-
Tweets6K
-
Followers10K
-
Following413
-
Likes5K
More infos about our workshop here: x33fcon.com/#!w/FabianMosc… Looking forward to meet some of you there 🙌🍻
More infos about our workshop here: x33fcon.com/#!w/FabianMosc… Looking forward to meet some of you there 🙌🍻
Great content from @D1iv3, introducing 𝗿𝗲𝗺𝗼𝘁𝗲 privilege escalation via #NTLM & #Kerberos over DCOM. I would recommend also using the #RPCFirewall as mitigation on your ADCS servers :) #BHASIA
Great content from @D1iv3, introducing 𝗿𝗲𝗺𝗼𝘁𝗲 privilege escalation via #NTLM & #Kerberos over DCOM. I would recommend also using the #RPCFirewall as mitigation on your ADCS servers :) #BHASIA https://t.co/7ZY0kzCbZS
‼️ Exactly 6 years ago, on 24th April, the Evilginx 2.0 journey began. Thank you to everyone who has used the tool since then. It would not be the same without your involvement 💗
‼️ Exactly 6 years ago, on 24th April, the Evilginx 2.0 journey began. Thank you to everyone who has used the tool since then. It would not be the same without your involvement 💗 https://t.co/cMZ8esmIiS
Trying out the new Azure Trusted Signing but I cannot seem to get it working. Receiving a 403 when sending any sign request even though the app/client I've using has the Trusted Signing Certificate Profile Signer role assigned.
Added a quick system overview to MemProcFS memory forensics. Check out one place for a summary rather than many locations as before. github.com/ufrisk/MemProc…
@splinter_code @GabrielLandau @msftsecresponse @decoder_it Welcome to the MS world
Scanner for CVE-2024-4040 (CrushFTP VFS Escape) github.com/airbus-cert/CV…
Excited to announce the transfer of lsassy to @LoginSecurite Github account! Get some cedz using github.com/login-securite…
How it was in June: How it is now:
Reach out to me if you need to know more about the training. Also repost and share if you would!
Reach out to me if you need to know more about the training. Also repost and share if you would!
@Telesystemus You know what sucks more? Referencing a bunch of DLLs that don't exist in your software
Well the cat is out of the bag. If you are interested in all things authentication and passkeys, my talk on Okta Verify might be of interest pretalx.com/bsides-cymru-2…
marimo can run entirely in the browser via @pyodide. Pyodide-powered notebooks are fast, private, and easy to share. Many packages are supported, including scikit-learn and pandas. Learn how and why we implemented this at the Pyodide blog: blog.pyodide.org/posts/marimo/
Super stoked to be giving the talk "Red Team Oops!!" at @x33fcon this year , together with @Oddvarmoe 🥳🥳
Shout out to @aall86 for building SkTool. The easiest way to find out what Hypervisor / secure kernel features are enabled on a system
This is bad: github.com/netsecfish/dli… A @github user named netsecfish has found hardcoded credentials and a base64 encoded command injection in a GET url for @Dlink 's NAS 🤯 Writing a scanner and pwning devices for this one is so easy... 🥶
Looks like someone dropped a Linux kernel 0day github.com/YuriiCrimson/E…
I published my PoC for CVE-2023-36047 as MSRC fixed the bypass today tracked as CVE-2024-21447. With some modification can be ported for CVE-2024-21447. github.com/Wh04m1001/User… msrc.microsoft.com/update-guide/v… msrc.microsoft.com/update-guide/v…
Looks like @ShitSecure and me are giving a workshop at @x33fcon this year👀We will be talking about packer development and help you to build your own packer for dropping malware in protected environments. Be there or be square🟥
Looks like @ShitSecure and me are giving a workshop at @x33fcon this year👀We will be talking about packer development and help you to build your own packer for dropping malware in protected environments. Be there or be square🟥
Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsFlorian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇Charlie Bromberg « .. @_nwodtuhs
13K Followers 648 Following Trying to hack the way we hack things 🏴☠️Oliver Lyak @ly4k_
8K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KImRr3b00t @UK_Daniel_Card
92K Followers 7K Following 真理的揭露者 Quis custodiet ipsos custodes fella in cyberspace #nafo undercover #FVEY Lovely Horse #fella #meme #farm #appreciator #cyber #specialistippsec @ippsec
111K Followers 349 FollowingJosh @passthehashbrwn
7K Followers 344 Following Adversarial Simulation at IBM, tweets are mine etc.Grzegorz Tworek @0gtweet
29K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-sn🥶vvcr💥sh @snovvcrash
10K Followers 438 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of Pentester’s Promiscuous Notebook (https://t.co/rL1sv5A2R7) :: He/him :: Tweets’re my pwn 🐣rootsecdev @rootsecdev
24K Followers 1K Following Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.an0n @an0n_r0
11K Followers 716 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺mgeeky | Mariusz Bana.. @mariuszbit
11K Followers 610 Following 🔴 Red Team operator, ex-MWR/F-Secure pentester, ex-AV engine developer @ESET, green tea addict. 🫖 @[email protected]n00py @n00py1
13K Followers 955 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research. [email protected] on MastodogeDirk-jan @_dirkjan
25K Followers 173 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.🥝🏳️🌈 Be.. @gentilkiwi
62K Followers 277 Following A kiwi coding mimikatz & kekeo github: https://t.co/eS3LVgU6i0 Head of security services @banquedefrance Tweets are my own and not the views of my employerklez @KlezVirus
6K Followers 668 Following Principal Cyber Security Consultant at Digital Trust Consulting Services, BSI - Opinions are my ownБіиаяу Сояе @da_doctor87
2 Followers 61 Following Anarchist Genius Strategic Thinker Robotics Engineering Cyber Security Consultant Depression and psychotic featuresElectronicsseeker @libertarian108
7 Followers 912 FollowingCecile @ce_seal
3 Followers 257 Followingdiarrhea_goat @diarrhea_goat
0 Followers 155 Following Systems eng by day, pentester by night. This is my attempt to share what I learn, lurk in infosec twitter, and randomly bitch about Crohn's disease.outlawh4ck3r @outlawh4ck3r
52 Followers 312 FollowingIan @IFMarlowe
44 Followers 223 FollowingHacker Hermanos @Hacker_Hermanos
149 Followers 376 Following Follow @Hacker_Hermanos for Offensive Security, Adversary Emulation, Red Team Tradecraft, Infrastructure and Methodologywhatever douchebag @notsureigetthis
29 Followers 609 Followingjosh vaccaro @JoshuaVaccaro
56 Followers 236 FollowingHan Solo 🇫🇷 @MilleniumCondor
241 Followers 300 FollowingSharad Malmanchi @sharadmalmanchi
424 Followers 5K Followingdoghero @dogherohero
25 Followers 228 FollowingSami Paju @pajusami
73 Followers 872 FollowingDavid @davixbr
56 Followers 1K FollowingMax Headroom @HeadroomMa39751
53 Followers 471 FollowingT @manw3l
269 Followers 957 FollowingEnrique Eusebio Jr. @elandestoy
242 Followers 1K Following Americano, isleño, geek, hacker y esposo; Me gusta la Seguridad Informática y el ron.qearch @13_4rch
91 Followers 1K FollowingZukul @TheZukul
142 Followers 2K Following Human #infosec professional seeking contact with fellow human individuals within the community.Name @123sole05137376
7 Followers 283 FollowingM4rk 7homas @0xM4rk7homas
268 Followers 1K Following https://t.co/otIm20ndNS // https://t.co/pmPVQrJHWR // https://t.co/lWh05qMwAuBerkeleyNyi @Berkeley147
370 Followers 6K FollowingChaminda Kumara @kumaruwan17
44 Followers 1K FollowingS19 @d9eger
0 Followers 5K FollowingXose LP MSFT @XLPMSFT65
38 Followers 672 Followingmoldyacorn @moldyAcorn
2 Followers 138 Following ✝ Love dogs. Overly proud of my Honda Civic Si. I try to do security stuff.MR.KWOK @4dILGw5aerttCVM
22 Followers 624 FollowingWhole Lotta Distro @Lucywor16120828
385 Followers 3K Following Growing #cannabis since 2016. #NYC #StonerFam #weed #gun #pills #Hemp #Gardening #QueensNY #wax #carts etc. CLICK ON OUR TELEGRAM CHANNEL FOR INQUIRIES FAM.Fry @KahneSky
0 Followers 112 FollowingSandro Affentranger @0xAF5A
37 Followers 330 FollowingYuri Gbur @yukonsec
89 Followers 294 Following Ethical Hacker and Security Researcher | Head mostly in the Cloud | @[email protected] | @yukonsec.bsky.socialwellnesskoenig @wellnesskoenig1
167K Followers 4K Following 32 - Web3 - sauna - sun - HODL - Digital - nomad - since 2009 ! #PEPE #pepeforthepeople $PEPE 2023 HODL 🐸 $ordi new btcJeffrey Asare @jeffreyasare23
131 Followers 3K Following How to generate passive Income Online (5 Ways)Caps @Caps87040033
19 Followers 119 FollowingJustin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsFlorian Hansemann @CyberWarship
75K Followers 47 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98MCharlie Bromberg « .. @_nwodtuhs
13K Followers 648 Following Trying to hack the way we hack things 🏴☠️Nicolas Krassas @Dinosn
122K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3Oliver Lyak @ly4k_
8K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KImpgn @mpgn_x64
17K Followers 234 Following Flibustier du net ̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿ Podcast Hack'n Speak @hacknspeak / https://t.co/GyACSFg9mwippsec @ippsec
111K Followers 349 FollowingJosh @passthehashbrwn
7K Followers 344 Following Adversarial Simulation at IBM, tweets are mine etc.Grzegorz Tworek @0gtweet
29K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-sn🥶vvcr💥sh @snovvcrash
10K Followers 438 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of Pentester’s Promiscuous Notebook (https://t.co/rL1sv5A2R7) :: He/him :: Tweets’re my pwn 🐣rootsecdev @rootsecdev
24K Followers 1K Following Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.DirectoryRanger @DirectoryRanger
31K Followers 100 Following This account assembles and disseminates information related to Active Directory and Windows security.mgeeky | Mariusz Bana.. @mariuszbit
11K Followers 610 Following 🔴 Red Team operator, ex-MWR/F-Secure pentester, ex-AV engine developer @ESET, green tea addict. 🫖 @[email protected]n00py @n00py1
13K Followers 955 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research. [email protected] on MastodogeDirk-jan @_dirkjan
25K Followers 173 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.Pilote de loc 🇨�.. @SBBTrainDriver
9K Followers 302 Following Conducteur de train · SBB CFF FFS · Genève · Compte purement personnel et non-officiel · Tout propos, avis ou idée n'engage que moiJord @0xLegacyy
1K Followers 284 Following Cybersecurity Consultant & Red Team Operator. Lover of frogs, specialising in defence evasion, CTF addict. 22y/oChris Thompson @retBandit
6K Followers 650 Following Global Head of Red team @ IBM X-Force. MITRE CTID, CREST, Blackhat Review Board. inveni et usurpaYuri Gbur @yukonsec
89 Followers 294 Following Ethical Hacker and Security Researcher | Head mostly in the Cloud | @[email protected] | @yukonsec.bsky.socialbitreader @bit_reader
210 Followers 332 Following Working in IT forensics 🧑💻 malware, linux and the dark net 🧐 // 2×🪙 // 🖤🏳️🌈eversinc33 🩸🗡�.. @eversinc33
3K Followers 571 Following purple hearted pentester learning malware development & kernel stuffapenwarr @apenwarr
14K Followers 2K Following wvdial, bup, sshuttle, netselect, popularity-contest, redo, gfblip, GFiber, and now @Tailscale doing WireGuard mesh. Top search result for "epic treatise."Chris Gates @carnal0wnage
38K Followers 6K Following Circumstances do not determine state of being. State of being determines your circumstances. Tweets are my own not my employer. red/purple teaming, some DFIRNick Powers @zyn3rgy
1K Followers 209 Following Adversary Simulation @SpecterOps | Previously @Rapid7 & @ProtivitiRay [REDACTED] @RayRedacted
56K Followers 6K Following •He/him • Assoc Producer Emeritus: @DarknetDiaries Cybersecurity Researcher •Iosif George-Andrei @iosifache
74 Followers 263 Following Security Engineer @ Snap Inc. | Open Source ContributorRayan Bouyaiche @ Ins.. @rayanlecat
1K Followers 679 Following Active Directory & Cloud hacking enthusiast, CTF @phreaks2600 and pentester @secnumcloudStu Kennedy @NoobieDog
2K Followers 1K Following Maker, Hacker, Security Researcher, Motorsport Enthusiast!Michael Eder @edermi@.. @michael_eder_
884 Followers 558 Following aka edermi. Memelord. Pentester, Social Engineer, Red Teamer & physical security dude @ HvS. Swag 🤙Michael Ritter @BigM1ke_oNe
119 Followers 251 Following security guy having fun identifying bugs/misconfigurations that lead to chaos.James Ibrahim @JamesIb54140322
77 Followers 1K FollowingSwissky @pentest_swissky
17K Followers 2K Following RedTeam | Pentest Author of PayloadsAllTheThings & SSRFmap https://t.co/w1ZLRqoafGCedric Van Bockhaven @c3c
815 Followers 335 FollowingMichael Schneider @0x6d69636b
1K Followers 414 Following infosec, working at @scipag, classic car rally driver for @teampaddymurphy, 🐘@[email protected]Shkk @_Shokk
35 Followers 569 Following Senior Red Team Operator OSCP | CRTO | GWAPT | Electrical EngineerDuncan Ogilvie 🍍 @mrexodia
5K Followers 235 Following Reverse engineer, creator of @x64dbg and 100+ other projects. Love binary analysis and Windows internals. Dreaming about doing open source full time...h0mbre @h0mbre_
12K Followers 572 Following tryhard at linux kernel && avatar is by Ching Yeh: https://t.co/oanjFPPhe7Nicolas Economou @NicoEconomou
4K Followers 156 Following Exploit Writer Specialist/Senior Security Researcher at Blue Frost Security...OtterHacker @OtterHacker
5K Followers 79 Following Professional redteamer and malware development enthusiast ! I will share some tips and experiences. Look at my work here : https://t.co/cxLBvW7pcIdaniel:// stenberg:// @bagder
60K Followers 572 Following I do network code and protocols. I write curl. On team @wolfSSL. I don't know anything. @[email protected]moo @moo_hax
3K Followers 1K Following Security researcher, Co-Founder @dreadnode | @microsoft @nvidiaPascal Gujer @pascal_gujer
690 Followers 338 Following security researcher | speaker | trainer | lockpicking | evil maid attacks | maker | https://t.co/kkOosn7aaR | https://t.co/RqmtvBUNxNMichael Kruger @_cablethief
621 Followers 349 Following Security analyst. Random code bits at https://t.co/S7I4BYjc2VPavel Yosifovich @zodiacon
12K Followers 939 Following Developer, trainer, author and (sometimes) speaker. Founder at @trainsec academy.Justin Ibarra @br0k3ns0und
1K Followers 796 Following threat research & detection engineering lead @elastic by way of @endgameinc | compulsive heavy iron displacer | I always like my own tweetsCarsten @0xcsandker
2K Followers 132 Following Security enthusiast, Likes Windows Internals & AD In case twitter implodes: https://t.co/O5CSoJnrIKMartin Grottenthaler @martin7x3
151 Followers 476 Following In a complicated relationship with Windows @VidraSecJsQ4Kn0wledge @JsQForKnowledge
541 Followers 99 Following Focussing on Microsoft Identity And (Information) Security related matters! Husband of 1, father of 2, motorcycle lover and somewhere in between a geek!Dr. Nestori Syynimaa @DrAzureAD
17K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)Ido Veltzman @Idov31
3K Followers 37 Following I'm a security researcher that using this platform to share my projects and research. Opinions are my own. https://t.co/UiWgKq40sVhermit @ackmage
2K Followers 410 Following hacking, art, gaming • https://t.co/UOmNQkGjy2 • google dorks: @the_dork_web • pixel art: @halfpotion • https://t.co/A9DDoPlcqv • she/her/anyMike Spicer (d4rkm4tt.. @d4rkm4tter
12K Followers 4K Following #WiFiCactus | #WiFiKraken | Absentee @dc801 | | Utah | free range wigler (ask @lintile) | AI Cyber the Cybers | Apex Storage x21/x16 designerMade it 🫡✌🏽 @1ns0mn1h4ck Awesome place and con 🍻
@jrog404 It should use the Negotiate SSPI module like most Windows applications, which would fallback to NTLM for the same reasons it always does: Using IP address instead of FQDN, and lack of KDC line-of-sight issues
Short blog post for EoP in virtualbox
New post on the blog… Exploiting CVE-2024-21111 : Local Privilege Escalation in Oracle VirtualBox by @filip_dragovic mdsec.co.uk/2024/04/cve-20…
As ntlm leaking is still a thing, made a showcase for elevating via ldap relaying with some little tricks. Relaying is done with a Win Client without admin privs and an active Windows firewall (default config), by using HTTP.SYS and SSH. Details here: badoption.eu/blog/2024/04/2…
More infos about our workshop here: x33fcon.com/#!w/FabianMosc… Looking forward to meet some of you there 🙌🍻
Yeeah! 🔥🔥🔥🔥 Looks like @eversinc33 and I will give a Maldev Workshop at @x33fcon 2024! 😎Looking forward for that but also for this conference in general 🥰 Pirate Ship, we are ready 🏴☠️🦜
@netspooky coulda brought Dick Stick from tha trip!
Great content from @D1iv3, introducing 𝗿𝗲𝗺𝗼𝘁𝗲 privilege escalation via #NTLM & #Kerberos over DCOM. I would recommend also using the #RPCFirewall as mitigation on your ADCS servers :) #BHASIA
During #BHASIA Briefing "CertifiedDCOM: The Privilege Escalation Journey to Domain Admin with DCOM" we will uncover a remote attack surface of DCOM and disclose a critical vulnerability related to it. Register now >> bit.ly/49yr4xw
‼️ Exactly 6 years ago, on 24th April, the Evilginx 2.0 journey began. Thank you to everyone who has used the tool since then. It would not be the same without your involvement 💗
I wonder if I just need to give it a few days for them to fix up the doc issues. The CLI example learn.microsoft.com/en-us/azure/tr… doesn't work because the az cli API version doesn't know about the provider and the role I can assign in IAM has a different URI.
Trying out the new Azure Trusted Signing but I cannot seem to get it working. Receiving a 403 when sending any sign request even though the app/client I've using has the Trusted Signing Certificate Profile Signer role assigned.
Added a quick system overview to MemProcFS memory forensics. Check out one place for a summary rather than many locations as before. github.com/ufrisk/MemProc…
@splinter_code @GabrielLandau @msftsecresponse @decoder_it Welcome to the MS world
Scanner for CVE-2024-4040 (CrushFTP VFS Escape) github.com/airbus-cert/CV…
Excited to announce the transfer of lsassy to @LoginSecurite Github account! Get some cedz using github.com/login-securite…
You are not prepared for how this guy pronounces Schweppes. 😭
How it was in June: How it is now:
If you watched my Shmoocon talk about metabolism hacking on YouTube, here is a major update. Day 289: 144 pounds lost total 137 pounds of fat lost (DexaScan) 9 pounds visceral fat (Dexa) 7 pounds of lean tissue lost (Dexa) 4 pounds of lean tissue gained (Dexa)