Logan Goins @_logangoins
Adversary Simulation @SpecterOps logan-goins.com United States Joined April 2024-
Tweets116
-
Followers1K
-
Following170
-
Likes300
Lateral movement getting blocked by traditional methods? @werdhaihai just dropped research on a new lateral movement technique using Windows Installer Custom Action Server, complete with working BOF code. ghst.ly/4pN03PG
Fact: Remote service and scheduled task creation bypass firewalls on DCs and Win file servers because of SMB tunnelling. Solution: Create RPC filters that block MS-SCMR and MS-TSCH over named pipes. The latter has 3 UUIDs, so blocking the atsvc pipe is more elegant. #DSInternals
Added CRED-8 to Misconfiguration Manager, which is @unsigned_sh0rt's MP relay to dump machine policy secrets. MM link: github.com/subat0mik/Misc… Blog link: specterops.io/blog/2025/07/1…
Operating Outside the Box: NTLM Relaying Low-Privilege HTTP Auth to LDAP - @_logangoins specterops.io/blog/2025/08/2…
Check out Titanis, my new C#-based protocol library! It features implementations of SMB and various Windows RPC protocols along with Kerberos and NTLM. github.com/trustedsec/Tit…
Better late than never. I wrote a post that analyzes the Salesloft-Drift breach in the context of Attack Paths. specterops.io/blog/2025/09/2… My main takeaways: 1) Hybrid paths are not limited to two platforms owned by the same organization 2) Ad-hoc paths arise when passwords are…
Excited to present with @breakfix at #BHEU @BlackHatEvents where we'll be sharing our research on attacking System Center Operations Manager! @SpecterOps
BloodHound's OpenGraph is 🔥🚀 This is how we rapidly developed a customer specific attack primitive for BloodHound that we call "ManagerOf" 👇
BloodHound's OpenGraph is 🔥🚀 This is how we rapidly developed a customer specific attack primitive for BloodHound that we call "ManagerOf" 👇
I came across a WMI Win_32 Process replacement with some extra useful functionality. specterops.io/blog/2025/09/1…
Proud to have you here @bohops & Dylan Tran #mcttp #hansesecure #meetfriends #itsecurity @HanseSecure
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…
Even with HTTPS, Windows Server Update Services can be abused if attackers obtain a trusted certificate, allowing authentication relay. In our blog, @Coontzy1 explains how WSUS traffic can be found and abused, and what sparked his investigation. Read now! trustedsec.com/blog/wsus-is-s…
ICYMI: SO-CON is returning to Arlington, VA! #SOCON2026 will be bigger than before with a new third talk track. 🧑🏫 Conference: April 13-14, 2026 💻 Training: April 15-18, 2026 Sign up now to receive updates → specterops.io/so-con/
We are back with our BloodHound t-shirt fundraiser! 🙌 Grab your BloodHound 8.0 shirt today. All funds raised will go directly to @HopeforHIE, the global voice for families affected by Hypoxic Ischemic Encephalopathy. 👕: ghst.ly/bh8-tshirt
knew win10 had the dsquery.dll laying around but never knew what to do with it "rundll32.exe dsquery.dll OpenQueryWindow" will pop open a console for you and you can do some light LDAP recon you can also open with with win + ctrl + f probably useful for VDI/Citrix type tests
There's no one-size-fits-all C2 framework. That's why @its_a_feature_ spent 7 years building Mythic, & learning lessons along the way. Join Cody at @MCTTP_Con, where he will share the tips & tricks every red teamer needs to hear. Learn more: ghst.ly/4mGUBw2
I recently came across a great blog from Chris Farris on AWS ransomware techniques using KMS. I decided to test it out in my own lab and ended up writing a post that showcases the attack path in RDS and EBS, plus what defenders can do about it. heilancoos.github.io/research/2025/…
Oh, that's nice! I've done something similar recently with a vibe coded HTTP proxy server run in context of the target user to access the needed web resource behind domain authentication instead of an LDAP relay 😁
Oh, that's nice! I've done something similar recently with a vibe coded HTTP proxy server run in context of the target user to access the needed web resource behind domain authentication instead of an LDAP relay 😁 https://t.co/1UQiifmTjQ
🚨 New #BloodHound shirt alert 🚨 ✅ - Unisex and ladies sizes available ✅ - Cool design :) ✅ - ALL profits go to charity: Hope for HIE, which supports families suffering the effects of hypoxic ischemic encephalopathy Get your shirt here: ghst.ly/bh8-tshirt
ICYMI: Our BloodHound t-shirt fundraiser is happening now! Add the BloodHound 8.0 shirt to your collection today! All funds raised will go directly to @HopeforHIE, the global voice for families affected by Hypoxic Ischemic Encephalopathy. 👕: ghst.ly/bh8-tshirt
pulxar @pu1xar
0 Followers 302 Following Cyber security Enthusiast 🔥 I just subscribe you for study 💪
ggcyghjn @tdxgjnn
3 Followers 191 Following
Qowqar Asgerov @AsgerovQowqar
14 Followers 589 Following
Hosein @Hosein635643
0 Followers 191 Following
KarlBlock @_Error_503_
108 Followers 523 Following
Vip3r @lorin0800
12 Followers 432 Following
BeaconBytes @beacon_bytes
4 Followers 192 Following I’m a 17-year-old cybersecurity enthusiast on a mission to document my journey into the world of hacking, red teaming, and security research.
Alpha @Alpha119162
0 Followers 23 Following
Karumuri Rahul Benerj... @rahul_benerjee
0 Followers 76 Following
lofie 🍄🧚♀�... @shikataganai9
7 Followers 98 Following i love poems, lofi. The sea where i found thee. My wonderful, beautiful sea-soul
k0imet @k0imet
57 Followers 72 Following Founder and Captain : @fr334aks Co-Founder : @ke_bug_bounty
@Blu3Ops @Blu3Ops
19 Followers 736 Following
Vishal Arora @vshalarora82
214 Followers 2K Following
classic @classic225703
51 Followers 625 Following
bougouizi foudil @FoudilBougouizi
1 Followers 39 Following
Callum Stewart @stewart_sec
183 Followers 1K Following penetration tester, salt & vinegar crisp addict
Raphaël Lacroix @Chepycou
1 Followers 98 Following 🇫🇷 French ✏️ Aspiring penetration tester (Currently looking for a Penetration Tester position in Toulouse). CTF Player 🎹 Plays piano, drums and composes
bjcls @bjcls
6 Followers 345 Following
lili li @VOp683
0 Followers 34 Following
MADCANE @madcane3
20 Followers 123 Following
Pawel @Pawel86858998
1 Followers 112 Following
ego sum ultra @banpornography
716 Followers 845 Following
Spiros Pitikaris 🏴 @cmpspiti
1K Followers 1K Following | Offensive Security & Digital Forensics Operator | 🇬🇧🇬🇷
∵ しょうがな�... @ALT8757
49 Followers 516 Following Lost Red Teamer :: Has some certs :: RTs sometimes :: Lurks often ::
lazzslayer @lazzslayer
4K Followers 585 Following Red Team | Co-Author of Redefining Hacking | VP for @bsidesnash | Advisory Board for @redteamvillage_ | OSCP, GCPN, CISM, GPEN | 🤠
chaignc - Sanson @chaignc
4K Followers 4K Following I protected governments, hospitals, defense, and CAC40. Hacker AI - CEO: acquired in 2023.
hidamog @hidamog
103 Followers 1K Following
No4Hypocr8 @No4Hypo
241 Followers 3K Following Rationalist, Modern Thinker who want to expose hypocrites! *****Free Sanjay Bhat*****
sn🥶vvcr💥sh @snovvcrash
12K Followers 490 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Kyle Meyer @0xSterny
1K Followers 731 Following Abricto Security Security Consultant. Hacker. Father. Friend.
Arnold Lolas @ArnoldLolas
0 Followers 116 Following
Shaun8 @ShaunakKhade
37 Followers 541 Following
wotwot @wotwot563
19 Followers 551 Following
Joris Ignoul @IgnoulJoris
23 Followers 515 Following
Karumuri Rahul Benerj... @rahulkarumuri
1 Followers 96 Following
X-Technobro @vendetce
504 Followers 695 Following
nyxgeek @nyxgeek
7K Followers 3K Following rebel scum, nerfherder, dogged and relentless. H/P/V/A/C Directory - https://t.co/qn0D9H7IIi
Aurélien Chalot @Defte_
4K Followers 460 Following Hacker, sysadmin and security researcher @OrangeCyberdef 💻 Calisthenic enthousiast 💪 and wannabe philosopher https://t.co/SqDDhIGGGh 📖 🔥 Hide&Sec 🔥
Chirag Savla @chiragsavla94
3K Followers 5K Following With Knowledge We Know the Words.. But... With experience We Know their Meaning ! #HOF #Microsoft #BigBasket
Andrew @4ndr3w6S
3K Followers 2K Following Detection Engineering @HuntressLabs | Prev. Practice Lead, TAC (Purple Team) @TrustedSec | @SpursOfficial Super Fan - COYS!
Akamai Security Intel... @akamai_research
26K Followers 109 Following All security research, all the time. Bringing you the latest insights from @Akamai’s research teams across the globe.
Blaise @BlaiseBrignac
409 Followers 145 Following Left the USB, took the cannoli. Hacker shenanigans 8-11pm CST, Sat-Thurs @ https://t.co/vrcdljAdDj
sn🥶vvcr💥sh @snovvcrash
12K Followers 490 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Alexis @_heilancoos
12 Followers 151 Following Security Researcher | Threat Simulation & Incident Response
Andrea P @decoder_it
8K Followers 292 Following Security Consultant @semperistech . Independent Security Researcher. Cyclist & Scubadiver. MSRC MVR 2022. "So di non sapere"
BlaiseBits @BlaiseBits
114 Followers 166 Following High tech low life hacker shenangians streamer. Live weekends from 9-11pm CST.
Devon Kerr @_devonkerr_
8K Followers 724 Following Director of Threat Research and @ElasticSecLabs team lead; custodian of secret histories. Posts are my own.
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
Aura @SecurityAura
6K Followers 654 Following GCIH, GCFE, GDAT | DFIR, TH, DE | @CuratedIntel DFIR https://t.co/BMWUwziTLh https://t.co/MmX2YNVqdk https://t.co/R20zseQfLk
Bad Sector Labs @badsectorlabs
8K Followers 506 Following Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]
Marcello @byt3bl33d3r
30K Followers 561 Following CyBeRsEcUrItY | Not afraid to put down with some THICC malware on disk | securing and breaking AI @PaloAltoNtwks | Ex @spacex
Jonny Johnson @JonnyJohnson_
8K Followers 424 Following Principal Windows Security Researcher @HuntressLabs | Windows Internals & Telemetry Research
Panos Gkatziroulis �... @netbiosX
25K Followers 815 Following Red/Purple Teamer | Blogger | Ex-Director @pentestlabltd | Mod @ https://t.co/1nzjl9KpSH | https://t.co/mIM1GA1mN4
Clément Notin @cnotin
6K Followers 974 Following 😈 Security research (#ActiveDirectory #EntraID) & pentest 🎉 #CTF @tipi_hack 👨💼 Works @TenableSecurity, opinions my own 🪂 https://t.co/4HRwJQ6PUm
Scoubi @ScoubiMtl
2K Followers 261 Following All Things BloodHound | InfoSec, Threat Hunting, Detection Engineering, DFIR and some personal stuff.
@belette_timorée @belettet1m0ree
121 Followers 281 Following ✒️tester 🏃🏾♂️Run.. Run with It!! Pick up Something Start to run with it!🏃🏾♂️
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows and Devices | Interested in Security, Debugging, and Windows Internals.
LuemmelSec @theluemmel
8K Followers 565 Following I speak BloodHound. Husband, Father, IT-Guy, Security-Noob Blog: https://t.co/PXB35KEqs6 GitHub: https://t.co/Unp9jZOpBn
Rob Winchester @robwinchester3
1K Followers 230 Following Vice President @SpecterOps | Former USAF | Problem Solver
klez @KlezVirus
8K Followers 708 Following Independent Cyber Security Researcher - Opinions are my own
Synacktiv @Synacktiv
20K Followers 271 Following Offensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
Justin Bui @slyd0g
4K Followers 345 Following I break computers and skateboards | red/blue/whatever let's make security better | Offensive Security @Snowflake | Prev @Zoom @SpecterOps
DANΞ @cryps1s
13K Followers 447 Following CISO @OpenAI | Ex-CISO @PalantirTech | Occasional Shitposter | 🇺🇸 All views are my own, not my employer. Duh. (Tweets == 30d retention)
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
ʎppɐɯɔ @cmaddalena
2K Followers 507 Following I prefer to make things | https://t.co/7l8uQlu0bY | Author of Printing Props (https://t.co/9b6KNMaV1L)
RedTeam Pentesting @RedTeamPT
8K Followers 174 Following Official RedTeam Pentesting GmbH account -- Impressum: https://t.co/pS9oK62Lsu
Luke Paine @v3r5ace
756 Followers 125 Following Husband | Father | Medic | Manager of Training Development @SpecterOps | Host of @dcpthepodcast | Creator of The Defender's GuideTrends for United States
You might like
