ChrisPy @chrispy_sec
Principal Security consultant at Reversec. Love doing some Azure/Entra ID research ☁️ Opinions are my own Joined October 2019-
Tweets245
-
Followers325
-
Following304
-
Likes901
@gabsmashh This is such AI written slop. After reading the original report I'm pretty sure this is a specific tenant misconfig and not something generic
If anybody is interested in Azure DevOps and how attackers might go about abusing OIDC connections used in pipelines then check out my colleague’s latest blog! labs.reversec.com/posts/2025/07/…
Last talk shout out for @nojonesuk and @_Skybound who talked about how to build a new AWS environment. By consultants for consultants and without any extra external consultants! Worth a check out if you’re interested in some of the challenges we faced youtu.be/rai0bTOamG0
Check out @Thomasbyrne__ ‘s talk as well if you wanna see some more usage of RoadRecon with Microsoft Graph! youtu.be/dTUeAhzmIu8
My talk was published mega quickly as its own video by @fwdcloudsec (thanks btw!) So feel free to check it out if you wanna learn some fun SharePoint research outcomes and learn about a “pre-signed url” equivalent method of accessing SharePoint files! youtu.be/l5lpIF_QZCE
It’s a packed house over at @_sigil talk on Azure Service Principals, a history on backdooring them, and more!
Check out @_sigil 's talk on Entra 1st-party service principal abuse currently airing at fwd:cloudsec youtube.com/watch?v=0BTBK3… Deffo a good watch in the current livestream or when the individual talk video drops later on in the channel
Heya got a talk happening later today pretalx.com/fwd-cloudsec-2… where I’m gonna talk about some interesting SharePoint findings! Last one will be particularly interesting to folk 👀 Should be at this live stream youtube.com/live/Vb_MyY3RQ…
This incredible duo of Leonidas Tsaousis (@LAripping) & James Henderson are taking the stage at Offensive X to talk about ‘’ There and Back Again: An Attacker's Tale of DCs in AWS’’ #OffensiveX2025 #CyberSecurity #AWS #RedTeam #CloudSecurity #InfoSec #Hacking
Great presentation & next level memes by @LAripping and James Henderson! @TheOffensiveX
Hey @NathanMcNulty gathering some data and wanted to get your thoughts. On the topic of exclusions, what are the best approaches for Conditional Access in Entra and exclusions for endpoints in MDE in the context of a large enterprise? CA policies I'm a fan of Restricted AU sec…
An in-depth look at the recently published EchoLeak vulnerability on M365 Copilot by @Aim_Security_ that could lead to data exfiltration just by sending an email to a user who uses Microsoft Office365 Copilot. youtu.be/Myf1cLsUxsk
I love how when I'm testing CA policies I can just google around a bit and find @NathanMcNulty 's detailed guides around some of the issues😂 P.S Also pro-tip for people playing with attributes remember that there is an Attribute assignment AND definition adm role
I love how when I'm testing CA policies I can just google around a bit and find @NathanMcNulty 's detailed guides around some of the issues😂 P.S Also pro-tip for people playing with attributes remember that there is an Attribute assignment AND definition adm role
I did a thing. Thanks @CloudSecPod for having me!
I did a thing. Thanks @CloudSecPod for having me!
This is truly amazing. The Deputy White House Press Secretary is claiming that I'm wrong, and that the "tariff rates" on Trump's chart were calculated by "literally" measuring every country's tariffs and non-tariff trade barriers. To prove it, he screenshots the formula the USTR…
With a process that began two and a half years ago, I'm very excited to announce that I've written a book with @nostarch! 🎉 "Practical Purple Teaming" tells you all you need to know to get started with collaborative offensive testing. nostarch.com/purple-teaming
Obligatory tactical repost of my talk from @Disobey_fi this year! Hopefully people use this to get inspired and show us some more cool less explored attack surfaces in Entra and Azure youtu.be/iwLaWPisu64?si…
Yo check out my friend James’ talk on protocol confusion attacks Deffo an excellent use of 40 mins if you’re into cool lower-level attacks youtu.be/gcsdrQH0fOQ?si…
Jord @0xLegacyy
2K Followers 366 Following Lover of frogs, specialising in defence evasion, CTF addict
Uswihorc @Uswihorc8010
12 Followers 292 Following
Christina Oh @0xtina
283 Followers 271 Following Hacking at @withconsulting. Collection of resources. Tweets are representative of me only. She/Her. Free 🇵🇸
Marcus H. | Archiba �... @Archib4
89 Followers 363 Following Break systems ➡️ to build safer ones. Penetrationtester @reversec Founder Enclave Views = mine.
Rob Willis @b1t_r0t
117 Followers 216 Following Security Researcher, Engineer, Purple Teamer #yolosec
Udayveer Singh @m4lici0u5
2K Followers 4K Following Offensive Security | Red Teamer | Learning MalDev | CRTL | OSEP | OSWP | CRTO | CARTP | CRTE | CRTP | CESP-ADCS | eJPT
theonexc @theonexc1
0 Followers 3K Following
Alexis @_heilancoos
6 Followers 103 Following Security Researcher | Threat Simulation & Incident Response
kabal089 @kabal089
114 Followers 1K Following Vulns, sploits and AMIGAAAA. Research @ Interrupt Labs, thoughts mine
Irwalkir @Irwalkir79903
16 Followers 543 Following
Cristian Patras @cristpatras
1 Followers 54 Following
mintko @m1ntko
27 Followers 369 Following
Nitesh Surana @_niteshsurana
688 Followers 1K Following Cloud Research w/ Trend Micro | Opinions/retweets are personal reflections | Metalhead | If you can, be kind.
Hugow @hugow_vincent
914 Followers 975 Following Red Team and research @synacktiv @rustyphasm.bsky.social
L1g1 @_L1g1
6 Followers 152 Following
Yqarina @Yqarina311284
13 Followers 608 Following
Vrerce @Vrerce5343
16 Followers 618 Following
Phreak @fantom_threek
0 Followers 43 Following
ᴍɪᴄʜᴀʟɪs �... @Cyb3rMik3
4K Followers 3K Following SecOps, DFIR & CTI 🛡 | Microsoft Security #MVP, #KQL Threat Hunting 🏹 | Father 👭/Hasbund 👫/🍷&⌚️ enthousiast/Explorer ✈️ | Views my own.
dexter @dexter79331247
0 Followers 2K Following
My name’s Lukas @IAmLukyns
25 Followers 320 Following
Gerald Gaiswinkler @gaiswige
12 Followers 330 Following
erwang @erwang32086445
7 Followers 308 Following
Michael Nguyen @Michael65394324
93 Followers 2K Following
cyt0k @cyt0k
17 Followers 1K Following
1aN0rmus @TekDefense
4K Followers 1K Following CTO at @permisosecurity Alum: @Mandiant, https://t.co/kqlvYwe86k, USMC
RL @avdmax
0 Followers 3K Following
hansmustermann @hmustermann1
8 Followers 2K Following
Carl Nykvist @CarlNykvist
197 Followers 1K Following
David Hoyt @h02332
2K Followers 672 Following David H Hoyt LLC | Targeting the Full Stack: SS7, PSTN & IP since 1994 | Security Research & Quality Assurance | https://t.co/JHgCqazAwL | https://t.co/FhOaVq61pF | https://t.co/aKNaRjnysT
threathunterxx @threathuntxx
42 Followers 1K Following This account is for threat research purposes 😬 (not affiliated with any account) | For personal use
Luke Roberts @rookuu_
790 Followers 480 Following Red Team. macOS Security. Ex-@mwrlabs. Building @phoriontech
AppSec Village @AppSec_Village
11K Followers 6K Following AppSec Village @DEFCON & @RSAConference A volunteer-run, non-profit focused on education, awareness, and community. Founded by @erezyalon and @tzionit411.
Hoddy @FiresideNomad
13 Followers 196 Following Noun: any wanderer; itinerant. Incident Response | Ex @WithSecure @Countercept Social media-phobe
Nitesh Surana @_niteshsurana
688 Followers 1K Following Cloud Research w/ Trend Micro | Opinions/retweets are personal reflections | Metalhead | If you can, be kind.
Daax @daaximus
12K Followers 397 Following reverse engineering • secure processor design • system emulation • µarch bugs @the_secret_club
sixtyvividtails @sixtyvividtails
3K Followers 393 Following Currently working as an independent GUID merchant. Fully licensed. I acquire, produce, and sell high-quality GUIDs.
Seamus Hughes @SeamusHughes
68K Followers 6K Following Current: @NCITE_COE — I read a lot of court records because I like a good story. Won a Pulitzer that one time. “A well-known PACER watcher” - Justice Department
1aN0rmus @TekDefense
4K Followers 1K Following CTO at @permisosecurity Alum: @Mandiant, https://t.co/kqlvYwe86k, USMC
Carl Nykvist @CarlNykvist
197 Followers 1K Following
David Hoyt @h02332
2K Followers 672 Following David H Hoyt LLC | Targeting the Full Stack: SS7, PSTN & IP since 1994 | Security Research & Quality Assurance | https://t.co/JHgCqazAwL | https://t.co/FhOaVq61pF | https://t.co/aKNaRjnysT
hell-00 @he1100_1100
664 Followers 7K Following
Obsidian @obsdmd
155K Followers 0 Following The free and flexible app for your private thoughts. For help and deeper discussions, join our community: https://t.co/QsDArfFkkv
Martin Haller @martinhaller_IT
413 Followers 79 Following • Cybersecurity Expert • Blue Teamer • Public Speaker • Blogger • CEO at PATRON-IT • OSCP, MCSE, CHFI, ECSA, CCNP •📩[email protected]
Aaron Rupar @atrupar
1.0M Followers 4K Following journalist. sign up for my newsletter, Public Notice (link below). Powered by @SnapStream (more info: https://t.co/2oHPuuFBnN).
ʀuᴅo @ridumax
1K Followers 15 Following
Dimitris Koudas @dkoudas
41 Followers 451 Following
Justin Brodley @jbrodley
5K Followers 4K Following IT Executive specializing in Infrastructure, SaaS, Cloud Computing & Virtualization. Co-Host of https://t.co/2ucykvhswI
Ken Birk @KenBirk
363 Followers 593 Following Storyteller. Equity Race Equality Committee @EquityREC. Host @kenbirkpresents. Pogo Trainer.
Bart Coddens @bcoddens
35 Followers 308 Following AWS Cloud Security Engineer, avid cyclist and dancer, he/him
sapir federovsky @sapirxfed
5K Followers 183 Following Doing things @wiz_io And then doing more things at home | failed research blog: https://t.co/j2HT1Tpscs
Goody✨ @goodycyb
701 Followers 2K Following Product of G😇d's Grace| C☁️d Security | Threat🐝 Detection 🕵️♂️
Bence Hézső, CISSP,... @bence_hezso
72 Followers 417 Following Building @EscapeCloud_io - Cloud Exit Assessment | Cloud Security Engineer (AWS, Azure) | CISSP
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
Ben Bridts @benbridts
2K Followers 850 Following AWS Hero // AWS APN Ambassador // Principal AWS Technologist at @WeAreCloudar // English version of @ikb3n // he/him
Karim El-Melhaoui @karimscloud
827 Followers 704 Following Principal Security Architect & Partner at https://t.co/yIU71SfS40, CloudSec Researcher. Find me at bsky
Nacho @NachoRivCor
11 Followers 140 Following
houston @hhopk
1K Followers 4K Following Dedicated cheap skater who keeps data. I do cloudy stuff and things. Cloud Security Forum moderator and a fwd:cloudsec organizer
Chandrapal Badshah @bnchandrapal
1K Followers 1K Following I help startups prevent AWS security breaches — without building an internal security team.
Michael @mike_katch
30 Followers 354 Following
Rogier Dijkman | Micr... @DijkmanRogier
796 Followers 655 Following Cloud Security Researcher | Developer | Author | SecureHats | Marathoner | #PowerShell, #ARM, #GitHub #DevOps #CLI #Security, #KQL Enthusiast
Eric Woodruff | MVP |... @ericonidentity
2K Followers 712 Following Security researcher @SemperisTech. Microsoft Security MVP, Entra nerd. Part-time hiker, full-time dad and partner. Opinions expressed are from my cat.
void *huxley @huxley_barbee
284 Followers 2K Following Mastodon: @[email protected] Lead organizer for BSidesNYC
rce_trent @rce_trent
219 Followers 775 Following Disclaimer: Does not represent professional advice, opinions, or employer. CTI-League Member. Former Fortinet. Former Symantec. Former Big4. Former Transformer.
Shane Young Power App... @ShanesCows
20K Followers 834 Following SharePoint & PowerApps MVP - SharePoint, O365, Flow, Power Apps consulting & Training? @PowerApps911 #PowerAddict
April Dunnam 🥑| Co... @aprildunnam
18K Followers 2K Following 🥑 Principal #PowerPlatform Advocacy Team Lead @microsoft | Content Creator https://t.co/iMJNzc7AKB | #PnP Member
Lucho @lucho_in_Oz
98 Followers 889 Following Threat hunter, Incident Responder, love Technology and I love reading articles and playing with new TTPs. Always learning something new...
Tarek Dawoud @cybertarek
1K Followers 295 Following Software engineer and community activist in the Seattle area.
Alexander Vanyurikhin @vanyuale
188 Followers 226 Following Director Information Security with focus on Cloud Security. ex-Microsoft MVP in Enterprise Mobility.
Accidental CISO @AccidentalCISO
57K Followers 2K Following I accidentally became the CISO. I didn't want this job, but the job chose me. I'm scared, and I want to go home.
Sam Erde @SamErde
3K Followers 2K Following PowerShell MVP that is passionate about helping others succeed with Active Directory, Entra ID, Defender XDR, and Microsoft 365. Always learning! ✝️👨👩👧👦☕
Antonio Cocomazzi @splinter_code
9K Followers 327 Following offensive security - windows internals | BlueSky: https://t.co/ytvJCoaF2c | Mastodon: https://t.co/hNIHa6L14d
Andrea P @decoder_it
8K Followers 290 Following Security Consultant @semperistech . Independent Security Researcher. Cyclist & Scubadiver. MSRC MVR 2022. "So di non sapere"Trends for United States
You might like
