@_notdodo_ profile picture
Edoardo Rosa @_notdodo_

Security Engineer: loving cloud, red teaming, automation and learning

Joined February 2013
  • Tweets 199
  • Following 204
  • Followers 161
36 Photos and videos
please watchout; this repo https://github].[com/TechDevNest[/]BTSwap is dropping #BeaverTail and #InvisibleFerret some IoCs: 216.173.115[.]200:1244 67.203.7[.]205:1244 45.59.163[.]55:1244 95.179.135[.]133:1244 node ~/.vscode/test.js python3 "~/.npl" @github @malwrhunterteam
4
3
11
2,254
virustotal.com/gui/file/0697…
1
181
Edoardo Rosa@_notdodo_
10 Feb 2025
Replying to @github @malwrhunterteam
virustotal.com/gui/file/1cd0…
1
202
Edoardo Rosa retweeted
Fabrizio Margotta@fam4r
18 Sep 2024
Ongoing spam campaign involving github repos. Domain github-scanner[.]com puts malicious content in users clipboard upon button click and requiring for Windows payload execution cc @malwrhunterteam
1
17
57
12,294
Edoardo Rosa retweeted
JAMESWT@JAMESWT_WT
19 Sep 2023
#Ursnif SMB 62.173.145.]113 [.]164 #Italy Change from exe To Vbs > Url > exe payload Samples bazaar.abuse.ch/browse/tag/6… Url http://serverlogins].com/pit.exe Run app.any.run/tasks/0f33d667-d… cc @felixw3000 @58_158_177_102 @fumik0_ @sugimu_sec @bry_campbell
JAMESWT@JAMESWT_WT
18 Sep 2023
Replying to @Tac_Mangusta @James_inthe_box @AgidCert @guelfoweb @reecdeep @executemalware @malwrhunterteam @VirITeXplorer
#Ursnif SMB 62.173.145.]113 #Italy Samples bazaar.abuse.ch/browse/tag/6… cc @58_158_177_102 @felixw3000 @fumik0_
14
34
8,590
Edoardo Rosa retweeted
Luca Bongiorni@CyberAntani
15 Aug 2023
Ok fellas... I am droppping a thread about all the cool #Hackers 🧑‍💻🥷stuff I have found around #Aliexpress... It will keep growing with the time! #HackerArsenal

ALT Spongebob Squarepants To Do List GIF

6
122
620
171,191
Edoardo Rosa retweeted
On Rugby@onrugby_it
27 May 2023
La squadra rinuncia alla finale per dare il suo sostegno onrugby.it/2023/05/27/la-fin…

Rugby - La finale del campionato Uisp non si disputerà: i Saviors Rugby Cesena sono impegnati a...

I Saviors Rugby Cesena rinunciano alla finale del campionato italiano Uisp per portare il loro aiuto dopo l'alluvione in Emilia Romagna

onrugby.it
1
6
440
Edoardo Rosa@_notdodo_
9 Dec 2022
If you don't know what to do with the Oracle cloud free tier instance here's an idea: github.com/notdodo/pulumi-k8… If not inspired at least you have a quick way to destroy and start again! #freetier #oracle #pulumi #k8s #k3s

GitHub - notdodo/pulumi-k8s-oracle: Provisioning of a Kubernetes cluster on Oracle Cloud FreeTier

Provisioning of a Kubernetes cluster on Oracle Cloud FreeTier - notdodo/pulumi-k8s-oracle

github.com
1
3
Edoardo Rosa retweeted
Bishop Fox
@bishopfox
26 Nov 2022
A #pentesting tool for your #hacking arsenal: Use nuvola to dump perform automatic & manual #security analysis on #AWS environments, configurations, and services via predefined, extensible and custom rules created w/ a simple #Yaml syntax. Try it today! bfx.social/3TUVYIm
2
8
Edoardo Rosa retweeted
Datadog, Inc.
@datadoghq
5 Oct 2022
We are proud to release Datadog's first security study: "The State of AWS Security - A Look Into Real-World AWS Environments" Read the report to learn about key mechanisms to secure AWS environments and how organizations worldwide are implementing them. dtdg.co/state-of-aws-cloud-s…

State of AWS Security | Datadog

We analyzed trends in the implementation of security best practices and took a closer look at various types of misconfigurations that contribute to the most common causes of security breaches.

datadoghq.com
25
64
Edoardo Rosa retweeted
Pierluigi Paganini - Security Affairs@securityaffairs
28 Sep 2022
#NUVOLA: the new #Cloud Security tool securityaffairs.co/wordpress… #securityaffairs #hacking

NUVOLA: the new Cloud Security tool

nuvola is the new open-source cloud security tool to address the privilege escalation in cloud environments.

securityaffairs.com
4
3
Edoardo Rosa@_notdodo_
26 Sep 2022
On nuvola's repository README (github.com/primait/nuvola) you can find all links for the #RomHackCamp #slides and #demos that you saw during the "You Shall Not PassRole!" talk
1
5
23
Best closing activity after #RomHackCamp 2022! @cybersaiyanIT
1
1
16
Round 2
2
7
Edoardo Rosa retweeted
Prima Engineering@Prima_Eng
24 Sep 2022
Today we're releasing nuvola 🌩️(github.com/primait/nuvola) during #RomHack camp. nuvola is a new born open-source tool to dump and perform automatic and manual security analysis on AWS environments, especially useful to find privilege escalation paths! #aws #redteam #security

GitHub - primait/nuvola

Contribute to primait/nuvola development by creating an account on GitHub.

github.com
7
16
Edoardo Rosa@_notdodo_
23 Sep 2022
#RomHack Camp has finally started! Thrilled to be here and have the fantastic opportunity to talk at the best security conference in Italy 🔥
2
15
Edoardo Rosa retweeted
Dirk-jan@_dirkjan
11 Aug 2022
Here's a demo of the MFA bypass, which I particularly love because it could all be done in the GUI, no need to do any lower level operations (original at dirkjanm.io/assets/raw/mfaov…)
0:45
3
49
148
Edoardo Rosa retweeted
WithSecure™@WithSecure
25 Jul 2022
It's cloudy today... and that’s a good thing. 

Our Global Cloud team has officially released our internal cloud security documentation to the world.

Check it out at secwiki.cloud 

And if you want to help make cloud security a bit clearer, please contribute 🌤🌤

Cloud Security Wiki | Cloud Security Wiki

A repository of all kinds of cloud security knowledge, curated by WithSecure's cloud security consulting team.

secwiki.cloud
2
26
43
Edoardo Rosa@_notdodo_
25 Jul 2022
Finally has arrived! AC remote cloned ✅ NFC cards decrypted ✅ Now what?
A Flippee Zero

ALT A Flippee Zero

1
6
TIL you can overwrite headers like x-forwarded-for from the client to a #AWS #lambda function URL to bypass stuff
1
3
3
Why should you expose a lambda via a function URL? Dunno 😂
Load more