Twitter | Search | |
Stephen Sims
Perpetual Information Security Student | SANS Fellow | Musician | Braggart Hater
1,575
Tweets
505
Following
6,347
Followers
Tweets
Stephen Sims retweeted
Davin Jackson 🕵🏿‍♂️ Aug 10
APIs are more popular. Unfortunately, so will the number of breaches due to API attacks. According to Gartner, by 2022, APIs will become the most frequent attack vector. In this talk, we'll explore the Top 10
Reply Retweet Like
Stephen Sims retweeted
Ilfak Guilfanov Aug 5
I watched a few of these videos, they look good, dynamic and up to the point!
Reply Retweet Like
Stephen Sims retweeted
Davin Jackson 🕵🏿‍♂️ Aug 4
Ten Books to Start Your Penetration Testing Journey
Reply Retweet Like
Stephen Sims Jul 30
Great score, congratulations!!
Reply Retweet Like
Stephen Sims Jul 28
!!!
Reply Retweet Like
Stephen Sims Jul 28
Replying to @indiecom
Reply Retweet Like
Stephen Sims Jul 24
Replying to @katawia @hassan_hadary
If you take it Live Online you will get 4 months of access to the training sessions.
Reply Retweet Like
Stephen Sims Jul 24
Excited about this course from . He's been rewarded bounties from several vendors you may have heard of such as Google, Apple, Facebook, Twitter, PayPal, eBay, Etsy, AT&T, Gift Cisco Meraki, and Groupon. 🙂 It's running on 21 & 22-Sep at $1,400!
Reply Retweet Like
Stephen Sims Jul 23
Replying to @SANSInstitute @htejeda
This is a fun section written by
Reply Retweet Like
Stephen Sims retweeted
SANS Institute Jul 23
In this FREE demo of our only 700-level course, SEC760: Advanced Exploit Development for Penetration Testers, spend ~2 hours w/ exploring advanced Linux exploitation and learn tools of the trade including Pwntools, PEDA, GEF, HeapME, & more >
Reply Retweet Like
Stephen Sims Jul 21
Last pen test I did that included R & S had an avg uptime of 3+ years on the dc core devices at over 10 sites. 5 days of focus on network devices sounds like a fun holiday. Let’s do it!
Reply Retweet Like
Stephen Sims Jul 21
Always good to get perspective. TBF, I did name the course “Advanced Penetration Testing and Exploit Writing” to clear up any confusion. 😊 Training is a BIG and personal decision with all of the courses available and my biggest concern os to give people what they are paying for.
Reply Retweet Like
Stephen Sims Jul 21
I'm the lead author of gxpn/660 and 760 at SANS. It's not an unpopular opinion, but easy to explain. IMHO sr/adv pen testers should be able to mod an exploit to comp for DEP/ASLR/etc. Understand what the tools are doing. The focus in GXPN is not to write 0days, that's in 760.
Reply Retweet Like
Stephen Sims retweeted
Saar Amar Jul 20
Happy to share that and I just published a new research paper that analyzes the effort of enabling SMAP for NTOS: We'd love to discuss && hear other perspectives :)
Reply Retweet Like
Stephen Sims Jul 17
Replying to @pwnEIP @SANSInstitute
Looking forward to it!
Reply Retweet Like
Stephen Sims retweeted
SANS Pen Test Jul 16
New bug bounty course from is now in beta! This intensive 2-day course breaks down real-life examples while learning how to craft unconventional attack techniques for pursuing & disclosing bug bounties. View the event syllabus here:
Reply Retweet Like
Stephen Sims Jul 16
Another free opportunity to take advantage of!
Reply Retweet Like
Stephen Sims Jul 15
Replying to @matalaz
I was thinking that we are pretty lucky with how this was used considering the alternatives, like you say
Reply Retweet Like
Stephen Sims retweeted
Bryson Bort 🦄 survived @defcon @icsvillage Jul 15
If you missed it, Jorge presented on CVE-2020-1350 earlier.
Reply Retweet Like
Stephen Sims retweeted
SANS Pen Test Jul 14
Microsoft just released a patch for critical vuln , which allows an unauthed user to execute code with SYSTEM level privileges. Find out What You Need to Know About CVE-2020-1350 w/ Tomorrow 7/15, 12:00 PM EST Register here
Reply Retweet Like