Andrea P @decoder_it
Security Consultant @semperistech . Independent Security Researcher. Cyclist & Scubadiver. MSRC MVR 2022. "So di non sapere" decoder.cloud Joined May 2009-
Tweets2K
-
Followers8K
-
Following293
-
Likes1K
Another good reason to run #PurpleKnight against your AD: Are you missing LDAP/S channel binding? 🔒 Don't let this gap open 😎
0
6
52
4K
46
Download Image
Andrea P retweeted
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…
In my long history of submissions, I think this is the first time one has been marked as critical😅
Andrea P retweeted
BadSuccessor is dead… or is it? 👀 It's more than a bug, it's a technique. Microsoft patched CVE-2025-53779, but analysis by @YuG0rd shows that while the patch closed the door, an attacker can get in through the keyhole in some scenarios. Read more: akamai.com/blog/badsucces…
In Windows 2025 / 24H2 MS updated lsasrv.dll with new Neg...Ex() functions, signaling the introduction of a "NTLM-less'" feature 🤔
Andrea P retweeted
Today, together with Jonathan Elkabas, we're releasing EntraGoat - A Deliberately Vulnerable Entra ID Environment. Your own hands-on Entra lab for identity attack simulation. Built for red teams, blue teams and identity nerds. Check it out here👉github.com/semperis/entra…
Am I the only one who finds all the Entra/Azure/O365/etc.. sec stuff so boring? Every time I promise myself I’ll finally dig deep and take it seriously… I give up halfway. I really need help finding the right motivation.😅
Excellent research by my colleague @RedPanda4Good, exploring the path from golden gMSA to golden dMSA :)🔥
Excellent research by my colleague @RedPanda4Good, exploring the path from golden gMSA to golden dMSA :)🔥
Andrea P retweeted
Another Monday. Another week of… endless emails, annoying meetings, and oh look, a three-headed monkey behind you! Now that we have your attention, we can unveil the agenda for #RomHack2025 romhack.io/romhack-confer… #infosec #securityconference
Regarding #CVE-2025-33073 fixing NTLM/Kerberos reflection attacks via SMB: the patch only covers SMB clients. The "CredMarshal" trick still works on RPC and HTTP. But those protocols sets the unverified target flags, which block exploitation. So, is reflection dead? Let’s see…
Andrea P retweeted
At @WEareTROOPERS I dropped new research on #nOAuth, an abuse of #EntraID that allows you to spoof users in vulnerable SaaS applications. The attack is still alive and well. You can read all about it here: #Entra #M365 #infosec semperis.com/blog/noauth-ab…
Looks like the patch for #CVE-2025-33073 might not fully resolve the issue... curious to see where this leads
Andrea P retweeted
ESC1 via the cloud over Intune 😬
Andrea P retweeted
No disrespect to Linus Torvalds, but this guy is the greatest geek alive 🫡 Created UNIX in 1971 when he was 28 years old. Created Go in 2009 when he was 66 years old😲 He also developed the B programming language (which led to C), created UTF-8 encoding (making international…
Andrea P retweeted
Attention @kalilinux users! In the coming day(s), apt update is going to fail for pretty much everyone. The reason? We had to roll a new signing key for the Kali repository. You need to download and install the new key manually: offs.ec/4lUEtak
I just published a blog post where I try to explain and demystify Kerberos relay attacks. I hope it’s a good and comprehensive starting point for anyone looking to learn more about this topic. ➡️decoder.cloud/2025/04/24/fro…
Call for Papers for #Romhack2025 is still open! If you have cool research to share, don’t hesitate to submit. The perfect setting for great talks, great company, and a chance to visit the "Città Eterna". cfp.romhack.io/romhack-2025/c…
Florian Roth ⚡️ @cyb3rops
207K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Nicolas Krassas @Dinosn
147K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
Adam Chester 🏴�... @_xpn_
36K Followers 502 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
ippsec @ippsec
120K Followers 352 Following
mgeeky | Mariusz Bana... @mariuszbit
14K Followers 823 Following 🔴 Operator, Initial Access afficionado, Researcher, ex-AV engine developer, ex-Malware analyst 🦋 @mgeeky.bsky.social 🫖 green tea lover
mRr3b00t @UK_Daniel_Card
114K Followers 8K Following Department of Cyber WAR CEO of everyone's email servers!
Charlie Bromberg « ... @_nwodtuhs
15K Followers 652 Following Trying to hack the way we hack things 🏴☠️
sn🥶vvcr💥sh @snovvcrash
12K Followers 490 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Mike Felch (Stay Read... @ustayready
17K Followers 2K Following Targeted Ops Red Team @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | I speak for myself only | K1HAQ
Will Dormann is on Ma... @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Dave Kennedy @HackingDave
224K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
an0n @an0n_r0
13K Followers 727 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Vincent Yiu @vysecurity
29K Followers 254 Following Director, Red Team, Offensive Security. Help organizations safeguard their businesses from the bad guys.
Antonio Cocomazzi @splinter_code
9K Followers 326 Following offensive security - windows internals | BlueSky: https://t.co/ytvJCoaF2c | Mastodon: https://t.co/hNIHa6L14d
Arthar @arya_arthar
426 Followers 1K Following
〽️d|V @InfosecNeophyte
56 Followers 281 Following Information Security Enthusiast | PADI Diver | Globetrotter | Certified Hugger | Opinions are my own!
Gaz D @GDevaney
179 Followers 528 Following Dad, Husband, #northerner #veteran , #grassroots coach, Geek, #LiverpoolFC Work in #CyberSecurity #IncidentResponse #GCIA #GCIH #GCTI
ggcyghjn @tdxgjnn
3 Followers 191 Following
Besse Brenton @BesseBrent5228
4 Followers 300 Following
Ben @fullstackpotato
56 Followers 676 Following A full stack potato that tries to do some security. @[email protected]
Mohammad Abedini @MMD_Abedinii
23 Followers 87 Following
Jerel O'Kon @OJerel41651
65 Followers 4K Following
Allele Security Intel... @alleleintel
738 Followers 674 Following Allele Security Intelligence is an independent company specializing in Information Security research.
Brown Jack @BrownJack596114
1 Followers 390 Following
E. Julian @fishwasher001
5 Followers 243 Following
elFamoso @0xf2258f_fr
316 Followers 8K Following AI/ML Consultant & MLOps | NIS2, EBIOS RM, NIST CSF, RGPD, ISO 27001 | Advisory, Dev & Delivery NetHunter :: Security Analyst & Developer Build&Break Things
Akc @Akc20015
0 Followers 92 Following
Dummy Account @Asta_nine
2 Followers 548 Following
Hani afira @ReginaAndrew205
4 Followers 407 Following https://t.co/0tK3mxw9DF: 20557 First National Female against in Cybersecurity in affection with @Staysafeonline. Kindly send a direct message if you ever got caught up in a scam
Falcon @F8i8495312
45 Followers 764 Following
Aus Alzubaidi @alzubaidi_2017
69 Followers 1K Following
🕵🏻♂️🔻 @mswelam_
1K Followers 2K Following uncut gems l l DFIR @EG_CERT#cocopollo_author BlackHat MEA2024, 2025
Mujtaba Rahmatullah N... @MujtabaRahmatu1
217 Followers 4K Following reminders for myself Incredible Curiosity Reasons are Excuses Reason being reasonable enough to fit the reason shaped hole in mind doesn't make it a good reason
SubratSahu_IN @iamsubrat_IN
132 Followers 5K Following Coder| Cyber Security| AI ML DL #Infosec 01110010 01101111 01101111 01110100 01000000 01110011 01110101 01100100 01101111
Stefan Schmidt @Zap42
637 Followers 2K Following 🎧 🛀 🌌 👽☁ full stack begins at layer 1 | high speed copy&paste | only DNS is truly web-scale | his password ¯ \ _ (ツ) _ / ¯ @[email protected]
Pratyush P @pratyushp99
0 Followers 346 Following A chubby and bubbly ENFP | Your next door Cyber Guy | Pursues Cyber security for brain and literature for heart | A human golden retriever
Wakama Miebaka @Iam_baka
103 Followers 225 Following Dance/reflections/and a bit techy bt God comes first
cyberresponder @Malwarenailed
267 Followers 3K Following tweets and opinions are my own. dfir/threat hunting/malware research
Justin @BitDissonance
0 Followers 148 Following
Roll_for_RCE @Roll_for_RCE
11 Followers 305 Following
Hak Chandara @sec_Littleboy
17 Followers 574 Following Figuring out how to protect networks while fueled by coffee. ☕ | Management Information Technology student & InfoSec enthusiast.
giaogiao @nzgiao
0 Followers 17 Following
Amit Barko @AmitBarko22435
0 Followers 29 Following
Fat @fattselimi
16K Followers 9K Following Chasing Positive vibes only & Ethical Hacking for fun and profit🧑🍳
zeze ⛈️ @zeze7w
213 Followers 369 Following @TeamT5_Official Research Engineer / @HacksInTaiwan Staff
LogicBreaker @sangithinba
112 Followers 2K Following 🐞 Bug Bounty Hunter | 🧠 Think like a dev, hack like a ghost Focus: Business Logic | RCE | LFI | SSRF On a $10K mission | #YesWeHack #bugcrowd
📔 Michael Grafnett... @MGrafnetter
3K Followers 127 Following Principal Security Researcher @SpecterOps, Microsoft MVP Identity & Access
cyber_shree @shreerajaput
52 Followers 87 Following MVR 2025 – Microsoft Most Valuable Security Researcher | MSRC Leaderboard Q4'24 & Q1'25
Trilok Dhaked @Tr1l0kDh4k3d
514 Followers 834 Following Radhe Radhe ❤️ 🙏 Jai shri krisna ❤️🙏 Farmer🚜🇮🇳 ⛳🚩#05 #bharatpur Head of Product Security Engineer @nanoheal Founder & CEO: Building @InfoSec_Securit
J F Redfern @jfredfern
2K Followers 2K Following "I am not altogether on anybody’s side, because nobody is altogether on my side"
vx-underground @vxunderground
377K Followers 294 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Florian Roth ⚡️ @cyb3rops
207K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Florian Hansemann @CyberWarship
84K Followers 46 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
Adam Chester 🏴�... @_xpn_
36K Followers 502 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
sn🥶vvcr💥sh @snovvcrash
12K Followers 490 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Will Dormann is on Ma... @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Dave Kennedy @HackingDave
224K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
an0n @an0n_r0
13K Followers 727 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Vincent Yiu @vysecurity
29K Followers 254 Following Director, Red Team, Offensive Security. Help organizations safeguard their businesses from the bad guys.
Antonio Cocomazzi @splinter_code
9K Followers 326 Following offensive security - windows internals | BlueSky: https://t.co/ytvJCoaF2c | Mastodon: https://t.co/hNIHa6L14d
klez @KlezVirus
8K Followers 708 Following Independent Cyber Security Researcher - Opinions are my own
Dirk-jan @_dirkjan
29K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
x86matthew @x86matthew
21K Followers 189 Following C / asm / system emulation / reverse engineering. @the_secret_club
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows and Devices | Interested in Security, Debugging, and Windows Internals.
diversenok @diversenok_zero
2K Followers 39 Following A security researcher specializing in Windows internals working at @huntandhackett
Marianna Aprile @mariannaaprile
124K Followers 2K Following libreria: “Materiali Resistenti” (Piemme). @inondaLa7 con @lucatelese. #AmicieNemici con @dbellasio su Radio24; #MomentoCritico su @marieclaire_it
Tim Medin @timmedin.b... @TimMedin
18K Followers 596 Following Kerberoast Guy • @RedSiege CEO • IANS Faculty • Former SANS SEC560 Author, Senior Instructor • Packers Owner #GoPackGo • Work Req: https://t.co/ALJldLMDfZ
Mr.Un1k0d3r @MrUn1k0d3r
13K Followers 509 Following I don't know how to search on Google so I do research on my own and tweet about it. Hacking as a life style https://t.co/a05mevChzu
Adi Malyanker @RedPanda4Good
31 Followers 20 Following
RedTeam Pentesting @RedTeamPT
8K Followers 174 Following Official RedTeam Pentesting GmbH account -- Impressum: https://t.co/pS9oK62Lsu
Justin Bui @slyd0g
4K Followers 345 Following I break computers and skateboards | red/blue/whatever let's make security better | Offensive Security @Snowflake | Prev @Zoom @SpecterOps
Jason Lang @curi0usJack
16K Followers 201 Following @TrustedSec Red Team lead | Hi-Fidelity trolling | Privacy Enthusiast | Putting the "no" in nano | Avatar: https://t.co/3XHmKR8nCk
Matt Hand @matterpreter
10K Followers 295 Following Director, Security Research @preluderesearch💜 | Author of Evading EDR https://t.co/E5fs0sSTOv 📖 | Adversary tradecraft & windows internals 🦠
📔 Michael Grafnett... @MGrafnetter
3K Followers 127 Following Principal Security Researcher @SpecterOps, Microsoft MVP Identity & Access
John Hammond @_JohnHammond
300K Followers 3K Following Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyQtS || https://t.co/narO3sz7y6
Yuki Chen @guhe120
10K Followers 281 Following 古河, Indepent security researcher, Bug bounty, ACG Otaku, Pwn2Own 15/16/17, PwnFest16,TianfuCup 18/19/20, 5 times MSRC MVR yearly Top 1. Got two pwnie awards.
Shortwave Observer @shortwave78
26K Followers 87 Following - Italian Shortwave Listener - Also interested in intelligence, aviation, navy, nature and archaeology
Chirag Savla @chiragsavla94
3K Followers 5K Following With Knowledge We Know the Words.. But... With experience We Know their Meaning ! #HOF #Microsoft #BigBasket
Marcello Crescentini @MarcelloCresce2
6K Followers 8K Following Imprenditore, solare e positivo, ironico, molto amante degli animali. Ivy, Diletta e Alan sono i miei amori.
Andrew Chiles @AndrewChiles
2K Followers 688 Following Works @ SpecterOps, Red Teamer, Amateur Photographer, Health Nut, Husband, Father, #wreckingball
Johnathan Norman @spoofyroot
5K Followers 335 Following Security research and engineering lead at @microsoft. on mastodon: https://t.co/YfJkktByFv and @spoofy.bsky.social not posting here anymore.
monoxgas @monoxgas
5K Followers 371 Following Security engineering, research, exploits, ml. Co-Founder with @moo_hax at @dreadnode
Stiv Kupchik @kupsul
387 Followers 83 Following Security Researcher Got a https://t.co/SmOk4Sp5uw Physics that I don't know what to do with...
Justin Bollinger @Bandrel
6K Followers 2K Following hacker, finder of EKUwu (CVE-2024-49019) https://t.co/XQuqk8nGG6
accorciabro @accorciabro
5K Followers 1 Following
rev3rse security @rev3rsesecurity
3K Followers 788 Following Rev3rse Security è una community italiana dedicata al ICT Security: offensive, hardening, red team, blue team, e molto altro... Seguici su YouTube!
Kārlis Ozols @CyclingGraphs
20K Followers 300 Following Regional Manager and Scout at TEAMVISION. W/Kg analyst for Lanterne Rouge Media. 📩 [email protected]
Olaf Hartong @olafhartong
17K Followers 967 Following @FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model
Thomas Naunheim @Thomas_Live
7K Followers 457 Following #MicrosoftMVP | Cyber Security Architect 🛡️| #MicrosoftEntra 🔑 + #Azure ☁️ | #Schaengel
Dlive @D1iv3
2K Followers 1K Following Security Researcher. 2022 MSRC MVR. Windows Active Directory Security / Cloud Security / Web Security. Tweets are my own.
Eric Woodruff | MVP |... @ericonidentity
2K Followers 713 Following Security researcher @SemperisTech. Microsoft Security MVP, Entra nerd. Part-time hiker, full-time dad and partner. Opinions expressed are from my cat.
TROOPERS Conference @WEareTROOPERS
10K Followers 499 Following We are TROOPERS - IT-Security Conference & Trainings https://t.co/gO1lSzFuns Also at the infosec exchange @WEareTROOPERS
Il Grande Flagello @grande_flagello
87K Followers 296 Following Satira e Arte salveranno il mondo. Montaggi su tv, politica e attualità. Sono l'anello (debole) di congiunzione tra Blob e la Gialappa's.
Clément Notin @cnotin
6K Followers 974 Following 😈 Security research (#ActiveDirectory #EntraID) & pentest 🎉 #CTF @tipi_hack 👨💼 Works @TenableSecurity, opinions my own 🪂 https://t.co/4HRwJQ6PUm
Melvin Kitnick 🏴�... @xenobyte_
1K Followers 1K Following 🇮🇹 mostly infosec, social engineering and cats | chess | Learned hacking in '90s irc rooms.
Merill Fernando @merill
19K Followers 4K Following Product Manager @microsoft | Tweets my own Built → https://t.co/ujxKqxXjf2 • https://t.co/QbUp63ffXf • Graph XRay • https://t.co/tSWrIw8Ajh 📰 Newsletter→ https://t.co/tPzAEl0Zuq 🎙️ Podcast→ https://t.co/TBlNKTzn8t
Robin Granberg @ipcdollar1
293 Followers 299 Following Works @ Semperis, Tweets are my own. Blog: https://t.co/XdICuDKHxR Project: https://t.co/Z7OT8sQOep
Lee Chagolla-Christen... @tifkin_
14K Followers 817 Following I like making computers misbehave. Does stuff at https://t.co/YsrVyTjh8z. https://t.co/UsRIholree https://t.co/54TYQgSLiZTrends for United States
52,1 B posts
28,2 B posts
284 B posts
20,8 B posts
56,2 B posts
32,6 B posts
1.335 posts
2.584 posts
153 B posts
6.675 posts
6.117 posts
288 B posts
1.310 posts
45,1 B posts
497 B posts
9.242 posts
10,3 B posts
You might like
x86matthew
@x86matthew
21K Followers
Elad Shamir
@elad_shamir
5K Followers
Chetan Nayak (Brute R...
@NinjaParanoid
31K Followers
S3cur3Th1sSh1t
@ShitSecure
27K Followers
Matt Hand
@matterpreter
10K Followers
Lee Chagolla-Christen...
@tifkin_
14K Followers
Marcello
@byt3bl33d3r
30K Followers
Rasta Mouse
@_RastaMouse
46K Followers
Antonio Cocomazzi
@splinter_code
9K Followers
SkelSec
@SkelSec
12K Followers
mpgn
@mpgn_x64
18K Followers
Ryan Cobb
@cobbr_io
12K Followers
Adam Chester 🏴�...
@_xpn_
36K Followers
an0n
@an0n_r0
13K Followers
spotheplanet
@spotheplanet
11K Followers