Andrea P @decoder_it
Security Consultant @semperistech . Independent Security Researcher. Cyclist & Scubadiver. MSRC MVR 2022. "So di non sapere" decoder.cloud Joined May 2009-
Tweets2K
-
Followers8K
-
Following290
-
Likes1K
BadSuccessor is dead… or is it? 👀 It's more than a bug, it's a technique. Microsoft patched CVE-2025-53779, but analysis by @YuG0rd shows that while the patch closed the door, an attacker can get in through the keyhole in some scenarios. Read more: akamai.com/blog/badsucces…
In Windows 2025 / 24H2 MS updated lsasrv.dll with new Neg...Ex() functions, signaling the introduction of a "NTLM-less'" feature 🤔
Today, together with Jonathan Elkabas, we're releasing EntraGoat - A Deliberately Vulnerable Entra ID Environment. Your own hands-on Entra lab for identity attack simulation. Built for red teams, blue teams and identity nerds. Check it out here👉github.com/semperis/entra…
Am I the only one who finds all the Entra/Azure/O365/etc.. sec stuff so boring? Every time I promise myself I’ll finally dig deep and take it seriously… I give up halfway. I really need help finding the right motivation.😅
Excellent research by my colleague @RedPanda4Good, exploring the path from golden gMSA to golden dMSA :)🔥
Excellent research by my colleague @RedPanda4Good, exploring the path from golden gMSA to golden dMSA :)🔥
Another Monday. Another week of… endless emails, annoying meetings, and oh look, a three-headed monkey behind you! Now that we have your attention, we can unveil the agenda for #RomHack2025 romhack.io/romhack-confer… #infosec #securityconference
Regarding #CVE-2025-33073 fixing NTLM/Kerberos reflection attacks via SMB: the patch only covers SMB clients. The "CredMarshal" trick still works on RPC and HTTP. But those protocols sets the unverified target flags, which block exploitation. So, is reflection dead? Let’s see…
At @WEareTROOPERS I dropped new research on #nOAuth, an abuse of #EntraID that allows you to spoof users in vulnerable SaaS applications. The attack is still alive and well. You can read all about it here: #Entra #M365 #infosec semperis.com/blog/noauth-ab…
Looks like the patch for #CVE-2025-33073 might not fully resolve the issue... curious to see where this leads
ESC1 via the cloud over Intune 😬
No disrespect to Linus Torvalds, but this guy is the greatest geek alive 🫡 Created UNIX in 1971 when he was 28 years old. Created Go in 2009 when he was 66 years old😲 He also developed the B programming language (which led to C), created UTF-8 encoding (making international…
Attention @kalilinux users! In the coming day(s), apt update is going to fail for pretty much everyone. The reason? We had to roll a new signing key for the Kali repository. You need to download and install the new key manually: offs.ec/4lUEtak
I just published a blog post where I try to explain and demystify Kerberos relay attacks. I hope it’s a good and comprehensive starting point for anyone looking to learn more about this topic. ➡️decoder.cloud/2025/04/24/fro…
Call for Papers for #Romhack2025 is still open! If you have cool research to share, don’t hesitate to submit. The perfect setting for great talks, great company, and a chance to visit the "Città Eterna". cfp.romhack.io/romhack-2025/c…
I spoke about the initial credential guard vulnerability at #SOCON2025, but I left out the part where the fix could be bypassed. Both bypasses have now been fixed which I cover in my blog post along with some juicy technical details. Enjoy.
I spoke about the initial credential guard vulnerability at #SOCON2025, but I left out the part where the fix could be bypassed. Both bypasses have now been fixed which I cover in my blog post along with some juicy technical details. Enjoy.
NTLM relay is still a major threat and is now even easier to abuse. We just added new NTLM relay edges to BloodHound to help defenders fix and attackers think in graphs. Read my detailed post - the most comprehensive guide on NTLM relay & the new edges: ghst.ly/4lv3E31
AI makes writing regex in any language way easier. Especially for a dummy like me! 🤣
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
Adam Chester 🏴�... @_xpn_
36K Followers 501 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
ippsec @ippsec
119K Followers 353 Following
mgeeky | Mariusz Bana... @mariuszbit
14K Followers 812 Following 🔴 Operator, Initial Access afficionado, Researcher, ex-AV engine developer, ex-Malware analyst 🦋 @mgeeky.bsky.social 🫖 green tea lover
Charlie Bromberg « ... @_nwodtuhs
15K Followers 653 Following Trying to hack the way we hack things 🏴☠️
sn🥶vvcr💥sh @snovvcrash
12K Followers 488 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Mike Felch (Stay Read... @ustayready
16K Followers 2K Following Targeted Ops Red Team @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | I speak for myself only | K1HAQ
Will Dormann is on Ma... @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Dave Kennedy @HackingDave
223K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
an0n @an0n_r0
13K Followers 725 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Vincent Yiu @vysecurity
29K Followers 308 Following Director, Red Team, Offensive Security. Help organizations safeguard their businesses from the bad guys.
Antonio Cocomazzi @splinter_code
9K Followers 327 Following offensive security - windows internals | BlueSky: https://t.co/ytvJCoaF2c | Mastodon: https://t.co/hNIHa6L14d
Andrea K. Ranieri @dr4ndrei
16 Followers 71 Following 19 | maldev - windows internals | computer science student @univaq
WhatAScriptKiddieDoes @WhatAKiddieDoes
5 Followers 155 Following
Sambam4mba @he31707900
8 Followers 929 Following Bor3d hacker of iot devices, security researcher? Security Breacher!
Alexis @_heilancoos
7 Followers 103 Following Security Researcher | Threat Simulation & Incident Response
PhilNelson @PNelson0101
3 Followers 73 Following
teycir bensoltane @teycirben
86 Followers 2K Following
fittesi @fitteso
1 Followers 527 Following
Ysauarjoo @Ysauarjoo6101
57 Followers 2K Following
Vinay Kandul @KandulVinay
1 Followers 39 Following
R.ICON @R_ICON_Megaddog
719 Followers 3K Following LOVE | Tech Enthusiast | Cybersecurity| Basketball hooper | Christ Above all| Driven by Loyalty and Integrity | COYG | Martial Arts, Karatéka
Myc Cellium @MycCelium
67 Followers 1K Following
sad @sec0x25
79 Followers 3K Following
KrisB @krisbowe
263 Followers 1K Following Penetration Tester | OSEP | eCPPTv2 |constantly learning | my comments are my own and not related to my employer
Eli Gaultney @eligaultney
1K Followers 1K Following | love-mongerer and ethical hacker | | cyber soc analyst | CogSec enthusiast | all views are your own
0x2A Security @0x2asec
48 Followers 956 Following Security: the answer to the ultimate question of life, the universe, and everything.
Hope @Hope319396
33 Followers 750 Following
Advance-sec @advance_sec0
765 Followers 705 Following Advance-sec platform: is one of the top leaders in research and acquisition of vulnerabilities and 0day exploits. Email: [email protected] Wire: @advance_sec
nsjcoir @nsjcoir
0 Followers 12 Following
AYUB METAH @AyubMetah
194 Followers 2K Following Cyber Security | Digital Forensics | Pen Test | Red Team
jocker @DavidSpid12189
1 Followers 949 Following
Hosein @Hosein635643
2 Followers 129 Following
Ashutosh Raina @_a_raina
15 Followers 482 Following Security Researcher @ Microsoft | Ex-Trellix| Cricket and Football Fan | Views and Opinions are my own and not of my employer
TheCyberCalendar @Cyber_Calendar
85 Followers 578 Following The Cyber Calendar features 365 days with a hack, incident or breach that was reported on those days in history!
Abdullah Asif @Abdulla36287154
15 Followers 394 Following
Omri @Omrimg2
8 Followers 94 Following
Rajan @RajanGounder007
54 Followers 499 Following Community work helping with emergency situations, traffic and awareness.
Two Seven One Three @TwoSevenOneT
2K Followers 1K Following Chief Security Officer (CSO) || Security Researcher at https://t.co/YsorB5YEAu || Penetration Tester || Red Teamer || Social Engineering Awareness Trainer
Oldboy @oldboy_sonnt
56 Followers 940 Following A boy with old face. Women hate that. I'm Jisoo I'm OK
Amalia Radoi @AmaliaRado56600
5 Followers 359 Following
Ahmed @Ahmed2XX0
143 Followers 4K Following Life is a moment fill it with joy, clothe it with hope, cheer it with laughter, and strip it of sorrow, for nothing is worth the sadness
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Florian Hansemann @CyberWarship
84K Followers 47 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
Adam Chester 🏴�... @_xpn_
36K Followers 501 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
sn🥶vvcr💥sh @snovvcrash
12K Followers 488 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Will Dormann is on Ma... @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Dave Kennedy @HackingDave
223K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
an0n @an0n_r0
13K Followers 725 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Vincent Yiu @vysecurity
29K Followers 308 Following Director, Red Team, Offensive Security. Help organizations safeguard their businesses from the bad guys.
Antonio Cocomazzi @splinter_code
9K Followers 327 Following offensive security - windows internals | BlueSky: https://t.co/ytvJCoaF2c | Mastodon: https://t.co/hNIHa6L14d
klez @KlezVirus
8K Followers 706 Following Independent Cyber Security Researcher - Opinions are my own
Dirk-jan @_dirkjan
28K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
x86matthew @x86matthew
21K Followers 189 Following C / asm / system emulation / reverse engineering. @the_secret_club
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows | Interested in Security, Debugging, and Windows Internals.
Mr.Un1k0d3r @MrUn1k0d3r
13K Followers 508 Following I don't know how to search on Google so I do research on my own and tweet about it. Hacking as a life style https://t.co/a05mevChzu
Adi Malyanker @RedPanda4Good
33 Followers 20 Following
RedTeam Pentesting @RedTeamPT
8K Followers 173 Following Official RedTeam Pentesting GmbH account -- Impressum: https://t.co/pS9oK62Lsu
Justin Bui @slyd0g
4K Followers 345 Following I break computers and skateboards | red/blue/whatever let's make security better | Offensive Security @Snowflake | Prev @Zoom @SpecterOps
Jason Lang @curi0usJack
16K Followers 200 Following @TrustedSec Red Team lead | Hi-Fidelity trolling | Privacy Enthusiast | Putting the "no" in nano | Avatar: https://t.co/3XHmKR8nCk
Matt Hand @matterpreter
10K Followers 293 Following Director, Security Research @preluderesearch💜 | Author of Evading EDR https://t.co/E5fs0sSTOv 📖 | Adversary tradecraft & windows internals 🦠
📔 Michael Grafnett... @MGrafnetter
3K Followers 120 Following Principal Security Researcher @SpecterOps, Microsoft MVP Identity & Access
John Hammond @_JohnHammond
298K Followers 3K Following Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyQtS || https://t.co/narO3sz7y6
Yuki Chen @guhe120
10K Followers 281 Following 古河, Indepent security researcher, Bug bounty, ACG Otaku, Pwn2Own 15/16/17, PwnFest16,TianfuCup 18/19/20, 5 times MSRC MVR yearly Top 1. Got two pwnie awards.
Shortwave Observer @shortwave78
21K Followers 85 Following - Italian Shortwave Listener - Also interested in intelligence, aviation, navy, nature and archaeology
Chirag Savla @chiragsavla94
3K Followers 5K Following With Knowledge We Know the Words.. But... With experience We Know their Meaning ! #HOF #Microsoft #BigBasket
Marcello Crescentini @MarcelloCresce2
6K Followers 8K Following Imprenditore, solare e positivo, ironico, molto amante degli animali. Ivy, Diletta e Alan sono i miei amori.
Andrew Chiles @AndrewChiles
2K Followers 687 Following Works @ SpecterOps, Red Teamer, Amateur Photographer, Health Nut, Husband, Father, #wreckingball
Johnathan Norman @spoofyroot
5K Followers 335 Following Security research and engineering lead at @microsoft. on mastodon: https://t.co/YfJkktByFv and @spoofy.bsky.social not posting here anymore.
monoxgas @monoxgas
5K Followers 371 Following Security engineering, research, exploits, ml. Co-Founder with @moo_hax at @dreadnode
Stiv Kupchik @kupsul
388 Followers 81 Following Security Researcher Got a https://t.co/SmOk4Sp5uw Physics that I don't know what to do with...
Justin Bollinger @Bandrel
6K Followers 2K Following hacker, finder of EKUwu (CVE-2024-49019) https://t.co/XQuqk8nGG6
accorciabro @accorciabro
5K Followers 1 Following
rev3rse security @rev3rsesecurity
3K Followers 788 Following Rev3rse Security è una community italiana dedicata al ICT Security: offensive, hardening, red team, blue team, e molto altro... Seguici su YouTube!
Kārlis Ozols @CyclingGraphs
20K Followers 297 Following Regional Manager and Scout at TEAMVISION. W/Kg analyst for Lanterne Rouge Media. 📩 [email protected]
Olaf Hartong @olafhartong
17K Followers 965 Following @FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model
Thomas Naunheim @Thomas_Live
7K Followers 458 Following #MicrosoftMVP | Cyber Security Architect 🛡️| #MicrosoftEntra 🔑 + #Azure ☁️ | #Schaengel
Dlive @D1iv3
2K Followers 1K Following Security Researcher. 2022 MSRC MVR. Windows Active Directory Security / Cloud Security / Web Security. Tweets are my own.
Eric Woodruff | MVP |... @ericonidentity
2K Followers 712 Following Security researcher @SemperisTech. Microsoft Security MVP, Entra nerd. Part-time hiker, full-time dad and partner. Opinions expressed are from my cat.
TROOPERS Conference @WEareTROOPERS
10K Followers 501 Following We are TROOPERS - IT-Security Conference & Trainings https://t.co/gO1lSzFuns Also at the infosec exchange @WEareTROOPERS
Il Grande Flagello @grande_flagello
86K Followers 293 Following Satira e Arte salveranno il mondo. Montaggi su tv, politica e attualità. Sono l'anello (debole) di congiunzione tra Blob e la Gialappa's.
Clément Notin @cnotin
6K Followers 974 Following 😈 Security research (#ActiveDirectory #EntraID) & pentest 🎉 #CTF @tipi_hack 👨💼 Works @TenableSecurity, opinions my own 🪂 https://t.co/4HRwJQ6PUm
Melvin Kitnick 🏴�... @xenobyte_
1K Followers 1K Following 🇮🇹 mostly infosec, social engineering and cats | chess | Learned hacking in '90s irc rooms.
Merill Fernando @merill
18K Followers 4K Following Product Manager @microsoft | Tweets my own Built → https://t.co/ujxKqxXjf2 • https://t.co/QbUp63ffXf • Graph XRay • https://t.co/tSWrIw8Ajh 📰 Newsletter→ https://t.co/tPzAEl0Zuq 🎙️ Podcast→ https://t.co/TBlNKTzn8t
Robin Granberg @ipcdollar1
293 Followers 299 Following Works @ Semperis, Tweets are my own. Blog: https://t.co/XdICuDKHxR Project: https://t.co/Z7OT8sQOep
Lee Chagolla-Christen... @tifkin_
14K Followers 816 Following I like making computers misbehave. Does stuff at https://t.co/YsrVyTjh8z. https://t.co/UsRIholree https://t.co/54TYQgSLiZ
Luca Telese @lucatelese
342K Followers 369 Following Giornalista. Cuori rossoblù. Tetris, Matrix, inonda, giornale radio, direttore de il Centro
LuemmelSec @theluemmel
8K Followers 552 Following I speak BloodHound. Husband, Father, IT-Guy, Security-Noob Blog: https://t.co/PXB35KEqs6 GitHub: https://t.co/Unp9jZOpBn
Ignazio Marino @ignaziomarino
381K Followers 2K FollowingTrends for United States
You might like
