Chris Thompson @_Mayyhem
Senior Security Researcher @SpecterOps https://t.co/Sz5fRYkX6u Joined August 2015-
Tweets458
-
Followers3K
-
Following469
-
Likes2K
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…
I wanted to find out if you could start the WebClient service remotely, so I ended up digging into it specterops.io/blog/2025/08/1…
Why should Microsoft's Nested App Authentication (NAA) should be on your security team's radar? @Icemoonhsv breaks down NAA and shows how attackers can pivot between Azure resources using brokered authentication. ghst.ly/45h2Zw3
The AD CS security landscape keeps evolving, and so does our tooling. 🛠️ @bytewreck drops info on Certify 2.0, including a suite of new capabilities and refined usability improvements. ghst.ly/45IrBxI
PDQ SmartDeploy versions prior to 3.0.2046 used static, hardcoded encryption keys for cred storage. Low-privileged users could potentially access admin creds from registry or deployment files. @unsigned_sh0rt unpacks his testing in his latest blog post. ghst.ly/4mjyuvw
WSFC misconfigurations can turn your domain into one big fustercluck. I'm sharing fustercluck today as part of my #BHUSA presentation. The README summarizes the issues and a detailed blog is coming soon. github.com/garrettfoster1…
What all do you need to know about BloodHound CE 8.0 & OpenGraph? @ScoubiMtl is joining @RedSiege's Wednesday Offensive tomorrow to dive into the JSON schema for OpenGraph, how to ingest nodes & edges, best practices, & how to create custom icons. Join 👉 ghst.ly/46MNltn
Dear fellow pentesters & red teamers, How often do you run into a vCenter in your client’s environment? 🖥️ I just built one for vCenter - meet vCenterHound 🐾😉 This is just the beginning… more collectors and surprises are on the way. #Pentesting #RedTeam #BloodHound #vCenter
I pushed updates to SCCMHunter as part of my Arsenal demo at #BHUSA today! New features include a relay module for TAKEOVER-5 and a community contribution to coerce client push from a *nix host for ELEVATE-2. github.com/garrettfoster1….
This post about MSSQLHound, a PowerShell collector that adds 7 new nodes and 37 new edges to BloodHound, details my experience and lessons learned designing and implementing the tool using OpenGraph and provides examples of how to research and discover MSSQL attack paths.
This post about MSSQLHound, a PowerShell collector that adds 7 new nodes and 37 new edges to BloodHound, details my experience and lessons learned designing and implementing the tool using OpenGraph and provides examples of how to research and discover MSSQL attack paths.
Want to add your own new nodes and edges to BloodHound with OpenGraph and wondering where to start with your design? This post is a must read. Andy does an excellent job explaining the concepts and patterns you can follow to create reliable attack path graphs every time.
Want to add your own new nodes and edges to BloodHound with OpenGraph and wondering where to start with your design? This post is a must read. Andy does an excellent job explaining the concepts and patterns you can follow to create reliable attack path graphs every time.
If you have Active Directory Certificate Services (ADCS) in your environment, run Locksmith now! In Active Directory Security Assessments, we have found critical security issues in *most* ADCS configurations. The great thing about Locksmith is that it doesn't just highlight the…
If you're interested in learning more about OpenGraph and the other new BloodHound features, this webinar in 20 minutes is gonna be jam packed. I'll be on there to talk about MSSQLHound a bit too.
If you're interested in learning more about OpenGraph and the other new BloodHound features, this webinar in 20 minutes is gonna be jam packed. I'll be on there to talk about MSSQLHound a bit too.
The best creds are the ones you simply ask for =) specterops.io/blog/2025/07/3…
Announcing our whitepaper on the future of endpoint security. preludesecurity.com/runtime-memory…
New BH OpenGraph stuff is pretty cool, threw together a super basic PoC to map attack paths through SCCM this afternoon using data pulled from the site DB:
BloodHound v8.0 is here! 🎉 This update introduces BloodHound OpenGraph, revolutionizing Identity Attack Path Management by exposing attack paths throughout your entire tech stack, not just AD/Entra ID. Read more from @JustinKohler10: ghst.ly/bloodhoundv8 🧵: 1/7
Looks like BloodHound has picked up the scent of something new :) Join us Thursday to see where the trail leads.
Looks like BloodHound has picked up the scent of something new :) Join us Thursday to see where the trail leads. https://t.co/le7N5ajZJ5
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Adam Chester 🏴�... @_xpn_
36K Followers 502 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Josh @passthehashbrwn
10K Followers 334 Following Adversarial Simulation at IBM, tweets are mine etc.
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
sn🥶vvcr💥sh @snovvcrash
12K Followers 490 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Mike Felch (Stay Read... @ustayready
17K Followers 2K Following Targeted Ops Red Team @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | I speak for myself only | K1HAQ
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
mgeeky | Mariusz Bana... @mariuszbit
14K Followers 823 Following 🔴 Operator, Initial Access afficionado, Researcher, ex-AV engine developer, ex-Malware analyst 🦋 @mgeeky.bsky.social 🫖 green tea lover
Dirk-jan @_dirkjan
29K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
Dave Kennedy @HackingDave
224K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
an0n @an0n_r0
13K Followers 727 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
n00py @n00py1
13K Followers 962 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
rootsecdev @rootsecdev
26K Followers 1K Following Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
Swissky @pentest_swissky
20K Followers 1K Following RedTeam | Pentest Author of PayloadsAllTheThings & SSRFmap https://t.co/w1ZLRqoafG
mRr3b00t @UK_Daniel_Card
114K Followers 8K Following Department of Cyber WAR CEO of everyone's email servers!
LuemmelSec @theluemmel
8K Followers 565 Following I speak BloodHound. Husband, Father, IT-Guy, Security-Noob Blog: https://t.co/PXB35KEqs6 GitHub: https://t.co/Unp9jZOpBn
Rad @rad9800
9K Followers 455 Following irrational. founder. building solutions to secure organizations. @deceptiq_
ggcyghjn @tdxgjnn
3 Followers 191 Following
BSides Tirana @BSidesTirana
267 Followers 174 Following BSides Tirana 2025 19th of September @ Pyramid of Albania
enrique @enrique12p
543 Followers 750 Following איש גדר של קהל קונצרטה, חוליגן גיט, טומן ידו בצלחות, האקר של פיסטוקים, פירלו של קוד, יוצא יחידות מוטוריות, תומך בהפיכה צבאית של גנרל חורף.
er wang @QiwuSec
0 Followers 123 Following
123Soleil @123_soleiI
3 Followers 38 Following
Jacob Jackson @psionicjake
3 Followers 27 Following Security hardening 🛡️| Making AD and Azure bulletproof 🕸️ | Computer nerd, security hobbyist, gamer, “I prefer to be called a hacker”
Brown Jack @BrownJack596114
1 Followers 390 Following
Hani afira @ReginaAndrew205
4 Followers 407 Following https://t.co/0tK3mxw9DF: 20557 First National Female against in Cybersecurity in affection with @Staysafeonline. Kindly send a direct message if you ever got caught up in a scam
Bu$ySec @SystemError667
2 Followers 117 Following
Safiullah_Niazi @Safiull93168968
191 Followers 2K Following Leo ♌ 🦁| Strong Heart ❤️, Curious Mind 🧠| 'He who has a WHY to live for Can deal with any HOW'
Grzegorz @Grzegorz_M34901
94 Followers 1K Following
Neil Desai @0x617075
202 Followers 1K Following
nuyo4h @nuyo4h
0 Followers 3K Following
ElekKz @elek_kz
7 Followers 310 Following Just another CyberSec Enthusiast! eJPT | PNPT | OSCP | CTF Player
Tommy @TommyBluey
4 Followers 154 Following
Ram @R1224s2vb
0 Followers 40 Following
Jake Knowlton @j2k3k
429 Followers 1K Following cyber things at google. natsec. prior USAF. opinions are my own. I’m back
🅿️kkontheway @zzzkkk12355
183 Followers 2K Following CRTO/Cloud Security/CKA/CKS/Web3Sec/Learning Rust🦀️/Web3Wiki https://t.co/FlMIWTFB9w
A @asteinbr
52 Followers 519 Following
Hosein @Hosein635643
0 Followers 191 Following
Darrius Robinson @rbnroot
0 Followers 54 Following
hux @HuxHuxxxx
11 Followers 315 Following
歪比歪比 @dasiwoyebushuo1
0 Followers 352 Following
Abdelrahman Y @0XDbgMan
0 Followers 12 Following Offensive Security Engineer | CPTS | CRTE | CRTM | CRTO | eWAPTXv3 | Pro Labs (Dante, P.O.O, Zephyr , Offshore , Rastalab, Wanderer , CyberNetics , APT )
Fabricio Aranda @fabricioarandaz
24 Followers 433 Following Publish your dynamic content management system sites as static so your site will be secure, faster & scalable. Supports WP, Joomla and Drupal.
Ryan @ghost__0x00
0 Followers 18 Following
will i am @BSummerz
251 Followers 479 Following Red/Purple teamer and senior consultant @Mandiant Canada 🇨🇦
0xd0000 @0xd0000
0 Followers 3K Following
Casey @_subTee
19 Followers 434 Following I like to read . Founder , Researcher @malwarialabs Cyber Paul Blart
x-ray @xray72837341
1 Followers 548 Following
Cyber Lockhead @CyberLockh88651
2 Followers 50 Following
NextTwo @_next_two
60 Followers 692 Following Naive terminal typist making a living screaming at computers. Hotfixes for days.
Uwu @Uwu79033065Uwu
268 Followers 6K Following
Caio @clivoa
101 Followers 2K Following
Muhammad Arshad @Muhamma12379649
0 Followers 108 Following
Rosiedabezt241 @rosiedabezt241
0 Followers 26 Following
Authumn @_Authumn_
4 Followers 97 Following
aws @amazon_web_slut
7 Followers 122 Following love God, America and freedom. against trans, H1B1, antifa alphabet mafia #AmericaFirst. ❌💉
Sam Erde @SamErde
3K Followers 2K Following PowerShell MVP that is passionate about helping others succeed with Active Directory, Entra ID, Defender XDR, and Microsoft 365. Always learning! ✝️👨👩👧👦☕
vx-underground @vxunderground
377K Followers 295 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Adam Chester 🏴�... @_xpn_
36K Followers 502 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Charlie Bromberg « ... @_nwodtuhs
15K Followers 652 Following Trying to hack the way we hack things 🏴☠️
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
James Forshaw @tiraniddo
49K Followers 339 Following Security researcher in Google Project Zero. Author of Attacking Network Protocols. Tweets are my own etc. Mastodon: @[email protected]
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
Florian Hansemann @CyberWarship
84K Followers 46 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
mgeeky | Mariusz Bana... @mariuszbit
14K Followers 823 Following 🔴 Operator, Initial Access afficionado, Researcher, ex-AV engine developer, ex-Malware analyst 🦋 @mgeeky.bsky.social 🫖 green tea lover
Dirk-jan @_dirkjan
29K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
CCob🏴�... @_EthicalChaos_
9K Followers 440 Following Ceri Coburn: Hacker | R̷u̷n̷n̷e̷r̷ DIYer| Vizsla Fanboy and a Little Welsh Bull apparently 🏴 Author of poorly coded tools: https://t.co/P6tT2qQksC
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
Dave Kennedy @HackingDave
224K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
an0n @an0n_r0
13K Followers 727 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
n00py @n00py1
13K Followers 962 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
Rich Warren @buffaloverflow
11K Followers 666 Following Red Team & Offensive Security Research @AmberWolfSec // @buffaloverflow.rw.md on bsky
Rio @0x09AL
7K Followers 1K Following POC || GTFO Red Teaming - @NetSPI Organiser - @BSidesTirana @AxiomBreach
Marat Nigmatullin @_mnigma_
96 Followers 129 Following Hacking & Researching @falconforceteam | Ex-Unit 42
Valdemar Carøe @bytewreck
239 Followers 14 Following Security Researcher @ SpecterOps. CTF with @cor_ctf.
kalimero @kalimer0x00
465 Followers 847 Following
will i am @BSummerz
251 Followers 479 Following Red/Purple teamer and senior consultant @Mandiant Canada 🇨🇦
Wil @wil_fri3d
505 Followers 121 Following
risk3sixty LLC @risk3sixty
401 Followers 28 Following We help audit, implement, & manage security compliance programs for companies with multiple frameworks, including SOC, ISO, PCI, Pen Testing, and more.
Oddvar Moe @Oddvarmoe
19K Followers 1K Following Red Teamer @TrustedSec | MS MVP | Speaker | Security Researcher | Blogger | Total n00b & always learning | UNC1194 | Tinkerer | Gamer I try to inspire!
MSEndpointMgr @MSEndpointMgr
11K Followers 165 Following Official account of the https://t.co/yfrccoTPOm community. Join in on the discussion in https://t.co/CNRMyJwm6y
Scott Sutherland @_nullbind
3K Followers 326 Following Security Researcher @NetSPI | PowerUpSQL Author
Fletcher Davis @gymR4T
895 Followers 831 Following Director of Research @BeyondTrust | Former Red Team @CrowdStrike @Mandiant
📔 Michael Grafnett... @MGrafnetter
3K Followers 127 Following Principal Security Researcher @SpecterOps, Microsoft MVP Identity & Access
Clément Notin @cnotin
6K Followers 974 Following 😈 Security research (#ActiveDirectory #EntraID) & pentest 🎉 #CTF @tipi_hack 👨💼 Works @TenableSecurity, opinions my own 🪂 https://t.co/4HRwJQ6PUm
darthmrvader @darthmrvader
196 Followers 942 Following Hacker in training | Hampton U grad | 1906 | Lover of food, films, and fotografy
kat traxler 🎗️ @NightmareJS
2K Followers 3K Following proficient at drawing the rest of the 🦉| security impact junkie | https://t.co/OZ7D458owb
F1nd3r 0v3rrid3 @F1nD3r0
1K Followers 3K Following Sr Security engineer, occasional net runner, OSINT & InfoSec. Opinions my own. He/Him
Matcluck @doopsec
102 Followers 9 Following
Yehuda Smirnov @yudasm_
762 Followers 532 Following Security Researcher @Microsoft, opinions are my own.
Dave Aitel @daveaitel
28K Followers 2K Following Cyber Security Researcher | Policy Analyst | Partner at https://t.co/OpZchMm8Sz | @[email protected]
ӉѦСҠіИԌ ҬЄѦ... @HackingTeam777
22K Followers 351 Following #hacking #tecnología #cybersecurity #CyberSecurityNews #infosec #pentesting #cybersecurityawareness #informationsecurity #cyber #github #redteam #blueteam
Tom Plant @pl4nty
369 Followers 866 Following (bre|m)aker. building @devicie, organiser https://t.co/FdAFuCT7Q7, open sorcery https://t.co/a8GobbKiOM
Steve Borosh @rvrsh3ll
1K Followers 629 Following The future is not set. There is no fate, but what we make for ourselves. - John Connor
Nic Losby @Blurbdust
659 Followers 965 Following Red Teamer | He/Him | Obligatory opinions don't reflect employer | Occasional terrible developer of tools | PGP: 826087AF5C6653F0BAACA1C5E4CE747DEA558A13
Andy Ayrey @AndyAyrey
110K Followers 1K Following performance artist and hyperstitioneer: @upward_earth, infinite backrooms, @truth_terminal, ∞⟨X∴↯⟩∞
Justin Bollinger @Bandrel
6K Followers 2K Following hacker, finder of EKUwu (CVE-2024-49019) https://t.co/XQuqk8nGG6
PatrickJS @PatrickJS__
13K Followers 4K Following Technical Engineering Director @pwc, @QwikDev core. Previous: CTO @TipeIO (@ycombinator W18), CTO @Keychain (YC S12), made @Angular Universal (ssr)
Quentin Roland @croco_byte
294 Followers 37 Following Pentester @Synacktiv 🤖 https://t.co/FhHN2RnPym
Synacktiv @Synacktiv
20K Followers 271 Following Offensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
Simone Biles @Simone_Biles
2.0M Followers 309 Following Wife. Olympic Champion. IG & snapchat: simonebiles
Antisyphon Training @Antisy_Training
6K Followers 421 Following Antisyphon Training is here to disrupt the traditional training industry by providing high-quality and affordable education to everyone.
Gunnar Andrews @G0LDEN_infosec
5K Followers 919 Following Hack Stuff | Code Stuff | Fitness | Kaizen OSCP | OSWA | OSWE https://t.co/4lgaVGZxd0 https://t.co/db6Gmb2ImT https://t.co/uY8NkPXaqA
Ben Reader | 🔌😈 @powers_hell
4K Followers 566 Following IT Pro | Microsoft MVP | Speaker | Obsessed with automation. Using Bluesky.
Objective-See Foundat... @objective_see
19K Followers 1 Following 🍎 🛡️ 🛠️ Open-Source Tools 📚 "The Art of Mac Malware" books 🫂 "Objective by the Sea" conference Support us on https://t.co/tuGceSeyiC 🙏
SNOWcon @SNOWcon_2025
24 Followers 2 Following Hacker Winter Camp. A Cybersecurity Conference with a heavy Ski/Snowboard social aspect. Each year a new destination.
abhie @abhie
1K Followers 265 Following Security Analyst - Microsoft Threat Intelligence Center (MSTIC) - My tweets are my own
Microsoft Security @msftsecurity
349K Followers 325 Following We are prioritizing security above all else through our Secure Future Initiative (SFI). Explore SFI principles, pillars, and progress here ⬇️
Cedric Van Bockhaven @c3c
916 Followers 349 Following
Max Grim @max__grim
590 Followers 285 Following Red Teamer @OutflankNL | Cyber Security | Messing around with hardware
sapir federovsky @sapirxfed
5K Followers 183 Following Doing things @wiz_io And then doing more things at home | failed research blog: https://t.co/j2HT1TpscsTrends for United States
You might like
