ZeroBS_GmbH @zero_B_S
Information and data security. Leader in DDoS-Testing and Assessments in DACH/EU-Region. Full Spectrum Neuland 2.0 #DFIR #OSINT #DDOS #Cyberien zero.bs Kiel, Germany Joined April 2017-
Tweets2K
-
Followers679
-
Following238
-
Likes2K
Microsoft issues emergency fix for HTTP/2 Bomb affecting IIS: msrc.microsoft.com/update-guide/e…
A few days ago, we tested the HTTP/2 bomb attack on F5 BigIP (see comment for credits) By default, the system is not vulnerable, but it can be attacked if you increase the number of headers and h2-streams to the max. community.f5.com/kb/communityar…
@calif_io just released a new attack-vector against HTTP/2, and we put it into test: this_is_fine_meme.jpg blog.kybervandals.com/one-http-2-bom…
credits and bigup to Daniel Wulf from F5 Community community.f5.com/users/daniel_w…
A few days ago, we tested the HTTP/2 bomb attack on F5 BigIP (see comment for credits) By default, the system is not vulnerable, but it can be attacked if you increase the number of headers and h2-streams to the max. community.f5.com/kb/communityar…
🚀Introducing SO-CRATES 1.0 — Security Onion Containerized Rapid Analysis of Threats, Evil, and Sus! SO-CRATES is a single container image for analyzing pcap files, log files, and binary files. It was formerly known as OhMyPCAP. Here's what you can do with SO-CRATES: ✅analyze pcap files and then review Suricata alerts, metadata, and extracted files ✅import log files and then review Sigma alerts and the original log entries ✅import binary files and then review YARA matches and file metadata All of this runs in a single Docker/Podman container — perfect for air-gapped environments, malware analysis, incident response, threat hunting, forensics & teaching. Who’s trying it out? Drop a ❤️ and reply with your main use case! #DFIR #Cybersecurity #BlueTeam #ThreatHunting #Suricata #YARA #Sigma @Suricata_IDS @lennyzeltser @chrissanders88 @sansforensics @TomLawrenceTech
We'd love to be proven wrong here. As a red team, few things are more exciting than a reliable nginx RCE. For some context: we discovered at least two nginx 0-days and successfully weaponized one into a full RCE, bypassing ASLR with no external dependencies. We were thrilled, until we realized both bugs appear to require highly unusual nginx configs that we've yet to encounter in the wild. That's why we built ngxray: github.com/califio/ngxray. After analyzing 35,000+ nginx configurations from GitHub, we found exactly one instance vulnerable to nginx-rift, in an abandoned project. We found none vulnerable to nginx-poolslip. Users should absolutely patch. But from a red team perspective, these exploits have been worthless. We've never encountered a target where they'd have been useful. If anyone has evidence that these configs are common in real-world deployments, we'd like to see it. Everybody wants their five minutes of Twitter fame. That's fine. But extraordinary claims still require extraordinary evidence.
@y198_nt Very nice blog! You think the conclusion from Calif regarding vulnerable configs is incorrect? (blog.calif.io/p/needle-in-a-…)
The world’s largest residential proxy network runs on consent, TLS and vibes. The TV is always watching and apparently it is also available for contract work in surveillance or data acquisition? Bright Data sells access to a residential proxy network, the kind customers use to route requests through real home IP addresses instead of datacenter IPs that Cloudflare, DataDome and HUMAN are trained to block. The supply comes from an SDK embedded in consumer apps. So: CTV games, messengers, mobile apps and screensavers. With consent somewhere upstream, the device becomes an exit node. The TV is perfect for this job. It is plugged in, on WiFi, often unattended and barely supervised. It also asks for consent through a privacy policy and a remote-control UI, which is one way to make “informed choice” look like an endurance sport. One config flag tells the SDK to ignore whether the screen is on. Another tells it to ignore whether the user is on a call. In this economy, watching TV counts as downtime. blog.includesecurity.com/2026/06/the-sm…
Sovereignty Is Engineered, Not Procured #opensource #europe #palantir #cybersecurity foo.be/2026/06/Sovere…
For 19 years, GPS satellites have secretly broadcast a “numbers station” in their public signals. We decoded 12M messages: a 2011 flash where 31 of 32 satellites flipped in hours, “ghost” substrings repeating years apart, and a “TEXT” prefix spreading now. lsc-pagepro.mydigitalpublication.com/publication/?i…
@calif_io tyvm for that excellent writeup and pocs. we put it into use and it is working like charme blog.kybervandals.com/one-http-2-bom…
Autschn x.com/calif_io/statu…
Introducing HTTP/2 Bomb: a remote DoS in nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora. A single client pins 32GB of server memory in 10s. Found by Codex. Blog post: blog.calif.io/p/codex-discov… PoCs: github.com/califio/public…
Testing Post Quantum Crypto (PQC) Implementations blog.kybervandals.com/testing-post-q… #ddos
As promised, here is paper part 2 of 2 attacking Azure Front Door issues for various bugs. Smuggling Through the Front Door... Achieving 0-Click XSS with Cache Poisoning malicious.group/smuggling-thro…
The OG of cyber investigations, @briankrebs, just published a follow-up to our investigation into the Stark Industries hosting network. His piece adds new detail, including MIRhosting’s first official response. In his May 2024 deep-dive, Krebs first put Stark Industries on the map. We built on his work, and two years later, with last week’s arrests by Dutch authorities, the Stark saga is moving into new territory: what happens to the many companies across Europe that hosted the thinly disguised, rebranded Stark? Our original investigation (in English): volkskrant.nl/binnenland/how… Brian’s piece: krebsonsecurity.com/2026/05/nether…
Dutch authorities have arrested two men and seized over 800 servers in a major crackdown on infrastructure used to support Russian-linked cyberattacks, influence operations, and disinformation in Europe. The operation targeted the persons behind MIRhosting and WorkTitans BV / the[.]hosting, who took over hosting assets from the EU-sanctioned Stark Industries Solutions network after earlier sanctions on its previous operators (PQHosting / Neculiti brothers). Read the full story behind the takedown in this article by @moltke : How a consultant and a concert pianist from the Netherlands aided pro-Russian hackers" volkskrant.nl/binnenland/how… There is also a Story about it by @briankrebs Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks krebsonsecurity.com/2026/05/nether… volkskrant.nl/binnenland/how… #ddos #takedown #noname057
In our "A Silent Shift: The Return of Server-Based Botnets" - report we examine the resurgence of server-based attacker botnets, explain what they are, and discuss why they can pose a threat to established defense mechanisms. blog.kybervandals.com/a-silent-shift…
More new TLD insights on Radar! New TLD nameserver performance widgets on TLD detail pages - aggregate p25/p50/p75 latency and per-nameserver median latency from Cloudflare servers over time. Example: radar.cloudflare.com/tlds/kr#tld-ns…
Florian Roth ⚡️ @cyb3rops
221K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
mRr3b00t @UK_Daniel_Card
123K Followers 8K Following Department of Cyber WAR. Member of the Counter Spider Collective. Wielder of AI to defend in Cyber Space. Ralph Vibe Specialist. VibeOps Operator!
test domain @User2Micro
704 Followers 5K Following
godv @oo1GODV1oo
6 Followers 422 Following
Poornendra s @SPoornendra
31 Followers 96 Following Cybersecurity Enthusiast | Next Goal = Pentester | CEH | Tryhackme top 2% .| Still a beginner.....
Johann Rehberger @wunderwuzzi23
10K Followers 617 Following Hacking neural networks so that we don’t get stuck in the matrix. Builder and Breaker. Opinions are my own. https://t.co/ij8buvMaXg
CalebHammerClipsHub @CHammerClips
0 Followers 25 Following Money mistakes exposed 💸 Savage finance moments 🔥 Clips from Caleb Hammer Fan account
Max @BaconFenix
12 Followers 109 Following
Markus Schmall @flakedev
69 Followers 151 Following Former developer of AMIGA antivirus, security guy
Vikram Vashisth @vashisth_vikram
40 Followers 314 Following Empowering holistic Identity: Securing digital assets with cutting edge solutions | Cloud Security Engineer and Penetration Tester | Advocate for secure code
KALASHINIKOV @OBLEMOND
30 Followers 728 Following
Jamie Sternlicht @ddosattackinfo
0 Followers 17 Following
Persou @Persou430
5 Followers 509 Following
Uxiouguip @Uxiouguip89882
17 Followers 923 Following
Ouslawvqou @Ouslawvqou845
8 Followers 510 Following
Hams Shaud @HamsShaud
63 Followers 241 Following
我要去晒太阳 @Break47961154
200 Followers 3K Following CTFer| 区块链安全 | web|链上追踪|hunter| Mixer Analysis 烦恼终究是一种暮气,是一种病态
Sinuo @SmothoughxbM95
40 Followers 777 Following Girls who love to laugh will never have bad luck. I also hope to meet my prince charming.
BulBi! @bulbi59
1K Followers 6K Following L'#économiecirculaire et la #durabilité. Les #associations en passant par le #logement, le #handicap , les #bouchonsdamour. La #tech avec un esprit curieux.
Abid Gul Shahid @abidgulshahid
8 Followers 543 Following Co-Founder building a @SportonaApp Bug Bounty Hunter @Hacker0x01 Sharing: security, dev life & real lessons DMs open 🚀
remy🐀 @_mattata
7K Followers 3K Following Dad, Vulnerability Research, Packet connoisseur. He/Him. Cyber Security Architect, DM's open. Top percentage Rattata. #cve #infosec #cybersecurity
Munch @munchdenis
256 Followers 4K Following Amateur de musique live. Colombes, France. https://t.co/ZQW3oMbi7D Olympia O'Gs member - Riff Hurlant
Ruby Harris @RubyHarris16922
2 Followers 125 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/YeqS8espUq
星曜 @jingxie48465348
27 Followers 2K Following
Amelia Doval @doval15163
113 Followers 2K Following Youtube. Analista https://t.co/g8zQcxQatq News 67, Aliesky Rguez. Escritora
LinKanX @LinKanX0
188 Followers 2K Following Security Researcher | Bug Bounty Hunter at Hackerone & BugCrowd
jiale cheng @jialecheng54128
0 Followers 11 Following
4p0hk @4p0hk
49 Followers 595 Following teaching machines to hack | gxpn + cnvp | dc33 | lead offsec engineer
Eknath Iyer @eknath
244 Followers 3K Following Security @stripe. personal opinions only. Activity here doesn't reflect opinion of my employer.
Edmond Dantès @WhenOnKStreet
2K Followers 5K Following red team, web app security, archaeology, cats. him/he/y'all. fuck putin. free Palestine. 21st century digital boy. ANTI- FASCIST. staying curious. #FuckCancer
fadz @daf_nalz
2 Followers 7K Following
Walirceg @Walirceg6401
35 Followers 2K Following
SOS Intelligence @SOSIntel
20K Followers 2K Following Dark Web Intelligence. We find what's been stolen before it's weaponised. https://t.co/aQgEdlJVPl
Serenity Lebsack @LebsackSer20474
21 Followers 417 Following
Tautel @Tautela2Zj
45 Followers 773 Following 3 years of HR experience, focused on employee training and capability development, supporting team growth.
Doug Madory (also on ... @DougMadory
10K Followers 928 Following Director of Internet Analysis at @Kentikinc. Alum of @dynresearch @renesys @uva @dartmouth @usairforce
HackScale @_hackscale_
242 Followers 724 Following Everything related to cyber security and ethical hacking.
Look at my homepage @cole_meyer43343
21 Followers 3K Following Virtual currency game platform, deposit and get 50% bonus, recruit agents to earn 100,000 USDT per month, contact us https://t.co/j3jdAz4niL
zAj @ajeic_
146 Followers 6K Following
Lionhive @LionhiveLLC
96 Followers 1K Following Consulting Organizations on Growth and Efficiencies in an ever changing World.
Florian Roth ⚡️ @cyb3rops
221K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
mRr3b00t @UK_Daniel_Card
123K Followers 8K Following Department of Cyber WAR. Member of the Counter Spider Collective. Wielder of AI to defend in Cyber Space. Ralph Vibe Specialist. VibeOps Operator!
Nuclei by ProjectDisc... @pdnuclei
38K Followers 183 Following Nuclei uses a vast templating library to scan applications, cloud infrastructure, and networks to find and remediate vulnerabilities.
Julien | MrTuxracer �... @MrTuxracer
39K Followers 443 Following Founder of @rcesecurity | #BugBounty | @Hacker0x01 MVH && H1-Elite | $1,5+ Mio in Bounties | Mobile Hacker | @[email protected]
briankrebs @briankrebs
331K Followers 2K Following Independent investigative journalist. Author of 'Spam Nation,' a NYT bestseller. Former Washington Post reporter. Mastodon: https://t.co/fTKNavlMwp
Shodan @shodanhq
112K Followers 2 Following Monitor your external network, search the Internet of Things and perform empirical market research. You can also find us on https://t.co/nPLFbFy8R5
Jack Rhysider 🏴... @JackRhysider
171K Followers 4K Following Creator of @DarknetDiaries. Tell me a good hacker story. 💻🔦⤵️🐰🕳️ Discord: https://t.co/qxanMuJ5X2
The DFIR Report @TheDFIRReport
67K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion
Christopher Peacock @SecurePeacock
7K Followers 2K Following #PurpleTeam | Ex @RaytheonTech MSSP, @SCYTHE_IO, & @GD_OTS | Taught at BlackHat & DEFCON | #100DaysofSigma | Keep exploring, keep learning, and stay curious
Simone Margaritelli @evilsocket
48K Followers 2K Following Music, cybersecurity, open source and AI • Author of bettercap, pwnagotchi, opensnitch, bleah, legba and a few other things. Chief Architect @ 🥷
Calif @calif_io
5K Followers 30 Following We're https://t.co/KTEDnC2VUV. Join us to make the Internet safer for your mum and everyone else: https://t.co/eUFMLkW9t2.
Lenny Zeltser @lennyzeltser
50K Followers 2K Following Builder of security products and programs. Teacher of those who run them.
Phil Venables @philvenables
14K Followers 590 Following All about cyber, resilience, risk, AI - at scale. Partner - Ballistic Ventures / 4 x CISO / Board Director / Chief Risk Officer
Mathy Vanhoef @vanhoefm
14K Followers 2K Following Prof. @KU_Leuven | Ex-Postdoc NYU | Network Security & Crypto | FragAttacks & KRACK | https://t.co/cFWyCYRZyH
Johann Rehberger @wunderwuzzi23
10K Followers 617 Following Hacking neural networks so that we don’t get stuck in the matrix. Builder and Breaker. Opinions are my own. https://t.co/ij8buvMaXg
Keymous + @KeymousTeam
831 Followers 30 Following Keymous official account We are north african hackers Free Palestine
Akamai Security Intel... @akamai_research
26K Followers 108 Following All security research, all the time. Bringing you the latest insights from @Akamai’s research teams across the globe.
dalmoz @dalmoz_
4K Followers 1K Following Product Security @island_io. Tinkerer, Hacker, Public Speaker; @ShabbatCon Co-Founder. Alignment: Lawful-Gray. Ex: Apiiro, Akamai, Verint Opinions are my own.
Ryan Barnett (B0N3) @ryancbarnett
6K Followers 477 Following Web App Defender | Bug Hunter/Triager | Purple Team | Detection Engineering | Author | Senior Threat Research Manager @Akamai_research | OWASP Project Leader ✝️
FalconFeeds.io @FalconFeedsio
69K Followers 871 Following Threat intelligence platform - Data from Deep Web, Dark Web, Open Web || For data API integration : [email protected] Democratizing Cyber Security.
Dane Knecht 🦭 @dok2001
40K Followers 2K Following I help invent the future. CTO @cloudflare. Angel investor.
SOS Intelligence @SOSIntel
20K Followers 2K Following Dark Web Intelligence. We find what's been stolen before it's weaponised. https://t.co/aQgEdlJVPl
Peter Kaloroumakis @netfl0
623 Followers 618 Following @MITREcorp - #D3FEND creator/lead. Opinions my own. 🇺🇸🇬🇷Opa! (only deploys on Fridays)
Koen Van Impe ☕ @cudeso
4K Followers 2K Following Freelancer. CSIRT. Incident Response. Threat Intelligence. Security, IDS, Linux, OpenBSD, Honeypots, Jazz, Literature, Modern Art. https://t.co/D9bkiv10Sy
Ivan at Wallarm / API... @d0znpp
7K Followers 1K Following SSRF bible author; Bug Hunter (Google/Facebook/Twitter/Yandex/Tesla); Masters in Physics, MSU / quantum magnetism; CEO at @Wallarm
NetGesucht @NetGesucht
5 Followers 8 Following Our mission is simple: boosting productivity and efficiency.
THOR APT Scanner @thor_scanner
2K Followers 1 Following A full featured YARA and IOC scanner to automise compromise assessments
ʞʞıdɐɔoɥƆ @Chocapikk_
4K Followers 315 Following Security Researcher & Exploit Developer @VulnCheckAI
NSA Cyber @NSACyber
156K Followers 12 Following We protect our nation’s most sensitive systems against cyber threats. Likes, retweets, and follows ≠ endorsement.
𝐒𝐍_𝐁𝐋𝐀... @Sn_darkmeta
3K Followers 0 Following 𝐖𝐞 𝐜𝐚𝐧 𝐬𝐞𝐞 𝐞𝐯𝐞𝐫𝐲𝐭𝐡𝐢𝐧𝐠 #𝐃𝐚𝐫𝐤𝐦𝐞𝐭𝐚 #𝐁𝐥𝐚𝐜𝐤𝐦𝐞𝐭𝐚 #𝐃𝐚𝐫𝐤𝐮𝐧𝐢𝐭𝐲 Telegram 𝖼𝗁𝖺𝗇𝗇𝖾𝗅: https://t.co/oj9sZ01tMo
Microsoft 365 Status @MSFT365Status
306K Followers 4 Following The official @Microsoft account for updates on certain @Microsoft365 service incidents. Get push notifications on our admin app: https://t.co/pGaOsdAblF.
SpaceWeatherLive @_SpaceWeather_
126K Followers 60 Following SpaceWeatherLive is a multilingual website and app dedicated to aurora & space weather. This account provides automated alerts and occasional handwritten tweets
Open Source Security ... @oss_security
5K Followers 9 Following @Openwall oss-security mailing list thread summaries, currently maintained by @solardiz. Originally setup and maintained as an automated feed by @eugeneteo.
Alexandre Dulaunoy @a... @adulau
8K Followers 7K Following Enjoy when humans are using machines in unexpected ways. I break stuff and I do stuff. @[email protected]
Sébastien Mériot @smeriot
869 Followers 319 Following Head of CSIRT @OVHcloud trying to make the Internet a better place. Now on Bluesky: smeriot
Marc Rogers @marcwrogers
16K Followers 1K Following Ramblings of Mad Englishman: Hacker @ BBC Real Hustle & Mr Robot. Head of Sec @ DEFCON. Founder @ CTI-League, Ransomware Taskforce, (He/Him).
d3d aka dead (dead, �... @deadvolvo
5K Followers 194 Following Senior Security Researcher @Akamai_Research - Malicious Group - DoD researcher of the year 2022 - Top 10 web attacks 2023 - CRTO - MSRC Top 75 in Q1-Q3 2025
@onyphe.io @onyphe
2K Followers 122 Following Provider of Attack Surface Discovery (ASD), Attack Surface Management (ASM) and CTI solutions. Scanning at Internet-scale since 2017 - contact at onyphe dot io
CyberKnow @Cyberknow20
37K Followers 3K Following Situational Awareness | Threat Intelligence | cybertracker | Hacktivism | Meme Farmer Digital Owl of the Cyber Realm Posts and Opinions are my own
BGP.Tools @bgptools
4K Followers 1 Following It's like a real-time global BGP looking glass that doesn't hate you! You can also pay us to tell you when stuff changes! Tweets by: @[email protected]
Doug Madory (also on ... @DougMadory
10K Followers 928 Following Director of Internet Analysis at @Kentikinc. Alum of @dynresearch @renesys @uva @dartmouth @usairforce
Qrator Labs @Qrator_Labs
528 Followers 64 Following DDoS Attacks Mitigation and Continuous Availability
CloudSecurityPodcast @CloudSecPodcast
4K Followers 487 Following Cloud Security Podcast by Google hosted by @anton_chuvakin and @_TimPeacock - see more at https://t.co/xYsgwSz1ff
Erik Johansson @tackochgodnatt
11K Followers 339 Following Photographer/artist from Sweden, enjoying life between Sweden and Prague. Fine Art Prints & books on web: https://t.co/SnXakmS6PQ. Keep it surreal 🇺🇦
_cybervandals @_cybervandals
36 Followers 27 Following CyberVandals / Weapons of Mass Disruption - a book about modern DDoS-Warfare/Attacks, by zeroBS #ddos #cybervandals
(p,n) @geenensp
673 Followers 243 Following | Tweets and views are my own | SKS PGP 0xed0ce83bcb657663fa5bab8e5cf262ef21a755c4 |
Henrik Moltke @moltke
9K Followers 884 Following Tech oracle, occasional investigative reporter. Recovering surfer & cyclist.
CVE Trends @CVEtrends
8K Followers 0 Following Monitor trending CVEs in real-time; crowdsourced intel sourced from Twitter, NIST NVD, Reddit, and GitHub. Run by @SimonByte
Buitengebieden @buitengebieden
2.9M Followers 78 Following The official positive side of 𝕏. I’m Sander from the Netherlands. All copyrights belong to their respective owners! DM for credits/removal/submission!
Desiree Sacher @d3sre
2K Followers 601 Following cyber defense architect, dc4131 alumni, FIRST BoD member, curious geek driven by the urge to understand thingsTrends for United States
You might like
