Cyb3rsick

Let's cut the talk, my response to all the stupid messages, replies and threatening by people here on twitter. #OSCP #Tryharder

@inf0s3x @stokfredrik No, It's not an offense, Seriously I love this guy.

@cyb3rsick @stokfredrik is this a complement or an offense?🤔

You don't need to have a great technical skills to get invited to events or do interviews at Defcon or h1, You just need to be awesome with great social skills like @stokfredrik . Love you man ❤️ even if you're shitty at hacking ❤️❤️

This guy's writeups and findings deserve more attention than that. So stupid that people prefer to get stick with the idiots who just love showing off all the time, and not with the genuine researchers like him.

@lucio_89 Stupid doesn't mean I don't know the impact, But a big part of the exploitation depend on the user interaction who in 80% of cases will just ignore the password reset message

@cyb3rsick So stupid that leads to ATO as the URL always contains a token to keep going with the password reset flow. Not sure whether you or the company really realized the impact of this.

At password reset pages always try manipulating HOST header, you might get lucky and find that the password reset URL contain your own host instead of the original domain name. Just got easy 500$ for this stupid bug. #bugbountytip #Bugbounty #ItTakesACrowd

@hyperballadeyes @evan_pena2003 @Mandiant @FireEye If you have done Active directory pentest recently you wouldn't say so. Windows is far much better when it comes to such tasks.

Very proud to see the @Mandiant @FireEye #redteam release an Offensive VM for Windows. We've had #Kali around for awhile, but haven't seen a Windows VM until now: fireeye.com/blog/threat-re…

@CircleNinja @offsectraining What! It's just an innocent question 😇

@cyb3rsick @offsectraining bro what happened to you today? 🧐You seem to be in a real bad mood.

@offsectraining Are you considering updating #OSCE exam?🤔

How to get an asshole to block you in 10 seconds? Just expose how idiot he is to the world. Mission accomplished ✌️

@hossams01284251 @Yassineaboukir Helped all the community! Hell yeah. Sure, A cron job for a curl request to crt.sh totally require a shit load of codes. STOP FOOLING PEOPLE ASSHOLES

@cyb3rsick Useless ?? Haha it helped me many more and helped all comunity , check medium write-up befor posting ,and @Yassineaboukir helped us many more so if you consider this tool is an achivment so it's 1% from his achievements for hackers community !

And that's gentlemen how to code a useless shit and shout at the BB community to feel grateful about it.

And finally something deserve reading.

It's always great when your report is being handled by morons, WTF is the impact of such an interaction that worth 500$! it's usually a bot ping back or 3rd party ad service!

@Bitquark So you were expecting the max payment (50k) for a path traversal?! Are you for real?!

Just released #OSCP exam machine Adam's write up. cyb3rsick.com/2019/01/20/192…

@armaancrockroax People who cheat aren't seeking for knowledge, they just want a fancy looking CV and a better chance getting a job opportunity or a promotion even if they're not qualified. Blame the employers who're promoting people based on how many certificates they got!

I am not sure why people want to buy certificates or want to cheat. Offsec made courses to learn/upgrade your knowledge.

The funny part is, the author of the report is providing support + mentoring during the exam process, like if it's a real legitimate service. Am just wondering how is this happening with offensivesecurity monitoring stuff. #OSCE

Got a DM with a URL of an onion site selling OSCE detailed exam report, got a copy of the report and it's totally up to date with the current exam which haven't been changed long time ago I assume!!! #OSCE

OSCP exam machine unreal tournament writeup. cyb3rsick.com/2019/01/22/192…

Just released #OSCP exam machine "OFFENSIV-W2K3" writeup cyb3rsick.com/2019/01/22/192… #OSCP #Tryharder