Jeff Warren @SbitsJeff
SVP Technical Product Management at STEALTHbits, Windows / Active Directory Security blog.stealthbits.com/author/jeff-wa… Ridgewood, NJ Joined February 2014-
Tweets51
-
Followers70
-
Following67
-
Likes28
Recording now available of my talk at @WWHackinFest cloud roundup. Topics: MFA (and it's effectiveness against current/future attacks), Conditional Access policy bypasses, device compliancy, PRT stealing, etc Slides: dirkjanm.io/assets/raw/fan… Recording: youtube.com/watch?v=yOJ6yB…
Soon in #mimikatz , some NGC stuff related to Windows Hello! 🥝 Here, from the NGC cache memory (no, not LSASS 😉), the internal PIN to deal with RSA key with the TPM The PIN code you type at logon is only a part of the key to decrypt this internal PIN, with the help of the TPM
We just disclosed SIGRed (CVE-2020-1350): Critical Vulnerability in all Windows DNS Servers (by @sagitz_). Bonus: can also be triggered using the browser through a malicious link. #SIGRed research.checkpoint.com/2020/resolving…
In a recent poll a quite high percentage of people expressed interest in a live stream, so I'll be streaming the release of my new ROADtools Azure AD framework this Thursday 20:00 CET (11am PST/2pm EST) at twitch.tv/dirkjanm 😃😲
During this quarantine I've been researching with my colleague Manu (@dialluvioso_) the latest SMBv3 bug (CVE-2020-0796), we've achieved a local privilege escalation. We're releasing the exploit code at github.com/danigargu/CVE-…
More security fun with GPOs :) : sdmsoftware.com/group-policy-b… #grouppolicy #infosec
Since everyone loves dumping credentials, I've put together a tool for remotely dumping Azure AD Connect credentials for my #TR19 talk. Uses only SMB and RPC calls, no code exec on the target host 😁
#DSInternals can now be used to check #ActiveDirectory passwords against @haveibeenpwned list, both online and offline (ntds.dit). Happy auditing!
Dumb trick of the day we got to use again recently in case you didn't know about it: Search AD with a GUI via built in tools. Command line: "C:\Windows\System32\rundll32.exe" dsquery.dll,OpenQueryWindow
Get-AzurePasswords : A Tool for Dumping Credentials from Azure Subscriptions : blog.netspi.com/get-azurepassw… cc @kfosaaen
[BLOG] Get-AzurePasswords: A Tool for Dumping Credentials from Azure Subscriptions blog.netspi.com/get-azurepassw… Thanks @kfosaaen, super handy!
Red Team Tip: Have a shell on a Windows PC with a touch screen? Search for passwords in Waitlist.dat, a full text index of emails and documents used to improve handwriting recognition. Powershell command below. Read my research on Waitlist.dat here: b2dfir.blogspot.com/2016/10/touch-…
[BLOG] Dumping Active Directory Domain Info with SQL Server Links and Ad-Hoc Queries (via PowerUpSQL) bit.ly/2Ji5vJg - Nice work @thomas_elling!
The updates to ATT&CK and @MITREpreattack are out, now with more Initial Access! Check out the update log attack.mitre.org/wiki/Updates_A…
Sweet! Domain persistence using #DCShadow without DA - minimal permissions required. Blog post soon. #ActiveDirectory #RedTeam
Just released p0wnedShell v2.5. A RedTeam Swiss Army Knife for Windows Based Systems. Most important changes: Runs from a Meterpreter shell. Masquerade Process (PEB) so it has the appearance of a another process. Start using another Parent Process ID. github.com/Cn33liz/p0wned…
After 9 months Invoke-DOSfuscation is finally released!! There is a lot of information for detection in the white paper, and the Invoke-DosTestHarness function is exactly what I used for detection dev & tuning. Code: github.com/danielbohannon… White paper: fireeye.com/blog/threat-re…
MirandaMarion @H2Wk26x98noTl0
60 Followers 6K Following
Saphe @Saphe156376
93 Followers 7K Following A strong woman is one who is determined to do what others are determined not to do.
Ring3API 🇺🇦 @ntlmrelay
7K Followers 3K Following #ThreatHunting / #BlueTeam engineer. I'm just looking for traces in the logs. Reading and retweeting cool stuff. MITRE ATT&CK Defender:CTI,SOCAsses,AE,PTM,THDE.
𝔼𝕕 𝔼𝕕𝕕... @niimonigh
354 Followers 944 Following GOD GOT US.! Family👨👩👦👦. Music🎙🎚. IT ⚙️💻. Globe Trotting 🧭. I’m somewhere in the Future and I look much better than I look right now! 🕺
SUJAL_1337 @sujal_1337
27 Followers 1K Following Wannabe Red Teamer | Be 1337!!!! Hello Friends!!!!!!!!!!!
UFO @BigTechRuined
39 Followers 269 Following Its not what you don't know that gets you into trouble. Its what you know for sure, that just isn't so.
Ragnar Lothbrok @ThorsHammer222
8 Followers 250 Following Twitter isn't real life, get over yourself. #Bitcoin
Alexander (AJ) @AlexanderNish
49 Followers 347 Following
Pierre-Stéphane BATO... @Baton_PS
13 Followers 285 Following
BitcoinBigDickEnergy @BitcoinBigDick
25 Followers 273 Following #Bitcoin is the answer. twitter isn’t real life
Threat Protect @CybersecurityTP
891 Followers 2K Following Enabling organisations to work with confidence by providing tailored, cost-optimised IT and security solutions
maurizio taglioretti @mtaglior
892 Followers 1K Following #ITSecurity & #Audit addicted, proud father and willing to have a safer world
Infosec Thought Leade... @infosecthought1
32 Followers 241 Following I am a thought leader in the Infosec community. and an influencer in all things cyber. opinions are my own. selfless and brave they / them #infosec #bitcoin
MadisonAlexanderPR @MadAlexPR
311 Followers 948 Following Leading technology PR communications agency. Cybersecurity PR, Enterprise networking, Cloud Tech software, @TecFlack
Ryan @clearstackretn
26 Followers 338 Following
Maureen MacGregor @PR_techie
608 Followers 1K Following Storyteller, live music addict, RPSGT - Be kind whenever possible. It is always possible.
Indecium, LLC @indecium
285 Followers 1K Following Indecium is about SOLUTIONS. We work to help organizations achieve the goals they have related to Data Governance, Compliance, Auditing and Cyber Training.
Prabhjot Singh @prabhjotdunglay
200 Followers 1K Following Penetration Tester| CEH | CTF Player | VAPT | Acknowledged by @Dell, @Indeed, @Fyle.nl, @Currencycloud, @Survermonkey and 30+ Companies 🕷️ #BugBounty
Dan Blidner @STEALTH_Dan
15 Followers 73 Following Cybersecurity professional, interested in protecting your credentials and data.
Artur Wojtkowski @arturwojtkowski
101 Followers 196 Following Cybersecurity - Red & Blue | Co-founder of @Inceite
André Picker @clientmgmt
978 Followers 316 Following Former Microsoft MVP Enterprise Mobility #ConfigMgr #SCCM, #MDT #Microsoft #Automation #Sysctr Owner https://t.co/k9Qox2P51f
Sathishds @sathishdatwit
175 Followers 2K Following Incident response analyst, Interested in sharing Cyber threat hunting,Threat Intelligence, Malware analysis, Forensics artifacts, Red team blogs
Don Garrison @DonGarrison
86 Followers 425 Following Husband | Father | Security-Minded | Blue Team | CISSP, CCSP, Sec+, GREM, GCTI, GCDA, GDAT, E|CIH, etc.
Alexis Avila @Crisomalo
15 Followers 429 Following
password123 @password12310
0 Followers 1K Following
Paul Blyth @PaulBlyth1
93 Followers 2K Following
Coderiyanous @coderiyanous
61 Followers 771 Following An Anccient Coder. my work didn't define me, I define it.
Angie Hohensee @HohenseeAngie
29 Followers 55 Following
JeanCB @jeanclaudebpro
149 Followers 167 Following
W̷a̷w̷a̷S̷e̷b̷ @WawaSeb
987 Followers 5K Following - - - - - Technical infosec addict - - - - - ⚡️ Watch, read, share, repeat ⚡️
Prash @Suren_Pamidi
1K Followers 4K Following Threat Hunting, Researcher, 4n6, CyberSec, DFIR, Analytics, Threat Intel
yeshuibo @yeshuibo
106 Followers 6K Following
SentinelAgent @SentinelAgent
3K Followers 4K Following #SentinelAgent Ultralight Footprint Windows #Monitoring as a Service. Scalable. Affordable. #Freemium. #SAMaaS #MaaS #EventLogs #WMI #perfmon
msaints @MSantosXD
127 Followers 691 Following Constructor de pizzas, experto en cohetes, amante de los padres, gigante.
Arul Kumar @ArulVaiyapuri
948 Followers 2K Following Information Security Manager || Gamer || Computer Freak || Bug Bounty Participant ¯\_(ツ)_/¯
Roaring Kitty @TheRoaringKitty
1.7M Followers 90 Following
Benoît MARION @benoitmarionpro
799 Followers 597 Following Cybersecurity @wavestoneFR | SOC, FusionCenter, AD and misc. | https://t.co/mt1ABXm3a9
SYON @SYONsecurity
97 Followers 2 Following SYON is a cybersecurity firm that utilises real attacker techniques to enhance our customers’ cyber defence capabilities. We perform Red Teaming, get in touch!
Rowan Cheung @rowancheung
567K Followers 515 Following Founder of the world’s most read daily AI newsletter @therundownai. Sharing the latest developments in the world of artificial intelligence.
Shreyas Doshi @shreyas
299K Followers 1K Following Led a couple of Stripe's most successful products from early days. Prev Twitter, Google, Yahoo. Now advising & teaching. Tweets useful for some—not for everyone
MEXC @MEXC_Official
1.7M Followers 98 Following Your Easiest Way to Crypto @MEXC_Listings | #MEXC0Fee | Support: @MEXC_CST | Follows/RTs/QTs ≠ endorsements
Dirk-jan @_dirkjan
29K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
DirectoryRanger @DirectoryRanger
35K Followers 96 Following This account assembles and disseminates information related to Active Directory and Windows security.
Microsoft Dev Docs @docsmsft
43K Followers 2K Following Microsoft technical documentation • We're ready for you at https://t.co/2sA5YRs1kO
Binni Shah @binitamshah
141K Followers 165 Following Linux Evangelist, Malwares, Security enthusiast , Investor, Contrarian , Philanthropist , Reformist , Sigma female 🦋 https://t.co/WOvf41tMKV
Lee Berg 🐀 @LeeAlanBerg
2K Followers 1K Following
BlueHat IL @BlueHatIL
6K Followers 531 Following
Black Hills Informati... @BHinfoSecurity
48K Followers 2K Following Specializing in pen testing, red teaming, and Active SOC. We share our knowledge through blogs, webcasts, open-source tools, and Backdoors & Breaches game.
Ben@DiceBreakers @thedicebreakers
1K Followers 455 Following The world is full of great games. We'll teach you the rules. We'll show you the action. Welcome to DiceBreakers. Ben, Steve, and MJ.
Chris Thompson @retBandit
7K Followers 871 Following CEO, RemoteThreat, Head of Red team @ IBM X-Force, Black Hat Review Board. Founder and co-organizer of Offensive AI Con. inveni et usurpa
H @imessage357_H
699 Followers 2K Following
RiskIQ @RiskIQ
11K Followers 3K Following RiskIQ is the leader in attack surface management. A subsidiary of @Microsoft, we help organizations discover, understand, and mitigate threats and exposures.
`Ivan @Ivanlef0u
11K Followers 4K Following
John Lambert @JohnLaTwC
43K Followers 802 Following Corporate Vice President, Security Fellow, Microsoft Security Research, johnla(AT)https://t.co/3dGtq71Nby
Jessica Payne @jepayneMSFT
30K Followers 32 Following Security Person at Microsoft, currently in Windows Defender Security Research. Opinions are my own.
ThreatHunting @ThreatHuntProj
4K Followers 0 Following New to threat hunting and not sure where start? Need some inspiration for your next hunt? We've got you covered!
daniel chrastil @DisK0nn3cT
3K Followers 2K Following hacker. automation expert, red teaming, python junkie. social engineer. bug bounty. Christian. father.
Steve McKenzie @jarsnah12
1K Followers 399 Following I do security and stuff, sometimes cosplaying as a sysadmin. All opinions are shared by my employer and are hilarious. https://t.co/SZOWltaTQI
Kevin Klingbile @klingbilek
106 Followers 230 Following RedTeam, BlueTeam, Taking punches as they come.
Chris xorrior@infosec... @xorrior
11K Followers 1K Following @[email protected] Husband | Father | Pentester | Red Teamer | macOS security | Manager - Red Team @Zoom https://t.co/af3c0fgU2v
Kail @specterfive
1K Followers 1K Following Sr. Information Security Engineer (red teamer) at a Fortune 500. I ❤️ CTFs, Photography, and video games. [email protected]
SpecterOps @SpecterOps
39K Followers 397 Following Creators of BloodHound | Experts in Adversary Tradecraft | Leaders in Identity Attack Path Management
monoxgas @monoxgas
5K Followers 371 Following Security engineering, research, exploits, ml. Co-Founder with @moo_hax at @dreadnode
Carrie Roberts @OrOneEqualsOne
5K Followers 415 Following Mechanical Engineer turned Developer turned Pentester turned Red Teamer turned Blue-ish Purple. Instructor for Antisyphon Training. GIAC GSE Certification.
Ian Anderson @ian_infosec
7K Followers 897 Following Security Manager. IT/OT | 2020 War of Attrition Fantasy Football Champion | No purchasing authority. I also teach
Daniel Bohannon @danielhbohannon
18K Followers 582 Following Security Researcher @permisosecurity Previously: @Mandiant/@FireEye, @Microsoft Developer: Invoke-(Obfuscation|CradleCrafter|DOSfuscation) & Revoke-Obfuscation
Ty Miller @tyronmiller
2K Followers 2K Following Director Threat Intelligence, Pen Tester, Black Hat Presenter & Trainer, HiTB Trainer, Ruxcon Presenter, Hacking Exposed Linux author, CREST ANZ Board &Assessor
CloudPassage @cloudpassage
13K Followers 11K Following Securing your agile IT infrastructure with an on-demand, automated security platform that works in any infrastructure, at any scale.
Rohan Vazarkar @CptJesus
17K Followers 111 Following Penetration Tester and BloodHound Developer @specterops
📔 Michael Grafnett... @MGrafnetter
3K Followers 127 Following Principal Security Researcher @SpecterOps, Microsoft MVP Identity & Access
Wreck-It Rudy @ruddawg26
293 Followers 259 Following I break things, occasionally on accident. Christ Follower, Father, Wheaton football alum, Veteran I have been known to hack for chick-fil-a.
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / Antiquarian @ IBM X-Force / Team 501 / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Matt Nelson @enigma0x3
33K Followers 369 Following @specterops | Enjoys abusing features | https://t.co/aN1kcQxRJt
@[email protected]... @christruncer
11K Followers 464 Following Deputy Chief, Red Team, CISA && BJJ && Veil Framework / Open Source Dev, @christruncer.bsky.social
Sixdub @sixdub
11K Followers 1K Following Microsoft Threat Intelligence | Student @ GMU Antonin Scalia Law School | USAFA '10 & USAF Veteran | Focus: Intelligence, Technology, Cyber Law, Leadership
Kevin Robertson @kevin_robertson
4K Followers 186 Following
Jeff Dimmock @bluscreenofjeff
7K Followers 307 Following @SpecterOps | https://t.co/84xca2tQdx | Tweets are my own
Adam Rosen @SbAdamRosen
858 Followers 4K Following
Tom Porter @porterhau5
1K Followers 360 Following infosec | baseball | red team | trainer | fan of the pipe delimiter
Tuula Fai @tuulafai
670 Followers 2K Following Founder, S&T Real Estate Investment Trust, Pursuits: vlogger, author, distance swimmer - All opinions are my ownTrends for United States
You might like
