Marat Nigmatullin @_mnigma_
Hacking & Researching @falconforceteam | Ex-Unit 42 Netherlands Joined June 2019-
Tweets368
-
Followers97
-
Following129
-
Likes31
Big thanks to @MDSecLabs & @OutflankNL for organizing #RedTreat 🙌 Great content, awesome panel discussions, and amazing people. Thanks to all the presenters and to the new people I had the chance to meet🫶
Big thanks to @MDSecLabs & @OutflankNL for organizing #RedTreat 🙌 Great content, awesome panel discussions, and amazing people. Thanks to all the presenters and to the new people I had the chance to meet🫶
Made a thing, mucking about with python and a LDAP browser concept to ingest straight into BloodHound, simple LDAP browser using PyQt as a GUI and neo4j-driver to ingest into BH. Coming Soon #itstimetobrowse
During my #BHUSA talk I've released many ETW research tools, of which the most notable is BamboozlEDR. This tool allows you to inject events into ETW, allowing you to generate fake alerts and blind EDRs. github.com/olafhartong/Ba… Slides available here: github.com/olafhartong/Pr…
In about an hour I’ll present my talk I’m in your logs now, deceiving your analysts and blinding your EDR at #BHUSA25 @BlackHatEvents in Islander E/I. Come and hang out!
Wow, very excited to delivery my first offensive talk at #BHUSA this summer
One of the least discussed topics in detection engineering is maintenance. But why is no one talking about this? In this first blog we explore its relevance to #detectionengineering and the paradox that keeps us awake at night. Enjoy! falconforce.nl/why-is-no-one-…
Just me exploring new undocumented Entra APIs and doing some TTD to make Device Registration Service to change some Device attributes🙂 sapirxfed.com/2025/04/28/exp…
.NET GAC and NIC hijacking for lateral movement: williamknowles.io/net-gac-and-ni…
New blog from me about a bug in Power Apps that allows execution of arbitrary SQL queries on hosts connected through on-prem data gateways. This can turn external O365 access into compromised on-prem SQL servers. ibm.com/think/x-force/…
We are proud to introduce #dAWShund to the world: a framework for putting a leash on naughty AWS permissions. dAWShund helps blue and red teams find resources in #AWS, evaluate their access levels and visualize the relationships between them. falconforce.nl/dawshund-frame…
We are hiring offensive specialists! We are looking for experienced professionals who deliver high-quality offensive security services to help our client's defensive teams become more resilient. Sounds like you? falconforce.nl/falconforce-of… #offensivesecurity #purpleteam #redteam
n our latest blog, we follow Arnau (linkedin.com/in/arnauortega/) on his journey to leverage #WinRM plugins for lateral movement. A deep rabbit hole that ultimately led to a custom plugin, #BOF and a solid detection in our #FalconFriday repository 🦅falconforce.nl/exploring-winr…
Have a great start of this new year! Join our webinar with Olaf and Henri who will go in depth on how FalconForce continuously delivers high-quality detection content for #SOC teams around the world. Register now: events.teams.microsoft.com/event/70005169…
Have a great start of this new year! Join our webinar with Olaf and Henri who will go in depth on how FalconForce continuously delivers high-quality detection content for #SOC teams around the world. Register now: events.teams.microsoft.com/event/70005169…
Our Advanced Detection Engineering in the Enterprise training is once again accepted for BlackHat USA! We’re excited to show all content. We walk through two realistic red team scenarios and build detections for on-prem and Azure attacks which are missed out-of-the-box.
Come and join us in this public version of our Advanced Detection Engineering training in the beautiful Switzerland!
Come and join us in this public version of our Advanced Detection Engineering training in the beautiful Switzerland!
Adding to my ETW research toolkit, a tiny program to consume information from a provider with as little overhead as possible. PockETWatcher, a tool to get the essential information from a ETW provider to the CLI or a JSON file github.com/olafhartong/Po…
Detection Engineering is sometimes hard, and may fail. Still a lot of things can be learned by the process. In this blog I cover a lot. I had a detection, currently it's broken but MS is on it :D falconforce.nl/detection-engi…
My first blog with @falconforceteam! Check it out if you want to learn a few things about Azure DevOps.
My first blog with @falconforceteam! Check it out if you want to learn a few things about Azure DevOps.
We have good news for those who missed out on our Advanced Detection Engineering in the Enterprise training at Black Hat US. Our ADE training is coming to Black Hat Asia 2025, in Singapore! Registration is open! Information and registration: blackhat.com/asia-25/traini…
.@buffaloverflow & @johnnyspandex are discussing how to exploit corporate VPN clients for remote root & SYSTEM shells. Join to see live demos on Windows & macOS vulnerabilities & how attackers gain control w/ just one click. Register Free: sans.org/u/1vBt #SANSHackFest

Kyle Avery @kyleavery_
4K Followers 423 Following
Forrest Kasler @FKasler
542 Followers 394 Following Climber, Penetration Tester, Code Junkie, Malware Enthusiast @specterops
Ellis Springe @knavesec
1K Followers 427 Following Adversary Simulation X-Force Red, developer of tools, connoisseur of dogs
↑↑↓↓←→←... @5ynth3t1c
148 Followers 2K Following
Tijme Gommers @tijme
2K Followers 600 Following Offensive Security at @ABNAMRO 🐙. Forensics at @HuntedNL. Cyber Cyber Cyber ⚡. Bluesky: https://t.co/536oE2DGUw
Chris Thompson @_Mayyhem
3K Followers 469 Following Senior Security Researcher @SpecterOps https://t.co/Sz5fRYkX6u
Marc Smeets @MarcOverIP
5K Followers 459 Following Does a thing or two with red teaming @OutflankNL | part time race and drift car instructor
Georgije Vukov @vuk0v
166 Followers 2K Following
Expl0itabl3 @Expl0itabl3
898 Followers 2K Following
Wietze @Wietze
7K Followers 392 Following Threat Detection & Response. Views are my own, unless retweeted. Maintainer of https://t.co/000t7J0NBR & https://t.co/thv6PP5C48 Co-maintainer of https://t.co/rXIxOggXs2
arip petits @AripPetits
6 Followers 1K Following
Anneloes @Ann3loes
127 Followers 615 Following Cybersecurity | CTF👩💻 | Criminologist | Crossfit 🤸♀️
Vxshellew @vxshellew
555 Followers 4K Following
Adelaide @shouenmoe26212
106 Followers 7K Following
Shina Mashiro @ShiinaaM
398 Followers 3K Following Microsoft Sentinel Enthusiast | 4n6 Investigator | Cloud Security | 🇮🇩 S.Kom
Shawn @anthemtotheego
2K Followers 397 Following Adversary Sim @ X-Force Red | Head of Capability R&D | Offensive AI | Implant Dev | Work In Progress | Thoughts My Own | https://t.co/eNspx7jLvm
Rolf Pielage @rolfpielage
201 Followers 342 Following Volleyball, Tennis | Security, Interested in Threat Intelligence, Malware Analysis and IR, | Events, Hospitality | Deloitte | Tweets & opinions are my own
s1adow @s1ad0w23
2 Followers 133 Following
Trustedlabs @Trusted_Labs
7 Followers 950 Following
Z80 and beyond @_rac01
2K Followers 8K Following Admires those who "cut holes in fences" (just listen to the pinned video / sound track), loves all kind of cool (old, Z80 but also new) technology too
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
Claudio Contin @claudiocontin
285 Followers 1K Following Co-Founder and Principal Consultant @ https://t.co/0iCTjR0eZw & https://t.co/wmKNX0k1qU
kyle hendrickson @MoarGood
402 Followers 2K Following builder of new things. fixer of old things. blue team. retweeting items that interest me. smells of motor oil and confidence. willing to travel for sandwiches.
Vincent Van Mieghem @_vivami
10K Followers 248 Following Security @prosusgroup | Previously red team operator
Jeroen van Kessel @jeroenvkessel
89 Followers 362 Following InfoSec speaker and blogger at https://t.co/pZHMnQS3Sl. ex. https://t.co/H7E85Ak73B SecLead. Debian and OpenBSD fanatic. Open for side gigs.
_____ @H_ng_an
186 Followers 2K Following
Ahmed Sherif @sherif_ninja
1K Followers 1K Following
OldBoy21 ❄️ @vincenzosantuc1
331 Followers 459 Following Offensive Tool Developer with shades of Red and Blue
LuckY @L_uckyY
198 Followers 2K Following Generally interested in computers (DFIR/pentesting/networking) and likes to play wargames/CTF. Deleting tweets regularly. Likes are my way of bookmarking.
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Renzon @r3nzsec
4K Followers 905 Following IR/Forensics @Unit42_Intel | Co-Founder @guidemtraining | Contributor/Analyst @TheDFIRReport @XintraOrg | CTF member @_hackstreetboys
jomana Hassan @jomana7rj
1 Followers 259 Following
Linda @payne_linda75
266 Followers 3K Following
Marie @marie_redfield8
265 Followers 3K Following
Carl Nykvist @CarlNykvist
195 Followers 1K Following
Wendy @eppingerwendy95
300 Followers 3K Following
Forrest Kasler @FKasler
542 Followers 394 Following Climber, Penetration Tester, Code Junkie, Malware Enthusiast @specterops
Ellis Springe @knavesec
1K Followers 427 Following Adversary Simulation X-Force Red, developer of tools, connoisseur of dogs
Tijme Gommers @tijme
2K Followers 600 Following Offensive Security at @ABNAMRO 🐙. Forensics at @HuntedNL. Cyber Cyber Cyber ⚡. Bluesky: https://t.co/536oE2DGUw
Offensys @offensys
36 Followers 0 Following Offensys provides an Automated Purple Teaming platform to continuously validate your security posture.
Sean Metcalf @PyroTek3
36K Followers 618 Following Identity Security Architect @ TrustedSec. Microsoft Certified Master #ActiveDirectory & former Microsoft MVP. Co-Host @ Enterprise Security Weekly. He/Him. #BLM
Rich Warren @buffaloverflow
11K Followers 667 Following Red Team & Offensive Security Research @AmberWolfSec // @buffaloverflow.rw.md on bsky
Oddvar Moe @Oddvarmoe
19K Followers 1K Following Red Teamer @TrustedSec | MS MVP | Speaker | Security Researcher | Blogger | Total n00b & always learning | UNC1194 | Tinkerer | Gamer I try to inspire!
Wietze @Wietze
7K Followers 392 Following Threat Detection & Response. Views are my own, unless retweeted. Maintainer of https://t.co/000t7J0NBR & https://t.co/thv6PP5C48 Co-maintainer of https://t.co/rXIxOggXs2
_leon_jacobs(💥) @leonjza
5K Followers 490 Following ⟦ 'cto @sensepost', '@orangecyberdef', 'caffeine fueled', '(╯°□°)╯︵ ┻━┻', 'security guy', 'metalhead', 'i saw your password', 'KOOBo+KXleKAv+KXlSnjgaM=' ⟧
HD Moore @hdmoore
87K Followers 509 Following Founder & CEO of runZero (@runZeroInc), previously the founder and lead developer of Metasploit, a CSO, a consultant, and the head of various research teams.
Chris Thompson @_Mayyhem
3K Followers 469 Following Senior Security Researcher @SpecterOps https://t.co/Sz5fRYkX6u
Duane Michael @subat0mik
1K Followers 521 Following Security Researcher, Teacher, Leader @SpecterOps
Cody Thomas @its_a_feature_
7K Followers 311 Following Mythic Developer (https://t.co/Uz4fOxIUbe) | @SpecterOps @[email protected] | @its-a-feature.bsky.social
Jamie Shaw @1nPr0c
5K Followers 564 Following Principal Security Consultant / Red Team Lead @mdseclabs
Patrick Fussell @capt_red_beardz
1K Followers 420 Following Head of Adversary Simulation at IBM X-Force. (https://t.co/sWYyRku71U). Opinions are my own.
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
OldBoy21 ❄️ @vincenzosantuc1
331 Followers 459 Following Offensive Tool Developer with shades of Red and Blue
Elad Shamir @elad_shamir
5K Followers 39 Following
Renzon @r3nzsec
4K Followers 905 Following IR/Forensics @Unit42_Intel | Co-Founder @guidemtraining | Contributor/Analyst @TheDFIRReport @XintraOrg | CTF member @_hackstreetboys
MalDev Academy @MalDevAcademy
17K Followers 5 Following Providing specialized, module-based security training and resources designed for cyber security professionals
Lee Chagolla-Christen... @tifkin_
14K Followers 817 Following I like making computers misbehave. Does stuff at https://t.co/YsrVyTjh8z. https://t.co/UsRIholree https://t.co/54TYQgSLiZ
TrainSec Academy - Wh... @TrainSec
783 Followers 81 Following Learn Windows Internals, Malware Analysis, Malware Development, Hardware Hacking & Code Development from @zodiacon, @MalFuzzer & @The_H1tchH1ker
Sanne @sannemaasakkers
7K Followers 573 Following Researching and analyzing digital threats @Mandiant (@Google) | Only here for the malware samples 👾
Josh @passthehashbrwn
10K Followers 334 Following Adversarial Simulation at IBM, tweets are mine etc.
Zero-Point Security @_ZeroPointSec
13K Followers 6 Following
NULL @NUL0x4C
10K Followers 399 Following Windows Malware Researcher | co-founder of https://t.co/1YRk2CEjaO
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Antonio Cocomazzi @splinter_code
9K Followers 326 Following offensive security - windows internals | BlueSky: https://t.co/ytvJCoaF2c | Mastodon: https://t.co/hNIHa6L14d
Jonny Johnson @JonnyJohnson_
8K Followers 424 Following Principal Windows Security Researcher @HuntressLabs | Windows Internals & Telemetry Research
Jared Atkinson @jaredcatkinson
10K Followers 2K Following | CTO @specterops | Host @dcpthepodcast | Ex PowerShell MVP | USAF Vet | FC Bayern Supporter | Language Learner 🇳🇴 🇮🇹 🇧🇷 |
BallisKit @BallisKit
3K Followers 33 Following BallisKit provides tooling and services to professional Pentesters & Red Teams. We develop MacroPack, ShellcodePack, and DarwinOps. #redteam #infosec
topotam @topotam77
4K Followers 688 Following All I know is that I know nothing. I like Windows, Active Directory and IoT/Hardware hacking. "Responsable mais pas coupable" de PetitPotam
ippsec @ippsec
120K Followers 352 Following
delivr.to @delivr_to
936 Followers 2 Following Updates from the https://t.co/fHhIgBlAno team, including new payloads, features and announcements.
Jos @0xFFJP
109 Followers 133 Following Hacking is like hammering. It's only illegal if you hit something without permission.
S4ntiagoP @s4ntiago_p
3K Followers 854 Following Infosecing at @MDSecLabs, ex @CoreSecurity CVEs: -1
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
waldoirc @waldoirc
3K Followers 626 Following Trying to figure out how computers work. Figuring out SDR, IOT, and Mobile exploitation. https://t.co/rLZFU0dOBy