Twitter is more than just a social networking tool for people to tweet about their private life... publicly. At Rapid7, we've had plenty of success getting interesting security information just by monitoring Twitter, and sometimes the stuff we see is actually way better than other resources we use. If you're obsessed with 0days like me, or just the latest information in general, then here are some really good examples why Twitter is a fantastic tool for security enthusiasts:




So really, what's the trick to picking up critical information like that quickly? Simple -- search for the right keywords, follow the right people.
Save these search results!
- 0day / 0-day: Believe it or not, we really pick up vulnerabilities exploited in the wild just by staring at this search. Sometimes I find this more effective than searching C0000005 on Google (which is the exception code for access violation, often meaning a possibly exploitable crash... and people post about their crashes all the time in order to get help).
- #Metasploit / Metasploit: Any Metasploit-related information (announcements, updates, tricks, technical information, etc) can be picked up this way on Twitter.
- proof of concept / exploit / vulnerability: Similar to the 0day / 0-day keywords, except these ones also tend to pick up more unrelated tweets.
- When there's a new CVE that receives lots of public attention, you should setup a search for it, too.
If you like vulnerability research and/or exploit development, then you should follow these people:
- Rapid7: @rapid7, @hdmoore, @metasploit, @chris_kirsch, @botherder, @_sinn3r, @_juan_vazquez_, @todb, @egyp7, @TheLightCosine, @HeadlessZeke, @stdlib, @BrandonPrry, @ThreatAgent
- Other security researchers that will blow your mind: @ExodusIntel, @aaronportnoy, @WTFuzz, @daveaitel, @net__ninja, @nicowaisman, @sagar38, @MarkWuergler, @WanderingGlitch, @cBekrar, @_eosyop_, @TaPiOn, @sbekrar, @jgrusko, @_frego_, @n_joly, @jduck1337, @eromang, @binjo, @armitagehacker, @mubix, @carnal0wnage, @corelanc0d3r, @jcran, @bannedit0, @BenHayak, @ChrisJohnRiley, @scriptjunkie1, @exploitdb, @packet_storm, @XploitSweatshop, @mikko, @SCADAhacker, @zashraf1337, @xanda, @0xcharlie, @ochsff, @Agarri_FR, @rattle1337, @Ivanlef0u, @mdowd, @Dinosn, @mihi42, @aszy, @EdiStrosar, @hustlelabs, @r3dy__, @kernelpool, @j00ru, @i0n1c, @s7ephen, @nudehaberdasher, @attackresearch, @alexsotirov, @dguido, @taviso, @fjserna, etc.
Soc Monkey: Your all-in-one source for security trends on Twitter
Soc Monkey is an iPhone application created by Rapid7. It uses a smarter algorithm to automatically collect the latest security news on Twitter, and then all that goes to your phone. This is perfect for those who just don't have the time to manually monitoring what goes on on Twitter. Soc Monkey is available on your iPhone's "App Store". Or, you can see it from here.