Maxime Thiebaut @0xThiebaut
308 Permanent Redirect Location: https://t.co/xKLuDM5iDl 🇧🇪🕊🇺🇦 thiebaut.dev @[email protected] Joined January 2019-
Tweets93
-
Followers713
-
Following147
-
Likes757
On September 29th, 2025, Broadcom disclosed a local privilege escalation vulnerability, CVE-2025-41244, impacting VMware’s guest service discovery features. NVISO has identified zero-day exploitation in the wild beginning mid-October 2024. All details - blog.nviso.eu/2025/09/29/you…
Holy shit @DarthNull darthnull.org/noisestorms/
New blog post! Title: Hunting Chromium Notifications | By @0xThiebaut (Maxime Thiebaut) Link: wp.me/p84lDr-4sj #ThreatHunting #Phishing #Chromium #Chrome #Edge #Forensics
New blog post! Title: MEGAsync Forensics and Intrusion Attribution | By @0xThiebaut (Maxime Thiebaut) Link: wp.me/p84lDr-4FS #Forensics #MEGAsync #LockBit #Python #Statecache
Respectfully, your proposal does break encryption. I am happy to spend as much time as you need reviewing in as much detail as you are comfortable with exactly how it breaks encryption, and why this is so dangerous.
Respectfully, your proposal does break encryption. I am happy to spend as much time as you need reviewing in as much detail as you are comfortable with exactly how it breaks encryption, and why this is so dangerous.
ScriptBlock Smuggling is a new technique, developed by @_Hubbl3 & @Cx01N_ that allows that allows for the spoofing of PowerShell security logs & bypasses AMSI without the need for reflection or memory patching. Learn all about in our new blog post! bc-security.org/scriptblock-sm…
Tune in now!
We're closing out today's #ransomwareSummit w/ @_pete_0 & @0xThiebaut exploring the evolving landscape of #ransomware tactics and strategies, providing actionable insights for bolstering #cybersecurity defenses. Register Free to Join / Access Recordings: sans.org/u/1soB
At #RansomwareSummit, @_pete_0 & @0xThiebaut will explore the evolving landscape of #Ransomware tactics and strategies, providing actionable insights for bolstering #Cybersecurity defenses. Register for Free Live Online: sans.org/u/1soB
New blog post! Title: Covert TLS n-day backdoors: SparkCockpit & SparkTar | by NVISO Incident Response Link: wp.me/p84lDr-4w7 #Forensics #ReverseEngineering #CVE #Ivanti #PulseSecure
From ScreenConnect to Hive Ransomware in 61 hours ➡️Initial Access: ScreenConnect ➡️Defense Evasion: BITS Jobs, Embedded Payloads ➡️Lateral Movement: Impacket, RDP, SMB ➡️C2: ScreenConnect, Atera, Splashtop, Cobalt Strike, Metasploit ➡️Exfil: Rclone thedfirreport.com/2023/09/25/fro… 1/X
@JAMESWT_MHT Awesome article, and here is the tool that came with it put together by @0xThiebaut: github.com/0xThiebaut/PCA… Works like a charm; I used it more than once 🙂
IcedID & Qakbot's VNC Backdoors: Dark Cat, Anubis & Keyhole blog.nviso.eu/2023/03/20/ice…
Got the account locked because of DMCA. 🤦♂️ Forget to screenshot the step after the first screenshot, but anyway, it did not include which tweet got reported and by who, should check emails it said. So going to check now...
A Truly Graceful Wipe Out ➡️Initial Access: Email > TDS > Truebot download ➡️Credentials: LSASS & Registry Dump ➡️Persistence: Scheduled Task ➡️C2: Truebot, FlawedGrace, Cobalt Strike ➡️Exfiltration: FlawedGrace ➡️Impact: MBR Killer thedfirreport.com/2023/06/12/a-t… 1/X
A new report will be out June 12th by @Kostastsale, @svch0st & @0xThiebaut! This report will have a few things we haven't covered before, you won't want to miss it! Want to receive an email when we publish the report? Subscribe below thedfirreport.com/subscribe/
@malwrhunterteam @ShadowChasing1 @h2jazi maybe that someone was @0xThiebaut
🔎 IcedID’s VNC Backdoors: Dark Cat, Anubis & Keyhole A summary of #VNC #backdoor capabilities @0xThiebaut reconstructed from network traffic. 👀 Screenshots, videos and clipboard data at blog.nviso.eu/2023/03/20/ice… #Malware #PCAP #Reversing
A few weeks ago Microsoft released #CVE_2022_41120, a “Microsoft Windows #Sysmon Elevation of Privilege Vulnerability” reported by @filip_dragovic . With the #vulnerability and original #PoC released, I can now share the first time I #diff'ed a patch. thiebaut.dev/articles/diffi…
A few weeks ago Microsoft released #CVE_2022_41120, a “Microsoft Windows #Sysmon Elevation of Privilege Vulnerability” reported by @filip_dragovic . With the #vulnerability and original #PoC released, I can now share the first time I #diff'ed a patch. thiebaut.dev/articles/diffi…
https://t.co/f74ECyon45
Florian Roth ⚡️ @cyb3rops
208K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
NVISO Labs @NVISO_Labs
4K Followers 373 Following NVISO Labs is the research arm of @NVISOSecurity, focused on infosec research. This is where our lab rats share the results! 🐀
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows and Devices | Interested in Security, Debugging, and Windows Internals.
Alexander Sinno @SinnoAlexander
671 Followers 765 Following 🌐 Cyber Security | 🇱🇧 🇬🇷 Ο Ελληνολιβανέζος | Γεννήθηκα στη Μασατσούσεττς. Living in Holland 🇳🇱
Kostas @Kostastsale
18K Followers 367 Following @TheDFIRReport | No longer active here – find me on Bluesky: https://t.co/qHzDSxCRfG. 🇬🇷🇨🇦
Olaf Hartong @olafhartong
17K Followers 967 Following @FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model
Jean @Jean_Maes_1994
12K Followers 1K Following @sansoffensive Certified instructor/SEC565 author/SEC699 co author
Alexandre Dulaunoy @a... @adulau
8K Followers 7K Following Enjoy when humans are using machines in unexpected ways. I break stuff and I do stuff. @[email protected]
M0r31r4 @m0r71r4
2 Followers 316 Following
Dick Svensson @xj220
323 Followers 2K Following A techguy from Sweden. Messing both with BSD/Linux and plenty of MS software.
Abdul Majeed @abdulmajeedx96
31 Followers 1K Following
CyberPumpkin @Cyb3rPumpkin
18 Followers 163 Following
Reena Pathak @RPat26
0 Followers 840 Following
Dexter @dextercasey
300 Followers 244 Following
Stefano @St78865642
0 Followers 23 Following
Lis21 @Lispen123
41 Followers 191 Following
Badr Eddine Boukari @P3dr0_s3c
2 Followers 44 Following
Cyber Ghost @CyberGhost13337
290 Followers 1K Following Hacker - Reverse Engineer - Malware Analyst - PWN lover https://t.co/f0z8MFOf9E
timlake @timlake252160
0 Followers 2K Following
1337ice_cream @1337ice_cream
68 Followers 312 Following Your Favorite Researcher's Favorite Researcher
lynchan @lynchan79
55 Followers 3K Following
Abolfazl Hayati @HayatiAbolfazl
7 Followers 534 Following و تو چه میدانی، شاید تقدیرت بهتر از آرزویت باشد…
Alpanama @Alpanama
50 Followers 963 Following
Cyber_nerd @Benjamin15469
98 Followers 1K Following Security + Pentesting + Web + Mobile + Network + Cloud + Ai + RE + IR
maT @maTsalgad0
15 Followers 273 Following Just another cyber warrior on a mission to battle black hat sorcerers in the digital realm.
babyfaceA @onlyavxo
169 Followers 421 Following
TechWizNet (❖,❖) @TechW1zNet
627 Followers 2K Following On the path to becoming a cybersecurity expert. Currently building skills in penetration testing and auditing smart contracts.
Gheorghiu Alexandru @GheorghiuAlex7
0 Followers 38 Following
test domain @User2Micro
719 Followers 4K Following
cl0ak_th3_r3ap3r @ghostin43
18 Followers 469 Following
Lontz @lontze7
1K Followers 428 Following Threat Intel Researcher. Opinions are mine. Special thanks to @censysio , @ValidinLLC & @ReversingLabs for making my research easier.
Vinod More @vinodm41
100 Followers 2K Following Cybersecurity Engineer | Security Operations | Cloud Security | https://t.co/Du9g2IyoUb : 300+
v5iix @v5iix_
2 Followers 141 Following
Kopper Ngounou @ngounoukopper
600 Followers 2K Following Co-Founder @mboactf 🇨🇲 | Beta #MLSA | Tech & Cybersecurity🛡️ Lover😍| Certified AZ-SC-900 | Cloud ☁️ Enthusiast | CTF Payer⛳
fathallah @FathallahBlh
1 Followers 245 Following
Deivison Mendes @psideivison
27 Followers 398 Following Acadêmico de Cybersecurity / Coordenador de BlueTeam / Psicologo / Threat intelligence Research / Mentor de cybersecurity
James Ibrahim @JamesIb54140322
68 Followers 3K Following
McSortue @McSortue280
99 Followers 3K Following
Marcin Marczewski @martinezku
214 Followers 2K Following CBCP, vCISO, black swans foreseer, business & cyber resilience architect, @resiliapl CEO, @KozminskiUni CyberSec postgraduate studies lecturer
ac@t:~# @iAngelus
182 Followers 3K Following Scio me nihil scire. #ThreatIntel/#CTI now; was #IncidentResponse/#IR. Humanities (AB Φ, Comm) grad, ex-seminarian (λόγος). Impostor Syndrome ∞. Opinions∴mine.
Vxshellew @vxshellew
554 Followers 4K Following
Boğaç @bogackayaa
34 Followers 410 Following
Gz.hk🇭🇰 @garyvgroup
7K Followers 1K Following cooking: @megafun2025 Web3浪没人管|Web3Fund @Dao_Trust VP | Growth @Coinank_com / Web3 Buidler & Marketing & Education
Meruem @Meruem49839142
165 Followers 8K Following
vx-underground @vxunderground
380K Followers 294 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Ivan Kwiatkowski @JusticeRage
11K Followers 75 Following Security @Meta. Maintainer of Manalyze, Gepetto, and writer. Trolling on a purely personal capacity.
NVISO Labs @NVISO_Labs
4K Followers 373 Following NVISO Labs is the research arm of @NVISOSecurity, focused on infosec research. This is where our lab rats share the results! 🐀
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows and Devices | Interested in Security, Debugging, and Windows Internals.
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Alexander Sinno @SinnoAlexander
671 Followers 765 Following 🌐 Cyber Security | 🇱🇧 🇬🇷 Ο Ελληνολιβανέζος | Γεννήθηκα στη Μασατσούσεττς. Living in Holland 🇳🇱
NVISO @NVISOsecurity
3K Followers 57 Following NVISO is a European cyber security start-up. Key focus includes Incident Response, Penetration Testing, Cyber Strategy & Awareness, and R&D (@NVISO_Labs)
Kostas @Kostastsale
18K Followers 367 Following @TheDFIRReport | No longer active here – find me on Bluesky: https://t.co/qHzDSxCRfG. 🇬🇷🇨🇦
hasherezade @hasherezade
89K Followers 911 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
4n6lady @4n6lady
62K Followers 669 Following #DFIR & #BlueTeam | IR & Threat Detection | #OSINT enthusiast | waiting for HL3 | AWS CIRT - my views are my own
MalwareHunterTeam @malwrhunterteam
245K Followers 38 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
The DFIR Report @TheDFIRReport
63K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion. Services: https://t.co/XW613EKt2w
Olaf Hartong @olafhartong
17K Followers 967 Following @FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model
Jean @Jean_Maes_1994
12K Followers 1K Following @sansoffensive Certified instructor/SEC565 author/SEC699 co author
0verfl0w @0verfl0w_
16K Followers 256 Following Malware Reverse Engineer & Malware Analysis Course Author | RE @ Unit 42
Alexandre Dulaunoy @a... @adulau
8K Followers 7K Following Enjoy when humans are using machines in unexpected ways. I break stuff and I do stuff. @[email protected]
Devon Kerr @_devonkerr_
8K Followers 725 Following Director of Threat Research and @ElasticSecLabs team lead; custodian of secret histories. Posts are my own.
Jonathan Bar Or (JBO)... @yo_yo_yo_jbo
4K Followers 1K Following Hacker, security research architect for @Microsoft Defender. Member of @thegooniesctf. Linux, Windows, Android, MacOS, iOS, ChromeOS, bare metal. 日本語オーケーです👌
PIVOTcon @pivot_con
941 Followers 277 Following Threat Research Conference in Europe - Malaga, Spain - 6-8 May 2026. #StayTuned #ComingSoon #PIVOTcon #PIVOTcon25
Fox_threatintel @banthisguy9349
15K Followers 266 Following Just a person who is against cyber crime and dictators like Putin
Sergey Lozhkin @61ack1ynx
2K Followers 478 Following Head of Global Research and Analysis Team(GReAT) - Asia Pacific, Middle East Turkey and Africa
MetallicHack @MetallicHack
841 Followers 384 Following 🇨🇵 Cybersecurity engineer enjoying Windows & AD security, DFIR and detection engineering @TheDFIRReport analyst
shenetworks @shenetworks
72K Followers 844 Following a menace • hacker • shenetworks @ TikTok & YouTube & Twitch. Co-Host of @breakingthepod. New episodes biweekly.
TracketPacer @TracketPacer
59K Followers 399 Following 🚀 rockit network engineer | 👩🏼💻🛜 weird use cases & silly tech | wire gremlinry
malware_traffic @malware_traffic
2K Followers 0 Following
Cthulhu ( ;,;) @Cthulhu_Answers
16K Followers 6K Following ( ;,;) 🌮 🐙 Amateur Astrobiologist, Gravitic Propulsion Engineer, Eldritch Historian, Antifa Commander, Defcon TentacleOps. #CoT
Zach @svch0st
4K Followers 1K Following Everything DFIR @TheDFIRReport | @CuratedIntel | @XintraOrg https://t.co/ggakuKBS0S
Tornado @0xtornado
3K Followers 542 Following Incident Responder & @TheDFIRReport Member • Hunting and dissecting smart creatures called malware, doing forensics between whiles…
Miixxedup @Miixxedup
405 Followers 546 Following CTI at @Mandiant | Analyst at @TheDFIRReport | Security Intelligence, Automation and Innovation | Sourdough baker noob but a connoisseur anyway.
Alessandro Di Carlo @samaritan_o
2K Followers 1K Following Sr. Product Manager, XDR @Malwarebytes ThreatDown - @TheDFIRReport Analyst - 3x @SANSInstitute Lethal Forensicator - GCFA - GASF / Opinions Are My Own
𝙽𝙴𝚃𝚁𝙴�... @netresec
9K Followers 832 Following Experts in Network Forensics and Network Security Monitoring. Creators of #NetworkMiner, #CapLoader, #PacketCache, #PolarProxy and #RawCap.
Team Cymru Threat Res... @teamcymru_S2
5K Followers 92 Following Follow us for the latest blogs and IOCs from Team Cymru Threat Research A part of @teamcymru
Wiebe Willems @wiebe_willems
156 Followers 523 Following 🇧🇪 Ethical Hacker | Security Researcher @NVISOsecurity | Thoughts are my own.
Felix @felixw3000
2K Followers 499 Following 👨💻 Engineer, passionate about IT security 🔬 Daytime: Researcher @SophosXOps 🧪 Nightime: write-ups on experiments @ https://t.co/JD9nTOciQE 🙋 Opinions are my own
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
Daan Raman @ramandaan
45 Followers 202 Following
St0pp3r @_st0pp3r_
229 Followers 265 Following Detection Engineering · Threat Hunting · Incident Response
Andrea Allievi @aall86
5K Followers 372 Following Currently Senior Windows Core OS Engineer, Windows Internals Enthusiast and Book author, tennis lover, currently working for MS. Opinions and tweets are my own.
SwiftOnSecurity @SwiftOnSecurity
406K Followers 9K Following computer security person. former helpdesk.
Rick and Morty @RickandMorty
2.5M Followers 203 Following Watch Rick and Morty on @adultswim and @streamonmax
GitHub Security @GitHubSecurity
14K Followers 90 Following The @github Security team. 🚨 Report vulnerability: https://t.co/wTLhTm60PQ. Security Research: @GHSecurityLab. We're hiring!
Microsoft DART @MicrosoftDART
2K Followers 3 Following We are the Microsoft Detection and Response Team. All things #DFIR #IncidentResponse
Pierre-Alain Mouy @pamouy
11 Followers 38 Following
mr.d0x @mrd0x
45K Followers 299 Following Security researcher | Co-founder https://t.co/QxBlzp9A8w | https://t.co/zqMXQRZjQN | https://t.co/Fq7WSqTBva | https://t.co/eKezFcO6nd
Gal Z @0xgalz
6K Followers 433 Following Security Researcher. Reverse Engineering 💙 Vulnerability Research 💜 Embedded 🤖 C++🤩 OS Internals 🤍 Sewing🧵 Classical Music🎼 Opinions are my own.
Ariel Jungheit @ArielJT
1K Followers 214 Following Life under the sea was so much easier | Threat Research @harfanglab | Maker | Tweets are my own
Lawrence Abrams @LawrenceAbrams
18K Followers 837 Following Ransomware, Online Security, and Malware. Owner, Editor in Chief of @bleepincomputer. DM on Signal: LawrenceA.11 * https://t.co/LXVRoICs8Z
out of context brookl... @nocontxt99
384K Followers 20 Following if i die, turn my tweets into a book @nocontxtcloud9 @spidermannwh
Ido Veltzman @Idov31
4K Followers 33 Following I'm a security researcher who uses this platform to share my projects and research. Opinions are my own. https://t.co/UiWgKq40sV
Tommy M (TheAnalyst) @ffforward
14K Followers 195 Following Threat Researcher @proofpoint | @Cryptolaemus1
R136a1 @TheEnergyStory
4K Followers 211 Following Malware reverse engineer, threat hunter, tool developer
John Lambert @JohnLaTwC
43K Followers 803 Following Corporate Vice President, Security Fellow, Microsoft Security Research, johnla(AT)https://t.co/3dGtq71Nby
Jeremy Dallman @jdallman
1K Followers 154 Following Microsoft Threat Intelligence. Mostly promoting work stuff & smart security people. Obsessed with good coffee & scotch. Opinions my own.
Simeon @simandsec
2K Followers 1K Following Threat Intel @Microsoft Threat Intelligence. @HowardU and @Cambridge_Uni alum. Founder @kc7cyber. Sometimes says things that make sense. Views are my own.
Ned Moran @moranned
2K Followers 402 Following Professor. Consultant. Analyst. Technologist. Security Geek. Privacy Advocate. Runner. Couch Potato.
Mark Parsons @markpars0ns
2K Followers 829 Following Threat Analyst @ Microsoft - mostly tweet about astrophotography and occasional some work. Tweets are my ownTrends for United States
You might like
