Christian Schulz @CS217_
Bavaria, Germany Joined January 2019-
Tweets305
-
Followers84
-
Following2K
-
Likes5K
"On September 29th, 2025, Broadcom disclosed a local privilege escalation vulnerability, CVE-2025-41244, impacting VMware’s guest service discovery features. @NVISO_Labs has identified zero-day exploitation in the wild beginning mid-October 2024. The vulnerability impacts both…
🔒 Secure Bits 💡 Did you know 𝘆𝗼𝘂 𝗰𝗮𝗻 𝗵𝗶𝗱𝗲 𝗗𝗼𝗺𝗮𝗶𝗻 𝗔𝗱𝗺𝗶𝗻𝘀 from standard discovery—even from other admins? Active Directory is a “𝗿𝗲𝗮𝗱-𝗺𝗮𝗻𝘆” 𝗱𝗶𝗿𝗲𝗰𝘁𝗼𝗿𝘆 by design. But 𝗟𝗶𝘀𝘁 𝗢𝗯𝗷𝗲𝗰𝘁 𝗠𝗼𝗱𝗲 (𝗟𝗢𝗠) can change that. 🕵️♂️ Martin Handl…
Please stop using Private browser sessions for cloud admin accounts Look, we all know we shouldn't be using admin accounts while signed into our productivity account, but if you're gonna do it, at least use browser profiles so you can enforce compliance learn.microsoft.com/en-us/entra/id…
Interested in what real world Active Directory compromise looks like and how to prevent it? I wrote a deep dive on what we continually see when Active Directory gets owned. Hint: stop letting domain admins log onto all your endpoints Read here - techcommunity.microsoft.com/blog/microsoft…
PingCastle now highlights when no policy is in place to prevent scripting files (such as .js) from being executed via double-click. A simple but effective mitigation is to configure these files to open in Notepad instead. This disrupts many common first-stage infection chains.…
🔒 Secure Bits 💡 𝗛𝗼𝘄 𝘁𝗼 𝘁𝗿𝗮𝗰𝗸 𝗟𝗗𝗔𝗣 𝘀𝗶𝗴𝗻𝗶𝗻𝗴 𝗶𝗻 𝗔𝗰𝘁𝗶𝘃𝗲 𝗗𝗶𝗿𝗲𝗰𝘁𝗼𝗿𝘆 𝗯𝗲𝗳𝗼𝗿𝗲 𝗲𝗻𝗳𝗼𝗿𝗰𝗶𝗻𝗴 𝗶𝘁? When applying 𝘀𝘁𝗿𝗶𝗰𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗕𝗮𝘀𝗲𝗹𝗶𝗻𝗲𝘀, enforcing LDAP signing is a common (and critical) step. It disables weak…
Everyone who works in Microsoft Cloud, download this roadmap. Thank @merill and many others at Microsoft when you get a chance. This is the best work Microsoft has done for security, in my humble opinion. I used to be in the "Zero Trust is just an idea" camp. Microsoft has…
Super simple, step by step way, to identify insecure delegations in Active Directory: 1. Download ADeleg 2. Run ADeleg 3. Click "View → Index view by… → Trustees" 4. Find and click on: - Authenticated Users - Everyone - Domain users - Domain Computers 5. Look for…
Sneak preview of the Hayabusa MCP server.
🔐 AccessLens – Visualize Microsoft Entra ID Conditional Access Policies. See policy scopes, apps, locations, device state, evaluation order & session controls in a clear interactive flow. Browser-only. Nothing stored. Nothing written back. 👉 accesslens.co.uk
@M_haggis In conclusion... AppLocker Inspector = a tool to help sysadmins get AppLocker right. Because “we deployed AppLocker” should mean more than “we checked a box.” 👇 👇 👇 👇 github.com/techspence/App…
In registered devices, windows sign in doesn't use Entra ID credentials, and no PRT at logon means: *conditional access & mfa aren’t enforced at sign in *local account or cached creds can bypass cloud identity checks *a threat actor with local access can pivot to the cloud…
In case you've been living under a rock... OpenIntuneBaselines (OIB) are probably a better starting point for most orgs than other benchmarks (including paid ones) This is the value of design and feedback by a community of passionate practitioners github.com/SkipToTheEndpo…
In case you've been living under a rock... OpenIntuneBaselines (OIB) are probably a better starting point for most orgs than other benchmarks (including paid ones) This is the value of design and feedback by a community of passionate practitioners github.com/SkipToTheEndpo…
It's been almost a year since my last blog... So, here is a new one: Extending AD CS attack surface to the cloud with Intune certificates. Also includes ESC1 over Intune (in some cases). dirkjanm.io/extending-ad-c… Oh, and a new tool for SCEP: github.com/dirkjanm/scepr…
Today at #Troopers24 we released Certiception – the ADCS honeypot we always wanted to have. Blog: srlabs.de/blog-post/cert… Source code: github.com/srlabs/Certice… Slide deck, including our guide to deception strategy: github.com/srlabs/Certice…
Default security settings are not security, and attackers/red-teamers are aware of this, and they rely on it. In every Cloud or AI PT engagement I had, my starting point is always the same, default configurations/security, and it works consistently. These defaults often expose…
#x33fcon 2025 talks: @kevin0x90 - Beyond PsExec - Stealthy Lateral Movement Techniques > youtu.be/C8i337_BdvE
🔴 Red and blue teams, this one's for you. 🔵 LudusHound bridges BloodHound Attack Paths with lab automation by creating a functional Active Directory replica testing environment. Read @bagelByt3s blog post for more. ghst.ly/40Ippn1
How to conduct a Password Audit in Active Directory (AD) | Pen Test Partners pentestpartners.com/security-blog/…
New video out 😊 showing how you can take control of port 445 and perform those magical relay attacks toward AD CS when working from a C2 agent. Way easier than before thanks to some great research by @zyn3rgy youtube.com/watch?v=e4f3h5…
RebeccaSimon @iCW891pGK1gUmb
29 Followers 823 Following
DanaRicardo @4IFPgXDjrWk39Q6
0 Followers 419 Following
Hazle Herzog @HHerzog68208
58 Followers 3K Following
Mwavau @Mwavau540
121 Followers 3K Following
Fuxar @Fuxar02126
31 Followers 1K Following
Alejandro Parodi @hdbreaker_
890 Followers 1K Following 2x Founder @VoltAI & @Hackmetrix, Security Researcher. D̶o̶n̶’̶t̶ have the drive to become a big scary famous hacker. Always watching, never seen.
Chaya Ward-Moen @MoenWard38696
1 Followers 173 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/ELl4Wq2W7k
Amelia @SkilesStua29770
6 Followers 281 Following
AfraGabriel @gk8UFTN4uh71y
64 Followers 1K Following
Active Directory Thin... @ADAllTheTime
3K Followers 716 Following Microsoft Certified Master (MCM): Active Directory. Previously AD field engineer at Microsoft. Notes from the field & the lab (@duff22b)
Shewghoy @ShewghoycBC
41 Followers 5K Following
EmilyWindsor @6yWasT8o23Jw9BO
71 Followers 7K Following
Margaret @margaret_noble_
363 Followers 3K Following
MariaFaulkner @4jRuauI25WqRx
67 Followers 3K Following
Florence @ReezarlZ_8C2
5 Followers 559 Following
Phosmoth @PhosmothDigjZV
44 Followers 4K Following
Shosleson @shosleson85405
131 Followers 7K Following I'm new to Twitter accounts so I tried the messaging feature and it's great to meet you.
Trentent Tye @TrententTye
2K Followers 1K Following Former Microsoft MVP for AppV/RDS, former Citrix CTP, vExpert. Solving problems before anyone else. ControlUp employee. Opinions are my own. He/Him
IngridFrances @1Z6GF9TGYPF9j
51 Followers 6K Following
QueenaPullan @8lmyG14f3R1Wm
58 Followers 7K Following
Sarmad Aidrus @AidrusSarmad
3 Followers 46 Following IT OT Security Strategist | NIS2 CRA IEC 62443 | DevSecOps Enthusiast | Distributed Systems Engineer
Nanetoo @Nanetoo643238
127 Followers 7K Following
SimonaRobin @uj9BY856K6S67
73 Followers 7K Following
VioletVirginia @BeVSqG1lGmP10x
86 Followers 7K Following
SetllaAly @3fx30v36OfQ21VL
27 Followers 4K Following
Routhaez @RouthaezADUix
7 Followers 388 Following
ReneeBurke @Malzonelou32
51 Followers 5K Following
VeronicaAnn @V3rj29sQhFO13B
75 Followers 7K Following
SelenaBessie @64E36g2pYcqVKT
67 Followers 7K Following
Thresher @eWLW9eUv32ODGF4
23 Followers 3K Following
Tony Gore @nullg0re
634 Followers 1K Following Security Researcher, US Marine Corps Veteran, Microsoft Most Valuable Researcher 2023 & 2024
ZenobiaPiers @4Qj9BuGxaq0Nb2b
27 Followers 2K Following
Athena @koetterathena98
288 Followers 3K Following
Muriel @lobato_muriel59
264 Followers 3K Following
Virginia @v_lewis31
313 Followers 3K Following
Harm Veenstra | MVP @HarmVeenstra
2K Followers 4K Following 2x Microsoft MVP | #PowerShell Evangelist | Living apart together with @Eve_023 | Consultant | *Core | Google Pixel | #Espresso | https://t.co/8Aes02OcHf
Katherina @katherina_sando
306 Followers 3K Following
CathiYurkovich @CathiYurko5678
50 Followers 2K Following
Morten Knudsen | MVP @knudsenmortendk
494 Followers 529 Following Triple Microsoft MVP (Security, Azure & Security Copilot) | MCT | Security & Cloud Architect | Co-Founder Experts Live Denmark | Speaker | Blog https://t.co/b1b8SZHZpi
Ann @harris66ann
290 Followers 3K Following
Kathy @nehlsen_kathy49
229 Followers 3K Following
Kara @sims_kara46
272 Followers 3K Following
Frances @francesross47
274 Followers 3K Following
Mattie @mattie97phillip
319 Followers 3K Following
Zoomer 🧢 @zoomyzoomm
19K Followers 986 Following | VC Tech Bro | Forbes 30u30 | AI Doomer Dude | Gen Z Threadboi | King of Hot Takes | 27 y.o w/ $500k NW | Chase Coleman's Nephew | CSO (Chief Shitpost Officer)
Flowers ☾ @flowersslop
11K Followers 216 Following Stars light future dreams ♄ Erised stra ehru oyt ube cafru oyt on wohsi
mosesrenegade @mosesrenegade
3K Followers 2K Following Maker of Fine Bespoke Exploits. SANS SEC588 Author. Red Team @ Neuvik. SysOp.
sysengineer @_sysengineer
27K Followers 960 Following I do not give Facebook permission to print anything off my computer
Michal Melewski @carste1n
4K Followers 344 Following Security Engineer @ Somewhere ex-Google, ex-Cloudflare I use bad software and bad machines for the wrong things. My writing: https://t.co/Z7uucr5BYW
Winston Ighodaro @Officialwhyte22
8K Followers 192 Following Ethical Hacker, Forensic Investigator, Malware Engineer. Security+, Network+, Pentest+, and CNVP. Python, bash, Powershell, Java script, Html and C#. I am root.
White Knight Labs @WKL_cyber
443 Followers 34 Following We are a small band of engineers that work intimately with our clients to develop risk-based approaches to improve the overall security of their business.
Master Packager @MasterPackager
2K Followers 1K Following Application packaging software that helps you build Windows application packages that end-users love, enterprises want, and the Windows OS needs.
FF&E (Furniture, Fixt... @FFE_only
8K Followers 9 Following FF and E (Furniture, Fixtures, and Equipment). For Interior design and construction
International Cyber D... @IntCyberDigest
11K Followers 3K Following Your weekly go-to cybersecurity newsletter, curated and commented on by our senior analysts. Got tips? Signal: IntCyberDigest.17
WatchGuard DACH @sichersein
580 Followers 147 Following WatchGuard gehört zu den führenden Anbietern, wenn es um Netzwerksicherheit, WLAN-Schutz, Multifaktor-Authentifizierung oder die Absicherung am Endpunkt geht.
John @systemofdoom
825 Followers 1K Following Security & Network Administrator with a focus on #ConfigMgr, #Intune, #Powershell, and #Defender. Vinyl Record Collector, Cyclist, Gamer, Hipster Doofus.
Block @blocks
91K Followers 10 Following Building blocks @Square @CashApp @spiralbtc @TIDAL @BitkeyOfficial @protomining
Bastien Perez @bastienperez_
579 Followers 458 Following 🇨🇵 MVP - consultant #Microsoft products #ActiveDirectory #EntraID 🌐 Share tips from the IT field 🏢 Founder of Clidsys 📃 #PowerShell #NoCode #LowCode
Mike Terrill [MVP] @miketerrill
7K Followers 773 Following Microsoft MVP. Principal Engineer @2PintSoftware. Intune, ConfigMgr and OSD specialist. Porsche & Tesla enthusiast. #WildcatForLife #BearDown #FSDBeta
GangExposed RU @GangExposed_RU
3K Followers 67 Following Cybercrime investigator | Exclusive leaks on $10M bounty targets
Josh B @JoshB96009544
84 Followers 517 Following
Maximales Drehmoment @MaximalesD
53K Followers 139 Following Schrauber/Ehemann/Vater/mit Herz und Seele💪 Rechtschreibung kann vom Original abweichen! Ersteller von #Schraubermoment Threadschreiber Header by @Taschentroll
whatever @whatever
272K Followers 1 Following Trying to make sense of the dating hellscape. LIVE Sundays at 5:00 PM Pacific on https://t.co/Ln0zNd1ZPY /// CASTING WOMEN: DM https://t.co/qQXhgAh1Cj
ibrahim rüdisühli �... @i_rudisuhli
1K Followers 2K Following Zusammenfassend kann man sagen, dass meine vulgäre Sprache im Kontext meiner Kritik an intoleranten faschistischen Ansichten als notwendig gesehen werden kann.
Matt Call @DeviceDeploy
3K Followers 175 Following PM @Microsoft - Helping build tech to secure endpoints - thoughts here are mine and are not always based in reality
Balthasar @BalthasarMartin
217 Followers 241 Following Red team lead @ https://t.co/fkrENrHmF5 @[email protected] (he/him)
Soroush Dalili @irsdl
20K Followers 912 Following Hacker (ethical), web appsec specialist, trainer, tools builder & apps breaker, @SecProjectLtd founder 🕸️https://t.co/YipuTcYnWc🥷 🍏A dad-joke maker🍐
Rafał Fitt @rafal_fitt
358 Followers 782 Following There is always a bigger fish. Check the compass, not the clock. Knowledge Is Power. #NAFO
_@_* @S3cAtW0rk
24 Followers 291 Following Interested in technical deep dives of IT-Security, Active Directory, Powershell, Authentication, Certificates, Cloud and other stuff
GitHub Projects Commu... @GithubProjects
193K Followers 111 Following We're sharing/showcasing best of @github projects/repos. Follow to stay in loop. Promoting Open-Source Contributions. UNOFFICIAL, but followed by github
Nir Ohfeld @nirohfeld
4K Followers 844 Following Head of Vulnerability Research @wiz_io | @Microsoft MVR (2021-2025) | Pwn2Own 2025 | @Forbes 30 Under 30
Markus Wulftange @mwulftange
3K Followers 196 Following Principal Security Researcher and Pâtissier at @codewhitesec
CODE WHITE GmbH @codewhitesec
7K Followers 41 Following Red Teaming. Security Research. Continuous Penetration Testing. Threat Intelligence.
Khoa Dinh @_l0gg
2K Followers 118 Following
Samuel (scam) G. @scam_work
63 Followers 328 Following My curiosity is effortlessly sparked | Pentester
Adam Juelich @acjuelich
3K Followers 4K Following IT Consultant. Focusing on Microsoft #ConfigMgr #SCCM #MSIntune, Azure, and Defender. Opinions are my own.
јаmеѕ ███�... @rotarydrone
857 Followers 603 Following lil bit of red, lil bit of blue. very purple. views my own
Dwyer @_Dwyer_
3K Followers 371 Following Threat research is the name of my game. I know enough to know that I have a lot to learn. opinions are my own
Alejandro Parodi @hdbreaker_
890 Followers 1K Following 2x Founder @VoltAI & @Hackmetrix, Security Researcher. D̶o̶n̶’̶t̶ have the drive to become a big scary famous hacker. Always watching, never seen.
Keanu Nys @RedByte1337
913 Followers 76 Following Offensive Security Lead @ Spotit. Creator of GraphSpy
Horizon Secured @horizon_secured
1K Followers 136 Following Master Windows & Active Directory Security—From Defense to Attacks.Trends for United States
You might like
