Builder, Breaker, Fixer, Mentor, Friend | Security Researcher / OSCE / OSCP / CISSP #InfoSec #Python Creator of #RapidRepoPull Member of @NovaHackers
Joined May 2010
- Tweets 10,240
- Following 953
- Followers 596
- Likes 8,943
66 Photos and videos
Pinned Tweet
11 Aug 2019
Leaving Defcon today with the best news! Our team “Walmart_Greeters” came in 1st place !!! At the @Recon_InfoSec #OpenSoc challenge! I had the honor of working with the best and brightest team mates @BrianWanner @Mike_Ortlieb @DFIRnoob and @_stevo . Thanks so much @Recon_InfoSec!
7
9
41
Talal Balouch retweeted
Apr 28
Great read
Apr 27
🚨BREAKING: Two researchers from UPenn and Boston University just published a paper that should be uncomfortable reading for every CEO automating their workforce right now.
The argument is straightforward. Every company replacing workers with AI is also eliminating its own future customers. Laid off workers stop spending. Enough of them stop spending and nobody can afford to buy anything. The companies that fired everyone end up selling into an economy with no purchasing power left.
Every executive can see this. The math is not complicated. But here is why nobody stops.
If you do not automate, your competitor does. They cut costs, lower prices, take your market share, and you collapse anyway. So every company automates knowing it is collectively destructive because the alternative is dying alone while everyone else survives. The researchers proved this is a Prisoner's Dilemma playing out in real time.
The numbers are already moving. Block cut nearly half its 10,000 employees this year. Jack Dorsey said AI made those roles unnecessary and that within the next year the majority of companies will reach the same conclusion. Salesforce replaced 4,000 customer support agents with AI. Goldman Sachs deployed a coding tool that lets one engineer do the work of five. Over 100,000 tech workers were laid off in 2025 and AI was cited as the primary driver in more than half those cases. 80% of US workers hold jobs with tasks susceptible to AI automation.
The researchers tested every proposed solution. Universal basic income does not change a single company's incentive to automate. Capital income taxes adjust profit levels but not the per-task decision to replace a human. Collective bargaining cannot hold because automating is always the dominant strategy.
They also identified what they call a Red Queen effect. Better AI does not solve the problem, it accelerates it. Every company chases faster automation to gain market share over rivals but at the end everyone has automated equally, the gains cancel out, and the only thing left is more destroyed demand.
The one thing the math says could work is a Pigouvian automation tax. A per-task charge that forces companies to account for the demand they destroy each time they replace a worker.
The conclusion is that this is not a transfer of wealth from workers to owners. Both sides lose. Workers lose income. Companies lose customers. It is a deadweight loss with no market mechanism to stop it on its own.
(Link in the comment)
16
23
144
65,777
Talal Balouch retweeted
Jan 9
Loki RS is alive 🐍⚡
- High performance YARA & IOC scanner
- Multi-threaded
- Process memory & filesystem scanning
- ZIP scanning
- TUI
- New YARA-X
- IOCs from signature-base YARA Forge
- HTML report
- Remote logging
- JSONL / Syslog output
Personal lab for scanner UX/perf experiments - if it breaks, it breaks; that’s part of the deal
github.com/Neo23x0/Loki-RS
8
87
494
56,360
Talal Balouch retweeted
2026 is here—time to refresh that toolkit!
Atomic Red Team:
Atomic Red Team Hands on Getting Started Guide - youtube.com/watch?v=O6w0oFcC…
Why? Exactly are you not using Atomic Red Team? - youtube.com/watch?v=VTkRkgBj…
DeepBlueCLI
DeepBlueCLI - Tactical IR - youtube.com/watch?v=Gk9dRT0t…
Threat Hunting Toolkit
Looking for Needles in Needlestacks w/ Threat Hunting Toolkit - youtube.com/watch?v=q7ai6P-c…
Bloodhound:
A Blue Team's Perspective on Red Team Hack Tools - youtube.com/watch?v=0mIN2OU5…
RITA:
RITA - Finding Bad Things on Your Network Using Free and Open Source Tools - youtube.com/watch?v=mpCBOQSj…
Zeek:
Introduction to Zeek Log Analysis w/ Troy Wojewoda - youtube.com/watch?v=a2Cp6VYQ…
Wireshark:
Getting started with Wireshark - John Strand - youtube.com/watch?v=KYnbfYCk…
Search Engine:
How to Design and Execute Social Engineering Calls w/ John Malone - youtube.com/watch?v=v8HzQ0yc…
1
57
243
11,127
I recently discovered a super cool website inspection tool called Web-Check. It has a strong hacker vibe.
It lets you inspect almost everything about a website: IP details, SSL, DNS records, cookies, domain info, crawler rules, server location, redirect history, open ports, traceroute, DNSSEC, site performance, associated hostnames, and more.
web-check.xyz
117
1,066
9,297
548,492
Talal Balouch retweeted
3 Dec 2025
Last week our CISO asked me to present on “zero trust architecture.”
I don’t know what that means.
I make $340,000 a year.
I haven’t touched a firewall since Obama’s first term.
But I have a CISSP.
I passed by memorizing acronyms.
I still don’t know what half of them stand for.
I opened my presentation with “assume breach.”
Everyone nodded gravely.
I said “defense in depth” three times.
The board was captivated.
Then a junior analyst raised her hand.
She asked how we’d implement microsegmentation.
I felt a cold sweat.
I said, “Great question. Let’s take that offline.”
She persisted.
I said we should “leverage AI-driven solutions.”
She asked which ones.
I said, “The cloud-native ones.”
She looked confused.
I told her confusion was natural.
I said, “Security is a journey, not a destination.”
The CEO started clapping.
I don’t know why.
But others joined in.
The analyst stopped asking questions.
I ended with “security is everyone’s responsibility.”
This meant it was no one’s responsibility.
Especially not mine.
We got breached two weeks later.
I blamed the analyst for “creating a culture of doubt.”
She got put on a PIP.
I got promoted to VP.
Resilience isn’t about preventing failure.
It’s about surviving it.
Preferably while others don’t.
190
699
6,100
465,558
Talal Balouch retweeted
24 Nov 2025
Tracking down a rogue Windows service for webshell persistence -- just a teeny weeny PowerShell HTTP server wrapped with NSSM, showcased with Wazuh and their sweet new 4.14 release with visibility on IT hygiene 😎 Video: youtu.be/7Gn1GY5CIxg
4
59
377
44,654
Talal Balouch retweeted
23 Nov 2025
Someone going by "wwwiesel" on GitHub picked up @securitymeta_’s tradition this year and dropped a full list of #BlackFriday deals in the #InfoSec space
Online Courses & Training
- 8kSec Academy
- AI Security Professional Course
- Altered Security
- Belkasoft
- Blu Raven Academy
- Career Hacking Quest
- CloudBreach
- Cyber Plumber's Lab
- CyberWarFare Labs
- DevSecOps Pro
- DNS for Developers
- Evilginx Mastery
- Hack The Box Pro Labs
- HackSmarter
- HackTricks Training
- Hexordia
- Invictus IR Academy
- Invictus CloudLabs
- LetsDefend
- Mobile Hacking Lab
- OffSec Learn One
- OPSWAT Academy
- Pluralsight
- Practical DevSecOps
- Practical TLS
- http://pwn[.]guide
- CyberNow (SOC Analyst)
- TCM Academy
- TheXero
- Vantage Point / Enciphers
- White Knight Labs
- WiFiChallenge Academy
- ZeroPoint Security
Exams
- The SecOps Group
Mini Courses
- SecDim
Books
- The CloudSec Engineer
Hardware
- Hak5
- KSEC Labs
Professional Services
- Wortell
Tools
- Burp Bounty Pro
- Burp Bounty Go
- FullStro
- Grammarly Pro
- PortDroid
- Proton Mail / VPN / Pass / Drive
- HTTP Toolkit
- http://SEOengine[.]ai
- SubtitleBee
- WebsiteVoice
Services
- Grayhat Warfare
- AirVPN
- CyberGhost VPN
- Proton (second listing in file)
- NordVPN
- Tuta Mail
- InMotion Hosting
- IPVanish VPN
Misc
- Neato Stickers
URL: github.com/wwwiesel/InfoSec-…
9
123
561
65,753
Talal Balouch retweeted
12 Nov 2025
i too was struck by the mass yubikey x calamity
19
9
163
34,648
Talal Balouch retweeted
2 Sep 2025
Thanks to the awesome work by our team we can finally announce our official urlscan cli tool: urlscan.io/blog/2025/09/02/c… - Submit scans, run searches, find domains, get creative. Feel free to share your use-cases with us on X! Download on Github or homebrew.
7
101
340
28,712
Talal Balouch retweeted
15 Aug 2025
For the life of me I can never remember the registry tweaks to avoid TPM checks when installing Win11 in a VM. I finally took note of the `reg add` commands to just copy and paste into the Shift F10 terminal.
reg add "HKLM\SYSTEM\Setup\LabConfig" /f
reg add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f
reg add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f
reg add "HKLM\SYSTEM\Setup\LabConfig" /v BypassRAMCheck /t REG_DWORD /d 1 /f
reg add "HKLM\SYSTEM\Setup\LabConfig" /v BypassCPUCheck /t REG_DWORD /d 1 /f
reg add "HKLM\SYSTEM\Setup\LabConfig" /v BypassStorageCheck /t REG_DWORD /d 1 /f
55
239
2,024
175,827
Talal Balouch retweeted
19 Mar 2025
At the time of our research, the malicious payload contained a PowerShell script that looks like a ransomware in development. Encrypting files live in a folder called "testShiba" located on the user's desktop and display a ransom message: "Your files have been encrypted. Pay 1 ShibaCoin to ShibaWallet to recover them." Interestingly, the author did not provide a wallet address in this version of the payload, but it is possible that there were other versions of the payload.
1
2
19
6,481
Talal Balouch retweeted
19 Mar 2025
⚠️🧵 RL researchers have found 2 malicious #VSCode extensions, "ahban.shiba" & "ahban.cychelloworld," that deliver #ransomware in development to it's users.
4
38
127
27,210
Talal Balouch retweeted
9 Dec 2024
Linux Network Management Command-Line Interface crash course
2
83
538
30,377
Talal Balouch retweeted
28 Nov 2024
A great picture to understand Linux File Permissions. 🐧↓
9
189
1,173
86,538
Talal Balouch retweeted
28 Nov 2024
Linux file permissions crash course
3
336
2,676
219,912
Talal Balouch retweeted
27 Nov 2024
Bash scripting crash course
21
730
6,327
897,823
Talal Balouch retweeted
27 Nov 2024
Bash scripting loops crash course
4
245
2,154
183,451
Talal Balouch retweeted
23 Sep 2024
Ghostwriter 4.3 is now live! 👻
Check out @cmaddalena's latest blog post to get the scoop on updates & new features such as refreshed SSO and a new JSON field type.
Read the post for more ⤵️ ghst.ly/4gDc6KO
5
19
2,582