ChrisPy @chrispy_sec
Principal Security consultant at Reversec. Love doing some Azure/Entra ID research ☁️ Opinions are my own Joined October 2019-
Tweets254
-
Followers330
-
Following305
-
Likes918
Check this out if you wanna read the most wild story of arguably the single most impactful security issue I’ve seen on Entra for the past 5 years. It’s a good thing Dirk-jan is a good guy cause this is like 11/10 on criticality 😂
Check this out if you wanna read the most wild story of arguably the single most impactful security issue I’ve seen on Entra for the past 5 years. It’s a good thing Dirk-jan is a good guy cause this is like 11/10 on criticality 😂
@gabsmashh This is such AI written slop. After reading the original report I'm pretty sure this is a specific tenant misconfig and not something generic
If anybody is interested in Azure DevOps and how attackers might go about abusing OIDC connections used in pipelines then check out my colleague’s latest blog! labs.reversec.com/posts/2025/07/…
Last talk shout out for @nojonesuk and @_Skybound who talked about how to build a new AWS environment. By consultants for consultants and without any extra external consultants! Worth a check out if you’re interested in some of the challenges we faced youtu.be/rai0bTOamG0
Check out @Thomasbyrne__ ‘s talk as well if you wanna see some more usage of RoadRecon with Microsoft Graph! youtu.be/dTUeAhzmIu8
My talk was published mega quickly as its own video by @fwdcloudsec (thanks btw!) So feel free to check it out if you wanna learn some fun SharePoint research outcomes and learn about a “pre-signed url” equivalent method of accessing SharePoint files! youtu.be/l5lpIF_QZCE
It’s a packed house over at @_sigil talk on Azure Service Principals, a history on backdooring them, and more!
Check out @_sigil 's talk on Entra 1st-party service principal abuse currently airing at fwd:cloudsec youtube.com/watch?v=0BTBK3… Deffo a good watch in the current livestream or when the individual talk video drops later on in the channel
Heya got a talk happening later today pretalx.com/fwd-cloudsec-2… where I’m gonna talk about some interesting SharePoint findings! Last one will be particularly interesting to folk 👀 Should be at this live stream youtube.com/live/Vb_MyY3RQ…
This incredible duo of Leonidas Tsaousis (@LAripping) & James Henderson are taking the stage at Offensive X to talk about ‘’ There and Back Again: An Attacker's Tale of DCs in AWS’’ #OffensiveX2025 #CyberSecurity #AWS #RedTeam #CloudSecurity #InfoSec #Hacking
Great presentation & next level memes by @LAripping and James Henderson! @TheOffensiveX
Hey @NathanMcNulty gathering some data and wanted to get your thoughts. On the topic of exclusions, what are the best approaches for Conditional Access in Entra and exclusions for endpoints in MDE in the context of a large enterprise? CA policies I'm a fan of Restricted AU sec…
An in-depth look at the recently published EchoLeak vulnerability on M365 Copilot by @Aim_Security_ that could lead to data exfiltration just by sending an email to a user who uses Microsoft Office365 Copilot. youtu.be/Myf1cLsUxsk
I love how when I'm testing CA policies I can just google around a bit and find @NathanMcNulty 's detailed guides around some of the issues😂 P.S Also pro-tip for people playing with attributes remember that there is an Attribute assignment AND definition adm role
I love how when I'm testing CA policies I can just google around a bit and find @NathanMcNulty 's detailed guides around some of the issues😂 P.S Also pro-tip for people playing with attributes remember that there is an Attribute assignment AND definition adm role
I did a thing. Thanks @CloudSecPod for having me!
I did a thing. Thanks @CloudSecPod for having me!
This is truly amazing. The Deputy White House Press Secretary is claiming that I'm wrong, and that the "tariff rates" on Trump's chart were calculated by "literally" measuring every country's tariffs and non-tariff trade barriers. To prove it, he screenshots the formula the USTR…
With a process that began two and a half years ago, I'm very excited to announce that I've written a book with @nostarch! 🎉 "Practical Purple Teaming" tells you all you need to know to get started with collaborative offensive testing. nostarch.com/purple-teaming
er wang @QiwuSec
1 Followers 123 Following
Ymwiesa @Ymwiesa5715148
3 Followers 625 Following
0xbirb @passtheprt
3 Followers 112 Following
Xsigner @xsign3r
0 Followers 101 Following
Jord @0xLegacyy
2K Followers 367 Following Lover of frogs, specialising in defence evasion, CTF addict
Uswihorc @Uswihorc8010
53 Followers 1K Following
Christina Oh @0xtina
283 Followers 271 Following Hacking at @withconsulting. Collection of resources. Tweets are representative of me only. She/Her. Free 🇵🇸
Marcus H. | Archiba �... @Archib4
88 Followers 363 Following Break systems ➡️ to build safer ones. Penetrationtester @reversec Founder Enclave Views = mine.
Rob Willis @b1t_r0t
117 Followers 217 Following Security Researcher, Engineer, Recovering Purple Teamer #yolosec
Udayveer Singh @m4lici0u5
2K Followers 4K Following Offensive Security | Red Teamer | Learning MalDev | CARTP | CRTL | OSEP | OSWP | CRTO | CARTP | CRTE | CRTP | CESP-ADCS | eJPT
theonexc @theonexc1
0 Followers 3K Following
Alexis @_heilancoos
12 Followers 151 Following Security Researcher | Threat Simulation & Incident Response
kabal089 @kabal089
116 Followers 1K Following Vulns, sploits and AMIGAAAA. Research @ Interrupt Labs, thoughts mine
Cristian Patras @cristpatras
1 Followers 63 Following
mintko @m1ntko
27 Followers 376 Following
Nitesh Surana @_niteshsurana
694 Followers 1K Following Cloud Research w/ Trend Micro | Opinions/retweets are personal reflections | Metalhead | If you can, be kind.
Hugow @hugow_vincent
914 Followers 979 Following Red Team and research @synacktiv @rustyphasm.bsky.social
L1g1 @_L1g1
7 Followers 152 Following
Yqarina @Yqarina311284
22 Followers 874 Following
Vrerce @Vrerce5343
27 Followers 892 Following
Phreak @fantom_threek
0 Followers 43 Following
ᴍɪᴄʜᴀʟɪs �... @Cyb3rMik3
4K Followers 3K Following SecOps, DFIR & CTI 🛡 | Microsoft Security #MVP, #KQL Threat Hunting 🏹 | Father 👭/Hasbund 👫/🍷&⌚️ enthousiast/Explorer ✈️ | Views my own.
dexter @dexter79331247
0 Followers 2K Following
My name’s Lukas @IAmLukyns
30 Followers 325 Following
Gerald Gaiswinkler @gaiswige
12 Followers 330 Following
erwang @erwang32086445
8 Followers 317 Following
Michael Nguyen @Michael65394324
92 Followers 2K Following
cyt0k @cyt0k
17 Followers 1K Following
1aN0rmus @TekDefense
4K Followers 1K Following CTO at @permisosecurity Alum: @Mandiant, https://t.co/kqlvYwe86k, USMC
RL @avdmax
0 Followers 3K Following
hansmustermann @hmustermann1
8 Followers 2K Following
Carl Nykvist @CarlNykvist
196 Followers 1K Following
David Hoyt @h02332
2K Followers 669 Following David H Hoyt LLC | Targeting the Full Stack: SS7, PSTN & IP since 1994 | Security Research & Quality Assurance | https://t.co/JHgCqazAwL | https://t.co/FhOaVq61pF | https://t.co/aKNaRjnysT
threathunterxx @threathuntxx
51 Followers 1K Following This account is for threat research purposes 😬 (not affiliated with any account) | For personal use
Luke Roberts @rookuu_
794 Followers 481 Following Red Team. macOS Security. Ex-@mwrlabs. Building @phoriontech
Lynn🌺 @LynnPA62
3K Followers 3K Following
Nitesh Surana @_niteshsurana
694 Followers 1K Following Cloud Research w/ Trend Micro | Opinions/retweets are personal reflections | Metalhead | If you can, be kind.
Daax @daaximus
12K Followers 396 Following reverse engineering • secure processor design • system emulation • µarch bugs @the_secret_club
sixtyvividtails @sixtyvividtails
3K Followers 394 Following Currently working as an independent GUID merchant. Fully licensed. I acquire, produce, and sell high-quality GUIDs.
Seamus Hughes @SeamusHughes
68K Followers 6K Following Current: @NCITE_COE — I read a lot of court records because I like a good story. Won a Pulitzer that one time. “A well-known PACER watcher” - Justice Department
1aN0rmus @TekDefense
4K Followers 1K Following CTO at @permisosecurity Alum: @Mandiant, https://t.co/kqlvYwe86k, USMC
Carl Nykvist @CarlNykvist
196 Followers 1K Following
David Hoyt @h02332
2K Followers 669 Following David H Hoyt LLC | Targeting the Full Stack: SS7, PSTN & IP since 1994 | Security Research & Quality Assurance | https://t.co/JHgCqazAwL | https://t.co/FhOaVq61pF | https://t.co/aKNaRjnysT
hell-00 @he1100_1100
666 Followers 7K Following
Obsidian @obsdmd
157K Followers 0 Following The free and flexible app for your private thoughts. For help and deeper discussions, join our community: https://t.co/QsDArfFkkv
Martin Haller @martinhaller_IT
409 Followers 79 Following • Cybersecurity Expert • Blue Teamer • Public Speaker • Blogger • CEO at PATRON-IT • OSCP, MCSE, CHFI, ECSA, CCNP •📩[email protected]
Aaron Rupar @atrupar
1.0M Followers 5K Following journalist. sign up for my newsletter, Public Notice (link below). Powered by @SnapStream (more info: https://t.co/2oHPuuFBnN).
ʀuᴅo @ridumax
1K Followers 15 Following
Dimitris Koudas @dkoudas
42 Followers 458 Following
Justin Brodley @jbrodley
5K Followers 4K Following IT Executive specializing in Infrastructure, SaaS, Cloud Computing & Virtualization. Co-Host of https://t.co/2ucykvhswI
Ken Birk @KenBirk
364 Followers 593 Following Storyteller. Equity Race Equality Committee @EquityREC. Host @kenbirkpresents. Pogo Trainer.
Bart Coddens @bcoddens
35 Followers 309 Following AWS Cloud Security Engineer, avid cyclist and dancer, he/him
sapir federovsky @sapirxfed
5K Followers 183 Following Doing things @wiz_io And then doing more things at home | failed research blog: https://t.co/j2HT1Tpscs
Goody✨ @goodycyb
701 Followers 2K Following Product of G😇d's Grace| C☁️d Security | Threat🐝 Detection 🕵️♂️
Bence Hézső, CISSP,... @bence_hezso
72 Followers 418 Following Building @EscapeCloud_io - Cloud Exit Assessment | Cloud Security Engineer (AWS, Azure) | CISSP
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
Ben Bridts @benbridts
2K Followers 850 Following AWS Hero // AWS APN Ambassador // Principal AWS Technologist at @WeAreCloudar // English version of @ikb3n // he/him
Karim El-Melhaoui @karimscloud
828 Followers 705 Following Principal Security Architect & Partner at https://t.co/yIU71SfS40, CloudSec Researcher. Find me at bsky
Nacho @NachoRivCor
11 Followers 140 Following
houston @hhopk
1K Followers 4K Following Dedicated cheap skater who keeps data. I do cloudy stuff and things. Cloud Security Forum moderator and a fwd:cloudsec organizer
Chandrapal Badshah @bnchandrapal
2K Followers 1K Following I help startups prevent AWS security breaches — without building an internal security team.
Michael @mike_katch
34 Followers 354 Following
Rogier Dijkman | Micr... @DijkmanRogier
800 Followers 655 Following Cloud Security Researcher | Developer | Author | SecureHats | Marathoner | #PowerShell, #ARM, #GitHub #DevOps #CLI #Security, #KQL Enthusiast
Eric Woodruff | MVP |... @ericonidentity
2K Followers 713 Following Security researcher @SemperisTech. Microsoft Security MVP, Entra nerd. Part-time hiker, full-time dad and partner. Opinions expressed are from my cat.
void *huxley @huxley_barbee
283 Followers 2K Following Mastodon: @[email protected] Lead organizer for BSidesNYC
rce_trent @rce_trent
217 Followers 775 Following Disclaimer: Does not represent professional advice, opinions, or employer. CTI-League Member. Former Fortinet. Former Symantec. Former Big4. Former Transformer.
Shane Young Power App... @ShanesCows
20K Followers 834 Following SharePoint & PowerApps MVP - SharePoint, O365, Flow, Power Apps consulting & Training? @PowerApps911 #PowerAddict
April Dunnam 🥑| Co... @aprildunnam
18K Followers 2K Following 🥑 Principal #PowerPlatform Advocacy Team Lead @microsoft | Content Creator https://t.co/iMJNzc7AKB | #PnP Member
Lucho @lucho_in_Oz
96 Followers 891 Following Threat hunter, Incident Responder, love Technology and I love reading articles and playing with new TTPs. Always learning something new...
Tarek Dawoud @cybertarek
1K Followers 295 Following Software engineer and community activist in the Seattle area.
Alexander Vanyurikhin @vanyuale
188 Followers 226 Following Director Information Security with focus on Cloud Security. ex-Microsoft MVP in Enterprise Mobility.
Accidental CISO @AccidentalCISO
58K Followers 2K Following I accidentally became the CISO. I didn't want this job, but the job chose me. I'm scared, and I want to go home.
Sam Erde @SamErde
3K Followers 2K Following PowerShell MVP that is passionate about helping others succeed with Active Directory, Entra ID, Defender XDR, and Microsoft 365. Always learning! ✝️👨👩👧👦☕
Antonio Cocomazzi @splinter_code
9K Followers 325 Following offensive security - windows internals | BlueSky: https://t.co/ytvJCoaF2c | Mastodon: https://t.co/hNIHa6L14dTrends for United States
You might like
