Logan Goins @_logangoins
Adversary Simulation @SpecterOps logan-goins.com United States Joined April 2024-
Tweets103
-
Followers1K
-
Following162
-
Likes283
We are back with our BloodHound t-shirt fundraiser! 🙌 Grab your BloodHound 8.0 shirt today. All funds raised will go directly to @HopeforHIE, the global voice for families affected by Hypoxic Ischemic Encephalopathy. 👕: ghst.ly/bh8-tshirt
knew win10 had the dsquery.dll laying around but never knew what to do with it "rundll32.exe dsquery.dll OpenQueryWindow" will pop open a console for you and you can do some light LDAP recon you can also open with with win + ctrl + f probably useful for VDI/Citrix type tests
There's no one-size-fits-all C2 framework. That's why @its_a_feature_ spent 7 years building Mythic, & learning lessons along the way. Join Cody at @MCTTP_Con, where he will share the tips & tricks every red teamer needs to hear. Learn more: ghst.ly/4mGUBw2
I recently came across a great blog from Chris Farris on AWS ransomware techniques using KMS. I decided to test it out in my own lab and ended up writing a post that showcases the attack path in RDS and EBS, plus what defenders can do about it. heilancoos.github.io/research/2025/…
Oh, that's nice! I've done something similar recently with a vibe coded HTTP proxy server run in context of the target user to access the needed web resource behind domain authentication instead of an LDAP relay 😁
Oh, that's nice! I've done something similar recently with a vibe coded HTTP proxy server run in context of the target user to access the needed web resource behind domain authentication instead of an LDAP relay 😁 https://t.co/1UQiifmTjQ
🚨 New #BloodHound shirt alert 🚨 ✅ - Unisex and ladies sizes available ✅ - Cool design :) ✅ - ALL profits go to charity: Hope for HIE, which supports families suffering the effects of hypoxic ischemic encephalopathy Get your shirt here: ghst.ly/bh8-tshirt
ICYMI: Our BloodHound t-shirt fundraiser is happening now! Add the BloodHound 8.0 shirt to your collection today! All funds raised will go directly to @HopeforHIE, the global voice for families affected by Hypoxic Ischemic Encephalopathy. 👕: ghst.ly/bh8-tshirt
In 3 weeks, @d_tranman and I will be giving our talk, "COM to the Darkside" at @MCTTP_Con in the Offensive Track. The talk will focus on 90's MCP technology and will deep dive into some fun (D)COM topics. See you there!
Just posted a new blog that provides a retrospective, research updates, and a new malware family based on the research that @_logangoins and I put on in December 2024. I included some YARA rules and areas of detection for the provided research updates! beierle.win/2025-08-28-A-N…
Cookie theft has evolved. 🍪 Over the last year, stealing cookies on Windows devices has changed significantly for Chromium browsers like Chrome and Edge. Andrew Gomez dives into these changes, how threat actors adapt, & new detection opportunities. ghst.ly/45S1ZgW
BadSuccessor is dead… or is it? The patch for CVE-2025-53779 fixed the priv-esc. While no longer a vulnerability, the tactic still applies in certain scenarios. Defenders should be aware of it. Details: akamai.com/blog/security-…
Trying to fly under EDR's radar? @_logangoins explains how to use HTTP-to-LDAP relay attacks to execute tooling completely off-host through the C2 payload context. Perfect for when you need LDAP access but want to avoid being caught stealing creds. ghst.ly/41mjMv7
I automated the POC for stealing policies from MP relays from this blog into a modified version of mssqlclient specterops.io/blog/2025/07/1… would work too with any other piv account to the DB github.com/garrettfoster1… (no PR because impacket doesnt merge, sorry)
I wanted to find out if you could start the WebClient service remotely, so I ended up digging into it specterops.io/blog/2025/08/1…
Who doesn't like free creds?
PDQ SmartDeploy versions prior to 3.0.2046 used static, hardcoded encryption keys for cred storage. Low-privileged users could potentially access admin creds from registry or deployment files. @unsigned_sh0rt unpacks his testing in his latest blog post. ghst.ly/4mjyuvw
The AD CS security landscape keeps evolving, and so does our tooling. 🛠️ @bytewreck drops info on Certify 2.0, including a suite of new capabilities and refined usability improvements. ghst.ly/45IrBxI
WSFC misconfigurations can turn your domain into one big fustercluck. I'm sharing fustercluck today as part of my #BHUSA presentation. The README summarizes the issues and a detailed blog is coming soon. github.com/garrettfoster1…
Had a wonderful time at @BlackHatEvents 2025! Loved talking to and meeting all the SpecterOps folks, and even had the pleasure of seeing my own face pop up during @unsigned_sh0rt 's talk 😂 The talks were fantastic, and I can't wait to come back next year!
Spiros Pitikaris 🏴 @cmpspiti
1K Followers 1K Following | Offensive Security & Digital Forensics Operator | 🇬🇧🇬🇷
∵ しょうがな�... @ALT8757
49 Followers 497 Following Lost Red Teamer :: Has some certs :: RTs sometimes :: Lurks often ::
lazzslayer @lazzslayer
4K Followers 585 Following Red Team | Co-Author of Redefining Hacking | VP for @bsidesnash | Advisory Board for @redteamvillage_ | OSCP, GCPN, CISM, GPEN | 🤠
chaignc - Sanson @chaignc
4K Followers 4K Following AI Cartel - CEO - Hiring solution for founders. Ex-Hacker, I protected governments, hospitals, defense, and CAC40. Hacker AI - CEO: acquired in 2023.
hidamog @hidamog
105 Followers 1K Following
No4Hypocr8 @No4Hypo
240 Followers 3K Following Rationalist, Modern Thinker who want to expose hypocrites! *****Free Sanjay Bhat*****
sn🥶vvcr💥sh @snovvcrash
12K Followers 488 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Kyle Meyer @0xSterny
1K Followers 726 Following Abricto Security Security Consultant. Hacker. Father. Friend.
Arnold Lolas @ArnoldLolas
3 Followers 113 Following
Shaun8 @ShaunakKhade
32 Followers 534 Following
wotwot @wotwot563
19 Followers 551 Following
Joris Ignoul @IgnoulJoris
22 Followers 506 Following
Karumuri Rahul Benerj... @rahulkarumuri
1 Followers 95 Following
Alexis @_heilancoos
7 Followers 103 Following Security Researcher | Threat Simulation & Incident Response
teycir bensoltane @teycirben
85 Followers 2K Following
James Curbow @your_b1gbroth3r
118 Followers 723 Following I'd take a header off the Bridge of Nations just to brush arms with ya
Joseph Nguyễn @josephbt7o
4 Followers 201 Following
Abdullah @Silver_Kin9
37 Followers 852 Following
T6EIyoBMB6v @T6EIyoBMB6v
0 Followers 56 Following
Cyber Lockhead @CyberLockh88651
1 Followers 49 Following
Adrian @NRG_03
434 Followers 3K Following INFOSEC / Vulnerability Management by day #OSCP ¦ {my dragon's opinions not my employer's} ¦¦ RTs are not endorsements!
Tareq Tahboub @TareqTahboub
275 Followers 949 Following Pentester, security researcher, ham operator, part time van lifer.
muchen @muchen28041
0 Followers 370 Following
__noir__ @RGanehsa87150
22 Followers 718 Following
Ricardo Tavares @1RicardoTavares
132 Followers 2K Following
Dr Thomas NΞNNINGΞR @T_Nenninger
32K Followers 7K Following Médecin spé, Philosophe partisan. #ThinkDifferent. Envie de m'offrir des chocolats? Ici: https://t.co/JuWoo3WRGA
Ravi Nayyar @ravirockks
1K Followers 4K Following Software & CNI Law | PhD Candidate @Sydney_Uni | Fellow @ASPI_org | Associate Fellow @ Social Cyber Institute | Blogging @TechLegalUpdate | #KalikaMataKiJai
RAGIB Cyber @RAGIBCYBER
2 Followers 269 Following
Zac jinvo @zacjinak
19 Followers 342 Following
James @BBHunter7331
11 Followers 312 Following Information Systems Auditor || collaborative communicator || father
1 @8_billions
71 Followers 782 Following
Muhmmad Irfan @Muhmmad69953409
21 Followers 2K Following
fepra @FelipeP89916938
9 Followers 303 Following /* meu ofício é saber o que os outros não sabem sou técnico, mas só tenho técnica dentro da técnica */
baric @c0d3addict
43 Followers 287 Following Cybersecurity pro with a coding edge and a flair for phishing. I craft smart simulations, and stay ahead of threats. Always up for a challenge
Pencer @pencer_io
91 Followers 368 Following Cyber Security, Penetration Testing, Hacking, CTF, Coding and Web enthusiast
B @emojivi
357 Followers 1K Following
Blaise @BlaiseBrignac
411 Followers 145 Following Left the USB, took the cannoli. Hacker shenanigans 8-11pm CST, Sat-Thurs @ https://t.co/vrcdljAdDj
sn🥶vvcr💥sh @snovvcrash
12K Followers 488 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Alexis @_heilancoos
7 Followers 103 Following Security Researcher | Threat Simulation & Incident Response
Andrea P @decoder_it
8K Followers 290 Following Security Consultant @semperistech . Independent Security Researcher. Cyclist & Scubadiver. MSRC MVR 2022. "So di non sapere"
BlaiseBits @BlaiseBits
108 Followers 158 Following High tech low life hacker shenangians streamer. Live weekends from 9-11pm CST.
Devon Kerr @_devonkerr_
8K Followers 722 Following Director of Threat Research and @ElasticSecLabs team lead; custodian of secret histories. Posts are my own.
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
Aura @SecurityAura
6K Followers 651 Following GCIH, GCFE, GDAT | DFIR, TH, DE | @CuratedIntel DFIR https://t.co/BMWUwziTLh https://t.co/MmX2YNVqdk https://t.co/R20zseQfLk
Bad Sector Labs @badsectorlabs
8K Followers 503 Following Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]
Marcello @byt3bl33d3r
30K Followers 560 Following CyBeRsEcUrItY | Not afraid to put down with some THICC malware on disk | securing and breaking AI @PaloAltoNtwks | Ex @spacex
Jonny Johnson @JonnyJohnson_
8K Followers 419 Following Principal Windows Security Researcher @HuntressLabs | Windows Internals & Telemetry Research
Panos Gkatziroulis �... @netbiosX
25K Followers 812 Following Red/Purple Teamer | Blogger | Ex-Director @pentestlabltd | Mod @ https://t.co/1nzjl9KpSH | https://t.co/mIM1GA1mN4
Clément Notin @cnotin
6K Followers 974 Following 😈 Security research (#ActiveDirectory #EntraID) & pentest 🎉 #CTF @tipi_hack 👨💼 Works @TenableSecurity, opinions my own 🪂 https://t.co/4HRwJQ6PUm
Scoubi @ScoubiMtl
2K Followers 260 Following All Things BloodHound | InfoSec, Threat Hunting, Detection Engineering, DFIR and some personal stuff.
@belette_timorée @belettet1m0ree
119 Followers 281 Following ✒️tester 🏃🏾♂️Run.. Run with It!! Pick up Something Start to run with it!🏃🏾♂️
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows | Interested in Security, Debugging, and Windows Internals.
LuemmelSec @theluemmel
8K Followers 552 Following I speak BloodHound. Husband, Father, IT-Guy, Security-Noob Blog: https://t.co/PXB35KEqs6 GitHub: https://t.co/Unp9jZOpBn
Rob Winchester @robwinchester3
1K Followers 229 Following Vice President @SpecterOps | Former USAF | Problem Solver
klez @KlezVirus
8K Followers 706 Following Independent Cyber Security Researcher - Opinions are my own
Synacktiv @Synacktiv
20K Followers 271 Following Offensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
Justin Bui @slyd0g
4K Followers 345 Following I break computers and skateboards | red/blue/whatever let's make security better | Offensive Security @Snowflake | Prev @Zoom @SpecterOps
DANΞ @cryps1s
14K Followers 445 Following CISO @OpenAI | Ex-CISO @PalantirTech | Occasional Shitposter | 🇺🇸 All views are my own, not my employer. Duh. (Tweets == 30d retention)
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
ʎppɐɯɔ @cmaddalena
2K Followers 506 Following I prefer to make things | https://t.co/7l8uQlu0bY | Author of Printing Props (https://t.co/9b6KNMaV1L)
RedTeam Pentesting @RedTeamPT
8K Followers 173 Following Official RedTeam Pentesting GmbH account -- Impressum: https://t.co/pS9oK62Lsu
Luke Paine @v3r5ace
755 Followers 124 Following Husband | Father | Medic | Manager of Training Development @SpecterOps | Host of @dcpthepodcast | Creator of The Defender's Guide
Martin Sohn @martinsohndk
411 Followers 162 Following BloodHound Enterprise TAM @SpecterOps https://t.co/DSlhf0kax3
Jim Sykora @JimSycurity
2K Followers 2K Following I enjoy security, technology, learning, books, & the great outdoors. Trying to be human & kind. Opinions = mine. He/Him/Hän
Rémi GASCOU (Podalir... @podalirius_
8K Followers 651 Following Security Researcher & Speaker | Microsoft Security MVP | Developer of security tools 🎬 https://t.co/QaAENc4NcY
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
noodlearms @infosecnoodle
291 Followers 303 Following
Alex Ionescu @aionescu
47K Followers 2K Following Chief Technical Innovation Officer @crowdstrike. Windows Internals author and trainer. He/Him. RTs are not endorsements, opinions are my own.Trends for United States
You might like
