_Ray @_RayRT
Senior Adversarial Engineer at Lares, Member of EVILCORP\Domain Fathers. https://t.co/SIwC7MLXmP Joined June 2018-
Tweets684
-
Followers356
-
Following838
-
Likes3K
I just released Flareprox 🔥 A Cloudflare based Fireprox alternative that allows you to route HTTP traffic through Cloudflare, to gain mostly unique IP Addresses, to avoid detection and blocks.
🚀H-C0N returns in 2026! Abierto CFP Los próximos 6 y 7 de febrero en Madrid volvemos con una nueva edición de H-C0N. ¿Quieres impartir una charla o taller y convertirte en uno de los ponentes de esta sexta edición? No lo dudes y mándanos tu propuesta a docs.google.com/forms/d/e/1FAI…
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…
cool post kennedn.com/blog/posts/tap…
Recently, a friend fell victim to an email account compromise so I decided to investigate the attack chain to help. The attack leveraged well-known techniques such as stolen credentials, malicious OAuth apps, and hidden Outlook rules: rayrt.gitlab.io/posts/Persiste…
AvePoint has fixed a vulnerability in DocAve, Perimeter and Compliance Guardian discovered by our researchers @m1ntko and @Calvaruga. This vulnerability can be used to achieve Remote Code Execution (RCE) in affected systems. ➡️ Advisory: avepoint.com/company/docave…
Understanding #ScatteredSpider is key to smarter defense. At Lares, we simulate advanced TTPs: social engineering, malware, lateral movement & exfiltration, to expose gaps and improve readiness. ✍️Raúl Redondo (@_RayRT), Senior Adversarial Engineer buff.ly/l5GvTbw
I've got ~5000 IP addresses to port scan for an engagement this week. Ax did it for me in minutes using hundreds of AWS EC2s. Ez github.com/attacksurge/ax
CVE-2025-50061, is a stored XSS @s0lfer and I found when testing an Oracle product a couple months ago. CVE details and fix will be released in a couple days 🙏
I wrote a short post about how you only need the NtReadVirtualMemory address for dynamic API resolution, plus how you could use a vulnerable binary to leak its address (and you would not have GetProcAddress, GetModuleHandle or LoadLibrary in the IAT) - github.com/ricardojoserf/…
Modern lateral movement techniques detection (mainly DCOM/DCE/RPC/RDP) with examples. Some assumptions worth mentioning: visibility into source IP/port/hostname, logon activity, remote process metadata. A blog post by @HuntressLabs team. Awesome read, guys!…
🚨 New attack disclosed: GitHub Device Code Phishing John, Matt, and Mason reveal how they've been using this technique to compromise F500 orgs with high success rates. 📖 Blog covers methodology, red team case studies & detection strategies praetorian.com/blog/introduci…
Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by @yaumn_ and @wil_fri3d. synacktiv.com/publications/n…
🎉 It is finally time for a new blog post! 🎉 Join us on our deep dive into Windows Authentication Coercion and its current state in 2025, including some brand-new tooling ✨ #itsec #infosec #pentest #redteam blog.redteam-pentesting.de/2025/windows-c…
The original BadSuccessor research by @YuG0rd was too good to ignore, I couldn't wait to replicate it in my lab. I wrote a short post on operationalizing the technique with real-world, stealthy abuse paths. medium.com/p/429cefc36187
🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷♂️ Read Here - akamai.com/blog/security-…
Certipy-merged has these PRs merged compared to the orginal Certipy from @ly4k_ . And now also Kerberos ADCS web enrollment support. So you probably want the merged version 🙃.
Certipy-merged has these PRs merged compared to the orginal Certipy from @ly4k_ . And now also Kerberos ADCS web enrollment support. So you probably want the merged version 🙃. https://t.co/ZA0aDtdv4W
Im happy to announce Neo4LDAP — a query and visualization tool focused on Active Directory environments. It combines LDAP syntax with graph-based data analysis in Neo4j, offering an alternative approach to tools like BloodHound. youtube.com/watch?v=5V22K3… 🧵: 1/4
Stumbled over this new AMSI bypass. It works by manipulating the COM RPC communication used by AMSI to talk to AV engines. By hooking NdrClientCall3 which handles the RPC calls we can intercept AMSI scan requests before they reach the AV engine. I wrote a simplified version that…

Joel GM @JoelGMSec
3K Followers 2K Following ● Senior Red Team Cybersecurity Expert ● Ex-CTO @ Cyberguard ● SysAdmin +10 years ● Creator of AutoRDPwn: The Shadow Attack Framework
ATTL4S @DaniLJ94
3K Followers 651 Following I like spending time understanding things | FSAS @NCCGroupInfosec
Eloy @[email protected]... @zer1t0
1K Followers 65 Following Moved to @[email protected] @hackliza, vegan
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
war chief manhattan @s658828r8p
0 Followers 4K Following opinions are my own solely. script kiddie. interests include computers, programming, bitcoin, and other interesting things. stack sats and lift weights.
mintko @m1ntko
27 Followers 376 Following
Elastic Security Labs @elasticseclabs
4K Followers 706 Following Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
not a chinese spy bal... @data_mael
66 Followers 1K Following
Nacho García Egea @nachogarciaegea
562 Followers 1K Following CyberSecurity Lover 🛡️⚔️💣 #Hacker #CISO #Advisor #Mentor #Melillense
JudyFegraeus @JFegraeus60137
49 Followers 348 Following We invite you to come here to find your soulmate. Please click on our blind date club WhatsApp link https://t.co/9gErjWrkgM
Richard Davy @rd_pentest
2K Followers 903 Following Penetration Tester. CREST CCT | OSCE | OSCP | OSWP
Star Miu @AistAstrea
240 Followers 4K Following Don't waste time hating others. Make time for those who love you. 🇵🇭/🇯🇵 #Music #Coffee #Foodie #Traveler #Makeup
hansmustermann @hmustermann1
8 Followers 2K Following
Marc André Tanner @marcandretanner
111 Followers 723 Following Information Security, Systems Programming, Text Editors, ...
Elavarasan @elaajirg
60 Followers 2K Following
Vic Jay @VicJay14
16 Followers 420 Following
db @whokilleddb
1K Followers 513 Following Maldev @bhinfosecurity | Finding increasingly stupid ways to do simple things
CatalinB @pb_catalin
53 Followers 832 Following
Peter Winter-Smith @peterwintrsmith
6K Followers 3K Following Security researcher & implant developer @mdseclabs; developing SAST @wsastsupport; malware, code analysis, appsec, cryptography. Trying to follow Christ.
James W. @cyberbiz4
163 Followers 4K Following looking for a cyber position in blue team. Metro Vancouver, Canada. Defender, GIAC x 3, AWS, M365, Splunk, Azure
Sandipan Roy @ByteHackr
204 Followers 2K Following Senior Product Security Engineer @RedHat | SDE @Fedora | #PSIRT #RHEL | Ex @parrotsec
Constantin @HackmichNet
465 Followers 2K Following Windows security novice ... Always try to learn something new ... Happy hacking
Andrew McCallum @atr8472
727 Followers 6K Following
Ertugrul Basaranoglu @basaranertugrul
617 Followers 631 Following
cyberresponder @Malwarenailed
267 Followers 3K Following tweets and opinions are my own. dfir/threat hunting/malware research
dexter @dexter79331247
0 Followers 2K Following
Иormallik Ölümdür... @zero0day0
825 Followers 4K Following o kadar özgür ol ki seni sınıflandıramasınlar.
@mil @jsarba
110 Followers 1K Following a toda velocidad... en la ruta del oído y el olfato... degustando la vista y el tacto. ig. @emilianosarba
Mario de Sousa Lima @MarioSousaLima
128 Followers 5K Following
Ring3API 🇺🇦 @ntlmrelay
7K Followers 3K Following #ThreatHunting / #BlueTeam engineer. I'm just looking for traces in the logs. Reading and retweeting cool stuff. MITRE ATT&CK Defender:CTI,SOCAsses,AE,PTM,THDE.
shiyan @shiyan2025
5 Followers 576 Following
bakhshiyev @bakhshiyevg
17 Followers 459 Following
Nacho Gomez @_nag0mez
455 Followers 394 Following Offensive Security @ NCC Group | ❤️ Breaking Things
magnetic rose @IntelRoose
255 Followers 3K Following
Evan Nil @thr33thirty3
145 Followers 2K Following
CHINONSO OKEKU @okekuchinonso
0 Followers 730 Following
BlackMantiSec @Blackmantisec
2K Followers 3K Following https://t.co/QJG8JQTlSl Compañía enfocada a brindar servicios ofensivos especializados de Pentest, Red Team, Adversary Emulation y Purple Team.
Offsec Insights @OffsecInsights
2 Followers 35 Following
ation @ation2000
2 Followers 243 Following
ice @ice98079542
96 Followers 3K Following
Darren Webb ☠🕷 @spyd3r
1K Followers 7K Following Computational demonologist. The following tweets are classified SECRET GOLD JULY BOOJUM. 101 824 5150
Dr. Lithium @LithiumLilly
293 Followers 576 Following I whisper sweet nothings to computers and they reveal their secrets.
Kasaine @Kasaine17
9 Followers 311 Following
DarkRay @darkr4y
174 Followers 1K Following cyber sec enthusiasts. now its time to pentest! ٩(•̤̀ᵕ•̤́๑)
X-C3LL @TheXC3LL
5K Followers 632 Following Just a biologist that loves to break cyber-stuff. Ka0labs / @AdeptsOf0xcc / ID-10-Ts member. 🦉
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
vx-underground @vxunderground
377K Followers 294 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
elhacker.NET @elhackernet
130K Followers 615 Following Recibiendo ataques DDoS desde 2001. RIP wolfbcn. Telgram https://t.co/QSdxPId0ZH - Tecnología, seguridad, informática
Nicolas Krassas @Dinosn
147K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
DirectoryRanger @DirectoryRanger
35K Followers 96 Following This account assembles and disseminates information related to Active Directory and Windows security.
Joel GM @JoelGMSec
3K Followers 2K Following ● Senior Red Team Cybersecurity Expert ● Ex-CTO @ Cyberguard ● SysAdmin +10 years ● Creator of AutoRDPwn: The Shadow Attack Framework
Vincent Yiu @vysecurity
29K Followers 254 Following Director, Red Team, Offensive Security. Help organizations safeguard their businesses from the bad guys.
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Adepts of 0xCC @AdeptsOf0xCC
2K Followers 6 Following A brotherhood of owls praying to the debugger God. Press F7 to step into our prayers!
Binni Shah @binitamshah
141K Followers 165 Following Linux Evangelist, Malwares, Security enthusiast , Investor, Contrarian , Philanthropist , Reformist , Sigma female 🦋 https://t.co/WOvf41tMKV
Cas van Cooten @chvancooten
10K Followers 673 Following Benevolently malicious offensive security enthusiast || OffSec Developer & Malware Linguist || NimPlant & NimPackt author || @ABNAMRO Red Team
Charlie Bromberg « ... @_nwodtuhs
15K Followers 652 Following Trying to hack the way we hack things 🏴☠️
Kurosh Dabbagh @_Kudaes_
1K Followers 194 Following nt authority\kurosh https://t.co/MCEI38ndVE https://t.co/w6aiUt7YlZ
ATTL4S @DaniLJ94
3K Followers 651 Following I like spending time understanding things | FSAS @NCCGroupInfosec
Jean @Jean_Maes_1994
12K Followers 1K Following @sansoffensive Certified instructor/SEC565 author/SEC699 co author
Paul Muad’Dib L. @am0nsec
6K Followers 274 Following Senior Security Consultant @ Mandiant (part of Google Cloud). Tweets attributable to me — not current or former employers. Honneur de vous rendre compte.
Unitree @UnitreeRobotics
91K Followers 307 Following High performance civilian robot manufacturer. Please everyone be sure to use the robot in a Friendly and Safe manner. https://t.co/hI6LafokVm
mintko @m1ntko
27 Followers 376 Following
TopDeck @TCGTopDeck
985 Followers 32 Following Tu tienda de juegos de mesa y cartas coleccionables en Madrid ¿Tienes alguna propuesta o sugerencia? [email protected]
MOR DAVID @m0rd4vid
242 Followers 440 Following Cyber Security Expert & Red Teamer with 5+ Years of Experience.
Panos Gkatziroulis �... @netbiosX
25K Followers 815 Following Red/Purple Teamer | Blogger | Ex-Director @pentestlabltd | Mod @ https://t.co/1nzjl9KpSH | https://t.co/mIM1GA1mN4
Dibujitos Aleatorios @Garabatxs
26K Followers 573 Following Yo quería dibujar, yo quería dibujar una situación jugando con el paint. Mamporrero tolili. 📧: [email protected]
Alerta News 24 @AlertaNews24
2.6M Followers 240 Following Alertas a nivel mundial las 24 horas en tiempo real. (📷 29/09/25: 🇺🇸🇮🇱🇵🇸 | Trump presenta su Plan de Paz para Gaza.)
Praetorian @praetorianlabs
8K Followers 1K Following At Praetorian, our mission is clear: prevent breaches before they happen by emulating real-world attackers. That’s the power of #ContinuousOffensiveSecurity.
Genspark @genspark_ai
22K Followers 49 Following General AI Agent for Everyone and Everyday Tasks Follow us: https://t.co/s8I5BNXBdV https://t.co/y0XAALqRd6
Chubby♨️ @kimmonismus
85K Followers 3K Following Dream realized! Turned my love for AI into a career - sharing daily. Get my newsletter (210k+ subs): 📰 https://t.co/QaaY1wN9Tq // //📧 [email protected]
Falcon Despega @falcon_despega
20K Followers 21 Following Monitorización de la flota de aviones Falcon del Grupo 45 de las Fuerzas Aéreas
RedTeam Pentesting @RedTeamPT
8K Followers 174 Following Official RedTeam Pentesting GmbH account -- Impressum: https://t.co/pS9oK62Lsu
Hackmanac @H4ckmanac
93K Followers 367 Following We track verified, real-world cyber attacks to help you develop effective Cybersecurity strategies. Try https://t.co/eB7qgxKFAa, your Strategic Threat Intelligence platform
MSec Operations @MSecOps
1K Followers 1 Following
Devon Kerr @_devonkerr_
8K Followers 724 Following Director of Threat Research and @ElasticSecLabs team lead; custodian of secret histories. Posts are my own.
Elastic Security Labs @elasticseclabs
4K Followers 706 Following Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
Operador Nuclear @OperadorNuclear
278K Followers 864 Following Alfredo García. Licencia Operador Reactor y Supervisor. Ingeniero Telecomunicaciones. Comunicación Audiovisual. Divulgador. Conferenciante. Consultor @IAEAorg
Dennis Kniep @dennis_kniep
238 Followers 242 Following
White Knight Labs @WhiteKnightLabs
9 Followers 2 Following
FalconForce Official @falconforceteam
3K Followers 337 Following Building a resilient digital society through highly specialised digital security consulting.
bri5ee @bri5ee
132 Followers 316 Following Detection Engineering & IR | Red Team @wrccdc | OSCP, CRTO, CARTP | Prev @globalcptc @wrccdc competitor @calpolyswift | Prev @anduriltech
Lazy Canadian Investo... @JimChuong
29K Followers 0 Following Turned $300 into a multimillion dollar retirement at age 40. Education. Not advice. A lazy Canadian investor in U.S. real estate and U.S. stocks.
The Haag™ @M_haggis
9K Followers 2K Following Threat Researcher | Co-Host of Atomics on a Friday | LOLDrivers & Atomic Red Team Maintainer | I'm Everywhere and Nowhere - BSG.
RAE @RAEinforma
2.2M Followers 220 Following La Real Academia Española vela desde 1713 por el buen uso y la unidad del español, patrimonio común de 590 millones de personas. Dudas lingüísticas: #dudaRAE.
Sandy Petersen 🪔 @SandyofCthulhu
44K Followers 718 Following Game Designer, Horror fan, Grandpa. Founded Lovecraftian gaming. CEO of Petersen Games. Also Doom, Age of Empires, etc. Subscribe for game insights & history!
Jacob Paullus @psycep_
101 Followers 48 Following @Mandiant Red Teamer / Something something views are my own
Ruth G.N @RuthGnz
472 Followers 217 Following Cybersecurity and Cloud Engineer. Girl in tech. 💼 @keepler_io ✉️ [email protected] Crossfitter & Runner🏋🏻 Unicorns are real 🦄
Meltdown Madrid @MeltdownMadrid
3K Followers 742 Following Rock gaming pub 🍻Cócteles exclusivos 🕹Consolas y árcade de uso gratuito. ⚠️ Solo +18. Solo reservas a grupos de + de 10. Visita el linktree para + info ⬇️
Asuka Nakajima | 中�... @AsuNa_jp
10K Followers 980 Following Senior Security Research Engineer @Elastic / BlackHat USA & Asia Review Board / CTF for GIRLS / 著書『サイバー攻撃』/ サイバーセキュリティに関する総務大臣奨励賞 / My tweets are my own opinion
Sam Erde @SamErde
3K Followers 2K Following PowerShell MVP that is passionate about helping others succeed with Active Directory, Entra ID, Defender XDR, and Microsoft 365. Always learning! ✝️👨👩👧👦☕
Cerbersec @cerbersec
4K Followers 215 Following I make things to break things | Red Team @MDSecLabs | Opinions are my own
Bert-Jan 🛡️ @BertJanCyber
4K Followers 567 Following CSIRT | https://t.co/Tu1l2ZFe0T | Microsoft Security MVP | Blue & Purple Team | SOC | SIEM | Threat Hunting | Detection Engineering | #KQL |
Richard Davy @rd_pentest
2K Followers 903 Following Penetration Tester. CREST CCT | OSCE | OSCP | OSWP
Elastic @elastic
64K Followers 177 Following Elastic is The Search AI Company. We bring together the precision of search and the intelligence of AI to accelerate results that matter.