found - look for credit cards in Google Drive You can setup fake infra or api keys or gdocs. Whenever anyone interacts with them, you get alerted with indicators of the source of the interaction. It also demoralizes the attackers once they realize it’s a honeypot. AI pentesting is automated large-scale pentests. Attackers will leverage this to attack at wider scales. One of the best controls that scales really well, is honeypots. In a good setup, it is indistinguishable from a real asset, so almost guaranteed to trigger.

English
0
2
36
3K
@mikko
@mikko@mikko·
@Laughing_Mantis Indeed. And the Starlink antennas are easy to spot on the drones.
@mikko tweet media
English
2
1
21
4.3K
@mikko
@mikko@mikko·
LUCAS drones used by the U.S. in strikes against Iran. The United States has for the first time employed one-way attack drones in combat. They resemble Iran’s Shahed-136 and Russia’s Geran-2 drones and cost $40,000 each. They feature SpaceX Starlink terminals and fly at 120 mph.
@mikko tweet media@mikko tweet media
English
18
78
437
102K
Smukx.E
Smukx.E@5mukx·
Hehe ... C2 Facility Soon ....
Smukx.E tweet media
Filipino
3
5
104
4.6K
Tom Van de Wiele retweetledi
DHH
DHH@dhh·
The EU Chat Control proposal would be a catastrophe for Europe. It would seal Europeans behind a new digital Berlin wall, cut off from Signal and other e2e messengers. It's embarrassing and dangerous that it's gotten this close already. Time to bail to back to sanity.
Signal@signalapp

We are alarmed by reports that Germany is on the verge of a catastrophic about-face, reversing its longstanding and principled opposition to the EU’s Chat Control proposal which, if passed, could spell the end of the right to privacy in Europe. signal.org/blog/pdfs/germ…

English
180
1.2K
7.5K
325.6K
Tom Van de Wiele retweetledi
Proton
Proton@ProtonPrivacy·
"We need to break with the completely erroneous perception that it is everyone's civil liberty to communicate via encrypted messaging services" - @PHummelgaard, 🇩🇰 Minister of Justice Remember: Under chat control, EU politicians would be exempt from being spied on, unlike you.
Proton tweet media
English
136
556
2.3K
119.6K
Tom Van de Wiele retweetledi
Matthew Green
Matthew Green@matthew_d_green·
Something is rotten in Denmark. @chatcontrol/115204439983078498" target="_blank" rel="nofollow noopener">mastodon.social/@chatcontrol/1…
Matthew Green tweet media
English
8
38
94
13.8K
Falco Girgis
Falco Girgis@falco_girgis·
Whelp, Esppiral has stepped up and has finally brought the Sega Dreamcast a port of the Simpson's Hit and Run... Wait WTF? Is that Miami?! Okay, fine! He's worked his voodoo to bring us another epic mod for the DC... Welcome to Vice City, Homer Simpson! Be sure to follow him on YT for more Sega Dreamcast homebrew modding black magic: @esppiral" target="_blank" rel="nofollow noopener">youtube.com/@esppiral
English
19
58
470
19.5K
Tom Van de Wiele retweetledi
Het Mehta
Het Mehta@hetmehtaa·
Stop wasting time on CTF challenges. Learn Docker security, EDR evasion, network segmentation, SAML/OAuth flows, WAF configuration, and how to debug production incidents. You'll be 10x more hireable than someone who rooted 500 vulnerable VMs.
English
47
131
1.2K
166.5K
Tom Van de Wiele
Tom Van de Wiele@0xtosh·
@GeminiApp When will Gemini Pro 2.5 be usable in VS Code for >500 lines? Coding with Gemini atm is mainly trying to avoid "this response was truncated because it exceeded the maximum allowable output" where other assistants read code in blocks and work fine.
English
0
0
0
28
Tom Van de Wiele
Tom Van de Wiele@0xtosh·
Hacker chique LoRa pager, of course sold out already. But makes me want to make my own LoRa mesh chat device using meshtastic or a similar stack. hackerpager.net
English
0
0
0
254
Tom Van de Wiele retweetledi
Justin Elze
Justin Elze@HackingLZ·
Justin Elze tweet media
ZXX
9
19
122
11.7K

Keşfet

@mikko @Laughing_Mantis @5mukx @PHummelgaard @falco_girgis @elonmusk @BarackObama @taylorswift13