Aurélien Chalot @Defte_
Hacker, sysadmin and security researcher @OrangeCyberdef 💻 Calisthenic enthousiast 💪 and wannabe philosopher https://t.co/SqDDhIGGGh 📖 🔥 Hide&Sec 🔥 blog.whiteflag.io The grid Joined November 2017-
Tweets1K
-
Followers4K
-
Following460
-
Likes3K
Guess what, when implementing channel binding token to Impacket I simply forgot to implement it into NetExec as well... Incoming soon (eyes)
That was an interesting case about NTLM reflection but yeah, any machine that does not have th patch is vulnerable and it completely bypasses Channel Binding token (ie: we poced the relay from a ADCS server back to its fully HTTP web enroll endpoint and got the cert) pretty fun!
That was an interesting case about NTLM reflection but yeah, any machine that does not have th patch is vulnerable and it completely bypasses Channel Binding token (ie: we poced the relay from a ADCS server back to its fully HTTP web enroll endpoint and got the cert) pretty fun!
Hey Folks The program for this year is now almost full announced 🥳 Still hesitating to come this year? You won't hesitate a single second once you've seen the conference program 📢 We will soon be announcing the sale of tickets dates, the list of workshops and the hoodie designs
ILS DOIVENT TOUS PARTIR. ILS DOIVENT TOUS PARTIR. ILS DOIVENT TOUS PARTIR. ILS DOIVENT TOUS PARTIR. ILS DOIVENT TOUS PARTIR. ILS DOIVENT TOUS PARTIR. ILS DOIVENT TOUS PARTIR. ILS DOIVENT TOUS PARTIR. BAYROU, RETAILLEAU, DARMANIN, NUÑEZ, BORNE, BERGÉ, BARROT, MACRON, TOUS !
👀Turns out MS-EVEN can do a lot more than NULL auth: In addition to leaking environment variables, it is possible to coerce authentication from arbitrary logged on users* 🤯 *If you are willing to trigger Windows Defender.
Reading astrophysics books I saw the following quote from Isaac Asimov: The most important sentence in sciences, the one that announces new discoveries isn't Eurêka but "that's funny..." that's the hacking spirit 🤌🏼
Thanks to everyone who joined my DEFCON33 talk!🎉 For those of you who missed it and are interested in seeing how we can extract cleartext credentials and bypass MFA directly from the official Microsoft login page, I just uploaded the recording to YouTube: youtu.be/z6GJqrkL0S0
gpoParser, which I presented at #leHACK2025 and #DEFCON, is available here: github.com/synacktiv/gpoP… It is a specialized utility designed to enumerate Group Policy Objects (GPOs) and identify potential security misconfigurations.
This was implemented in bloodhound but missing in NXC, not anymore 🥳🥳🥳
Go fuck yourself EU 😊
hashcat v7.0.0 released! After nearly 3 years of development and over 900,000 lines of code changed, this is easily the largest release we have ever had. Detailed writeup is available here: hashcat.net/forum/thread-1…
Last month I spent hours implementing Channel Binding for MSSQLClient on Impacket. If you are interested in how CBT is computed, handling STARTTLS in python, TLS introspection on Windows or simply MSSQL databases check it out sensepost.com/blog/2025/a-jo… :)
Reverse engineering Microsoft’s SQLCMD.exe to implement Channel Binding support for MSSQL into Impacket’s mssqlclient.py. Storytime from Aurelien (@Defte_), including instructions for reproducing the test environment yourself. (link below)

Charlie Bromberg « ... @_nwodtuhs
15K Followers 652 Following Trying to hack the way we hack things 🏴☠️
Mayfly @M4yFly
7K Followers 783 Following Former Dev and DevOps| Pentester and red teamer at orange cyberdefense | OSCE³| Tweet are my own| discord: m4yfly
Rémi GASCOU (Podalir... @podalirius_
8K Followers 663 Following Security Researcher & Speaker | Microsoft Security MVP | Developer of security tools 🎬 https://t.co/QaAENc4NcY
sn🥶vvcr💥sh @snovvcrash
12K Followers 490 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Florian Roth ⚡️ @cyb3rops
207K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Swissky @pentest_swissky
20K Followers 1K Following RedTeam | Pentest Author of PayloadsAllTheThings & SSRFmap https://t.co/w1ZLRqoafG
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Orange Cyberdefense's... @sensepost
9K Followers 321 Following Work like hell, Share all you know, Abide by your handshake, Have fun. - Dan Geer
Laluka@OffenSkill @TheLaluka
5K Followers 1K Following Sharing is Caring, Hacker, Eternel Learner, Cat! =^~^=
n00py @n00py1
13K Followers 962 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
an0n @an0n_r0
13K Followers 727 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Josh @passthehashbrwn
10K Followers 334 Following Adversarial Simulation at IBM, tweets are mine etc.
John Hammond @_JohnHammond
300K Followers 3K Following Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyQtS || https://t.co/narO3sz7y6
Thomas Seigneuret @_zblurx
3K Followers 392 Following Red Teamer & Security researcher Maintainer of #NetExec, #DonPAPI, dploot, certsync, and all the stuff on my github repo bsky: https://t.co/zISpgvDSWc
Jean @Jean_Maes_1994
12K Followers 1K Following @sansoffensive Certified instructor/SEC565 author/SEC699 co author
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
LuemmelSec @theluemmel
8K Followers 565 Following I speak BloodHound. Husband, Father, IT-Guy, Security-Noob Blog: https://t.co/PXB35KEqs6 GitHub: https://t.co/Unp9jZOpBn
Frank Schmitz @_Frank_Schmitz
9 Followers 133 Following
Constantinos Evangelo... @qlean
25 Followers 508 Following
Josh Carlson @_joshcarlson
148 Followers 231 Following
Necromancer @ZeroMemoryEx
2K Followers 483 Following Cyber Security Consultant | Security Researcher
Oghenefejiro Idigu �... @Mr_Hoversee
28 Followers 209 Following Expert Writer | Networking | Cybersecurity Enthusiasts
KA0x0 @KA0x00
67 Followers 740 Following Open Source Enthusiast InfoSec by day 🛡️ | Hacker by night 🖥️
c_pentest @c_pentest
1 Followers 453 Following
Pupcia Jelonka Bambi @PupciaJelonka
105 Followers 842 Following
NULL @ok111
8 Followers 1K Following
xan @xanruth
0 Followers 56 Following
Abdul Mhanni @abdo_mhanni
65 Followers 693 Following
Kushal Bhojani @BhojaniKushal
16 Followers 773 Following
FranchFrais @FranchFrais
0 Followers 281 Following
James @BBHunter7331
13 Followers 320 Following Information Systems Auditor || collaborative communicator || father
Bl4ck~M33rk4t @GoldPhax
23 Followers 293 Following Doing shit with computer and customer infrastructure
Eric Kravchenko @HUR_45
20 Followers 508 Following IT problem solver with a passion for international politics and off-the-beaten-path travel. My heart belongs to 🇺🇦, 🇸🇪, and 🇪🇺.
stiv @stivfi
0 Followers 107 Following
void @void_3301
199 Followers 3K Following
Jac_k0cc @JacK0cc
2 Followers 54 Following
Matt Millen @_MattMillen
5 Followers 136 Following There is potential in pain. Might as well embrace the suck.
Muhmmad Irfan @Muhmmad69953409
22 Followers 2K Following
Pratik Dabhi @iampratek
142 Followers 870 Following Programmer. Wannabe Photographer https://t.co/fcIqnNgmVf
Saab @off_saab
0 Followers 16 Following
ef ef @efef713538
0 Followers 5 Following
kwstas kwstas @igetsh3llz
28 Followers 653 Following
SomeCanadian @_somecanadian_
123 Followers 1K Following Changing the world one Domain Admin at a time | RedTeam & CoFounder @Yacksecurite | OSEP, CRTO, CRTE, OSCP | HTB ProLabs x6
AdeOffsec @AdeOffsec
0 Followers 80 Following
ju$tm3 @xor1equals1
7 Followers 116 Following
johndoe9497 @johndoe9497
61 Followers 723 Following Tech Enthusiast | Dreaming out loud in tmux https://t.co/XPPLCsm6Wr
KileSwift @kile_swift
1 Followers 58 Following
b00fDip™ ★ @b00fDip
36 Followers 723 Following
↑↑↓↓←→←... @5ynth3t1c
148 Followers 2K Following
maxbar @maxbar1986
73 Followers 463 Following
嘟嘟牛 @doodooniu
7 Followers 199 Following
Charlie Bromberg « ... @_nwodtuhs
15K Followers 652 Following Trying to hack the way we hack things 🏴☠️
vx-underground @vxunderground
377K Followers 294 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Mayfly @M4yFly
7K Followers 783 Following Former Dev and DevOps| Pentester and red teamer at orange cyberdefense | OSCE³| Tweet are my own| discord: m4yfly
mpgn @mpgn_x64
18K Followers 230 Following Flibustier du net ̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿ Podcast Hack'n Speak @hacknspeak / https://t.co/GyACSFg9mw
Rémi GASCOU (Podalir... @podalirius_
8K Followers 663 Following Security Researcher & Speaker | Microsoft Security MVP | Developer of security tools 🎬 https://t.co/QaAENc4NcY
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
sn🥶vvcr💥sh @snovvcrash
12K Followers 490 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Swissky @pentest_swissky
20K Followers 1K Following RedTeam | Pentest Author of PayloadsAllTheThings & SSRFmap https://t.co/w1ZLRqoafG
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Orange Cyberdefense's... @sensepost
9K Followers 321 Following Work like hell, Share all you know, Abide by your handshake, Have fun. - Dan Geer
Synacktiv @Synacktiv
20K Followers 271 Following Offensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
Laluka@OffenSkill @TheLaluka
5K Followers 1K Following Sharing is Caring, Hacker, Eternel Learner, Cat! =^~^=
n00py @n00py1
13K Followers 962 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
Binni Shah @binitamshah
141K Followers 165 Following Linux Evangelist, Malwares, Security enthusiast , Investor, Contrarian , Philanthropist , Reformist , Sigma female 🦋 https://t.co/WOvf41tMKV
🥝🏳️🌈 Be... @gentilkiwi
62K Followers 286 Following A kiwi coding mimikatz & kekeo github: https://t.co/eS3LVgU6i0 Head of security services @banquedefrance Tweets are my own and not the views of my employer
Toffy @toffyrak
197 Followers 222 Following
Keanu Nys @RedByte1337
913 Followers 76 Following Offensive Security Lead @ Spotit. Creator of GraphSpy
reaperai @datareaperai
3K Followers 232 Following
Chris Thompson @_Mayyhem
3K Followers 469 Following Senior Security Researcher @SpecterOps https://t.co/Sz5fRYkX6u
Bad Sector Labs @badsectorlabs
8K Followers 507 Following Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]
Kxjr Vde @Hugo_Sab
93 Followers 598 Following Wannabe Hacker at @OrangeCyberdef | Passionate of CTF & Chess
serexp @myserialexps
16 Followers 83 Following pretty good at breaking (into) stuff. iOS and Windows security researcher.
Orange Cyberdefense F... @OrangeCyberFR
12K Followers 231 Following 🛡️ Construire une société numérique plus sûre #SaferDigitalSociety
Rtl Dallas @RtlDallas
414 Followers 146 Following
Worty @_Worty
3K Followers 556 Following Organizer of @HeroCTF || ctf w/ @FlatNetworkOrg || TeamFR 2021, 2022 & 2025 🇫🇷 || 🥷 @Synacktiv
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
John Hammond @_JohnHammond
300K Followers 3K Following Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyQtS || https://t.co/narO3sz7y6
Dlive @D1iv3
2K Followers 1K Following Security Researcher. 2022 MSRC MVR. Windows Active Directory Security / Cloud Security / Web Security. Tweets are my own.
CCob🏴�... @_EthicalChaos_
9K Followers 440 Following Ceri Coburn: Hacker | R̷u̷n̷n̷e̷r̷ DIYer| Vizsla Fanboy and a Little Welsh Bull apparently 🏴 Author of poorly coded tools: https://t.co/P6tT2qQksC
Joe Mondloch @jmkfoofus
16 Followers 7 Following
ℕ𝕠𝕣𝕒 𝕆�... @Ot_nora
2K Followers 775 Following Just build for good #positiveimpact #education 🧡#communication #inclusion @orange @orangecyberdef #ProcrastinateToCreate #urbanculture |🥊🎾⚽️📺 |🇫🇷 🇩🇿🌍|
Alex Plaskett @alexjplaskett
12K Followers 572 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
Christophe Tafani-Der... @christophetd
6K Followers 1K Following 302 Location: https://t.co/tP3JTD3HQp
Cedric Van Bockhaven @c3c
916 Followers 349 Following
Insomni'hack @1ns0mn1h4ck
9K Followers 37 Following Security conference and hacking contest founded and organized by @orangecyberch since 2008 in Lausanne, Switzerland.
Cyber Advising @cyber_advising
14K Followers 32 Following Cyber Security Consulting | Ethical Hacking & Exploit Research 🕵️♂️ https://t.co/brWqIrIqA9
Maarten Boone 🇪�... @staatsgeheim
4K Followers 4K Following Security Researcher / Personeel van @Alice_en_Bob / Tweets are my own
Hugow @hugow_vincent
914 Followers 980 Following Red Team and research @synacktiv @rustyphasm.bsky.social
Manuel Bompard @mbompard
232K Followers 2K Following • Député de Marseille 🇫🇷 • Coordinateur national de la @Franceinsoumise🔻 • https://t.co/rJ80HJhot4
qu35t @QU35T_TV
720 Followers 897 Following Pentester @vaadata 💻 - #Exegol maintainer - @GoToolSharing owner - Bug Hunter - #BSCP #CBBH #CPTS #CRTO #CRTP #Dante #Offshore
nyxgeek @nyxgeek
7K Followers 3K Following rebel scum, nerfherder, dogged and relentless. H/P/V/A/C Directory - https://t.co/qn0D9H7IIi
Richard Davy @rd_pentest
2K Followers 903 Following Penetration Tester. CREST CCT | OSCE | OSCP | OSWP
丂卄ㄖᗪ卂几 - ... @therealshodan
5K Followers 441 Following Microsoft Threat Intelligence Centre, deaf, BSL https://t.co/ZaRUlLAHgk
David Litchfield @dlitchfield
17K Followers 1K Following Director of Information Security Assurance at Apple; mastodon: @[email protected]
Off Investigation @Offinvestigatio
55K Followers 802 Following Média d'investigation indépendant. Financez les documentaires que toutes les chaînes refusent de lancer ! Soutenir ➡️ https://t.co/FRGPbEe7Ni
Assetnote @assetnote
10K Followers 0 Following Assetnote combines advanced reconnaissance and high-signal continuous security analysis to help enterprises gain insight and control of their evolving exposure.
Antonio Cocomazzi @splinter_code
9K Followers 326 Following offensive security - windows internals | BlueSky: https://t.co/ytvJCoaF2c | Mastodon: https://t.co/hNIHa6L14d
Chocapikk 🤘🏻 @Chocapikk_
3K Followers 267 Following Exploit Dev. CVEs for fun 🇫🇷 Security Researcher & Software Developer @leak_ix ☁️ Views are my own 🧠
Shadow_gatt @shadow_gatt
81 Followers 179 Following
Deadlift_Douche @Deadlift_Douche
490 Followers 313 Following
Coffin @coffinxp7
25K Followers 206 Following 🕵🏻♂️| ꜱᴇᴄᴜʀɪᴛʏ ʀᴇꜱᴇᴀʀᴄʜᴇʀ | ᴄᴏɴᴛᴇɴᴛ ᴄʀᴇᴀᴛᴏʀ | ᴡʀɪᴛᴇᴜᴘꜱ: https://t.co/xRCKfLzQG7 |ᴡᴇʙꜱɪᴛᴇ: https://t.co/pjFfqTxbZO | ᴄᴏᴍᴍᴜɴɪᴛʏ: https://t.co/5p05U7h0BM
guilhem rioux @GuilhemRioux
66 Followers 67 Following
Jack Maginnes 🏴... @_stigward
1K Followers 597 Following Professional bug creator and side-project abandoner | @exploitsclub | prev VR w/ @interruptlabs