-
Tweets213
-
Followers106
-
Following378
-
Likes533
AWS Penetration Testing Framework is now publicly available! github.com/T-s3c/AWS-Pent…
Have you blocked Device Code flow by default yet? If not, this very slow Graph PowerShell Beta command will tell you who is using them Get-MgBetaAuditLogSignIn -Filter "AuthenticationProtocol eq 'deviceCode'" Microsoft calls this a best practice, so go create the CA policy ;)
As ntlm leaking is still a thing, made a showcase for elevating via ldap relaying with some little tricks. Relaying is done with a Win Client without admin privs and an active Windows firewall (default config), by using HTTP.SYS and SSH. Details here: badoption.eu/blog/2024/04/2…
Watching people tweet they bypassed a certain EDR is just cringe at this point. When you ask them what did they bypass, they dont know what. So let me take you back to school... Executing OpenSource tool is not a bypass. An EDR employs several mechanisms for detection. Getting a…
me deleting print statements after debugging my code
A crazy complex and high efforts needed authentication bypass! Autsch...
A crazy complex and high efforts needed authentication bypass! Autsch... https://t.co/JIKjje9y5K
Leaking sensitive data via public accessable cloud storage is still a thing... I collected some samples of what can be found. Crazy stuff... badoption.eu/blog/2024/02/2…
Psst! Hey you! yeah I see you struggling with exfiltrating vhdx files you found on that public SMB share over a HTTP tunnel. What if I told you there is a better way? You can browse remote disk images with this project and only download what u need! github.com/skelsec/adiskr…
Steps: - Create a group chat - Invite the external “victim” - Write your message - Splash screen will be shown to the user - Remove the user from participants - Splash screen will also be removed Some details here: badoption.eu/blog/2024/01/1…
Microsoft patched the MS Teams external collaboration Splashscreen bypass via meetings, after 4 months. So, here is a new one via group chats 🫣🫣🫣
As nowadays an EDR is on almost PC, it might be time to move on to the next part in assesments. Smartphones maybe? You can send a QR Code as Unicode, to ensure you land on a mobile device, bypass image privacy and and go for device code phishing to get a full Azure / M365 PRT!
More details are here, as usual: badoption.eu/blog/2024/01/0… If you have some remarks, feel free to discuss here or send me a DM.
Instead of VisualStudio you can use Python: Details here: badoption.eu/blog/2023/12/2…
Did you know, that you can use search-ms to bind a WebDAV drive and filter there? This offers some possibilities for attack chains, e.g. with Java, Python, Ruby or Visual Studio. Here is a PoC for Visual Studio: More 🧵👇 #initialAccess
Yes, this is not new, this is also simple and stupid. But is it stupid if its working? More Details: badoption.eu/blog/2023/12/0…
Collection of knowledge about information security github.com/r1cksec/cheats… #pentesting #cyberSecurity #infosec
Great collection, always worth a look and continious updates! :)
Great collection, always worth a look and continious updates! :)
If you ever asked yourself how complex it is to setup an O365 phishing infrastructure, the answer might be a little bit disturbing "not much". It's done in under 10 mins and free O.o Here is a walkthrough:
It's been quiet for a while around bloodhound Python, however I'm happy to share that I am now maintaining the project at my personal GitHub. The latest version fixes many bugs/issues, also thanks to the many PRs that were submitted (thanks all!). github.com/dirkjanm/blood…
Lucy @9ggC45x16Z3ASA
159 Followers 4K Following Professional overthinker | Amateur avocado grower 🥑💭
Lowell Hackett @HackettLow84291
67 Followers 3K Following
IllegalNightProgramme... @IllegalNightDev
1 Followers 187 Following Cybersecurity student Currently learning Reverse Engineering
Tharewoth @TharewothMiR5
100 Followers 3K Following
Hazel 💖 @ColtonW51089
46 Followers 930 Following You don’t need a perfect life, just a happy one. 🌈😌
Deloris @delorishale46
376 Followers 3K Following
0xLite@Ha @AzyzChayeb
889 Followers 7K Following
0xNULL @0x0000002015042
28 Followers 481 Following Malware Developer ,Reverse Engineering and Network analyst
Priscilla @priscillalande6
1K Followers 3K Following
Karen @fletcher95karen
284 Followers 3K Following
Luca @luc4_1312
6 Followers 345 Following
Thinkst Canary @ThinkstCanary
13K Followers 10K Following Most companies only realise they are breached when informed by a 3rd party. This is a stupid problem! Thinkst Canary. Know. When it Matters.
Anne @brownanne81
305 Followers 3K Following
ChinOnwunli @COnwunli95611
52 Followers 2K Following
Keathes @Keathes163598
7 Followers 906 Following Follow me, maybe it's the beginning of our fate, we can talk
Irene @lamontagne_iren
306 Followers 3K Following
gaberose @gaberose03
5 Followers 230 Following
Crazy Fking Videos �... @CrazyFkingVids
11K Followers 222 Following ⋈ ⋈ ⋈ crazy fking videos for your viewing pleasure. ⋈ ⋈ ⋈ viewer discretion advised.
Money Hunter @Moneyhunter710
18 Followers 427 Following
Stacy @olszewski_stacy
245 Followers 3K Following
Sharon @pursley_sharon5
357 Followers 3K Following
Josephine @josephine_hill6
366 Followers 3K Following
Leonardo Gil @UnctusM
192 Followers 3K Following Infosec Addict. Ibis, redibis, nunquam per bella peribis.
Lee @torres62lee
323 Followers 3K Following
Barbara @barbara_major80
329 Followers 3K Following
Irma @irma_abram73
283 Followers 3K Following
Patricia @patricia94colle
321 Followers 3K Following
SecRoach @SecRoach
5 Followers 50 Following
Lauretta @kincaidelaurett
325 Followers 3K Following
Bettie @w_bettie11
460 Followers 3K Following
c1sc0 @C1sc01
342 Followers 189 Following OSCP, OSEP, OSWE, OSED, OSCE3, OffSec, Pentesting, Hacking Enthusiast, #kaeferjaeger
Ken Nevers @k3nundrum
1K Followers 3K Following †Christian|hubby|dad|pet papa|co-founder @hackspacecon, @HackRedCon|@RedSeerSecurity|https://t.co/jsa7dA1pkA|OSEP|OSCP|CRTO|CRTE|CRTP… ”be kind & hack the planet.”
Peter Winter-Smith @peterwintrsmith
6K Followers 3K Following Security researcher & implant developer @mdseclabs; developing SAST @wsastsupport; malware, code analysis, appsec, cryptography. Trying to follow Christ.
Moritz @cyberfuchs@di... @Loris1123
101 Followers 113 Following Pentester, IT-Security, Linux, OpenSource and Technology
Spiros Pitikaris 🏴 @cmpspiti
1K Followers 1K Following | Offensive Security & Digital Forensics Operator | 🇬🇧🇬🇷
NCV @nickvourd
1K Followers 352 Following Just your friendly neighborhood APT :~# OSCE³ ℹ️Opinions are my own and not the views of my employer. 📌I’ll be at @BSidesTirana 2026 with @IAMCOMPROMISED
Elavarasan @elaajirg
60 Followers 2K Following
WhiteDove @WhiteDove090
1 Followers 4K Following
Expl0itabl3 @Expl0itabl3
898 Followers 2K Following
lt23 @gr3ycardinal
1 Followers 953 Following
T1nt1n @t1nt1nsn0wy
710 Followers 4K Following Noobie H4CK3R and researcher at @qualys. Prev @pwc. Views are my own :)
foolishviper @Rakeshs23500
46 Followers 837 Following
msry1 @msry1x
37 Followers 577 Following
Michael Bargury @mbrg0
9K Followers 490 Following Breaking AI. Hacked Copilot, hijacked ChatGPT. Building @zenitysec.
0xLite@Ha @AzyzChayeb
889 Followers 7K Following
Jairo @JairoP1qu3f
3 Followers 32 Following
Jason Lang @curi0usJack
16K Followers 201 Following @TrustedSec Red Team lead | Hi-Fidelity trolling | Privacy Enthusiast | Putting the "no" in nano | Avatar: https://t.co/3XHmKR8nCk
Andrea P @decoder_it
8K Followers 292 Following Security Consultant @semperistech . Independent Security Researcher. Cyclist & Scubadiver. MSRC MVR 2022. "So di non sapere"
Aura @SecurityAura
6K Followers 654 Following GCIH, GCFE, GDAT | DFIR, TH, DE | @CuratedIntel DFIR https://t.co/BMWUwziTLh https://t.co/MmX2YNVqdk https://t.co/R20zseQfLk
Thinkst Canary @ThinkstCanary
13K Followers 10K Following Most companies only realise they are breached when informed by a 3rd party. This is a stupid problem! Thinkst Canary. Know. When it Matters.
Lsec @lsecqt
4K Followers 162 Following Doing ethical hacking / red teaming / penetration testing and offensive coding videos. I am OSCP / OSEP / Vulnerability Researcher / Youtuber
BlackSnufkin @BlackSnufkin42
690 Followers 483 Following #RedTeam & #MalwareDev | #CRTL Just a pirate in the Cyber sea 🏴☠️
RedTeamTacticsAcademy @RedTeamTactics
5K Followers 439 Following Outsmart, Outmaneuver, Redefine the Tactics blog 👉 https://t.co/jBrypEoM7c learn 👉 https://t.co/llylzGEs0D
Antonio Cocomazzi @splinter_code
9K Followers 326 Following offensive security - windows internals | BlueSky: https://t.co/ytvJCoaF2c | Mastodon: https://t.co/hNIHa6L14d
Dohyun Lee @l33d0hyun
5K Followers 532 Following mobile / browser / microarchitectural / [email protected]
Mr.Un1k0d3r @MrUn1k0d3r
13K Followers 509 Following I don't know how to search on Google so I do research on my own and tweet about it. Hacking as a life style https://t.co/a05mevChzu
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / Antiquarian @ IBM X-Force / Team 501 / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Will Dormann is on Ma... @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Leonardo Gil @UnctusM
192 Followers 3K Following Infosec Addict. Ibis, redibis, nunquam per bella peribis.
trickster0 @trickster012
3K Followers 273 Following In the land of the blind, the one-eyed man is king.
BREAKDEV @breakdev_org
193 Followers 2 Following Breaking things through software development. Made by @mrgretzky
Neil Desai @0x617075
202 Followers 1K Following
zSecurity @_zSecurity_
16K Followers 97 Following 💻 Ethical Hacking & Cybersecurity Courses. 👇 Hack like black hat hackers and secure systems like cybersecurity experts
rui @fdiskyou
2K Followers 242 Following BJJ Black Belt. Type Confused. calc||GTFO. Retired @OpenBSD committer, former @ProjectHoneynet researcher, @exploitdb core team vet.
Unit 42 @Unit42_Intel
64K Followers 82 Following The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.
Pham Khanh @rskvp93
2K Followers 340 Following Security Engineer at @calif_io. Winner of Pwn2own Vancouver 2021, Torento 2022, Vancouver 2023. MSRC top 100 2019, 2020, 2021.
Nguyen Xuan Hoang @hoangnx99
690 Followers 129 Following Security Researcher at @vcslab Chief Finance Officer of @u0Kplusplus
Martin Gallo 🇦🇷... @MartinGalloAr
1K Followers 503 Following CyberSec Leader/Innovation |👨🏾💻PdM @HYPRCorp |🙆Co-org @TandilSec |🧐CFP @ekoparty |✊Knowledge sharing and community building |🏀#12 |🗨️Words are mine
Danis Jiang @danis_jiang
3K Followers 1K Following Yuhao Jiang / former ctfer @ Vidar-Team / Security Researcher @ Ant Group Light-Year Security Lab / GeekPwn 2022 / Pwnie Awards 2023 / Tianfu Cup 2023
Dan Lorenc @lorenc_dan
11K Followers 2K Following OSS Supply Chain Security. Founder/CEO/Primary Ariba Admin at https://t.co/sGmuUU9JbG Sigstore: https://t.co/dWKlyYu6kv
/ˈziːf-kɒn/ @x33fcon
7K Followers 1 Following When Red meets Blue... The very first security conference for Purple Teams on the planet
Dray Agha @Purp1eW0lf
6K Followers 3K Following Hunt & Response Senior Manager @HuntressLabs || "Competition is the law of the jungle, but cooperation is the law of civilisation” - Kropotkin
“Alex” @mangopdf
16K Followers 583 Following australia's 𝑜𝑛𝑙𝑦 hacker ✌️• hacking stories: https://t.co/CpNtyQpk5V 📝 • @purpleconnz vibe technician 💜• they/them • DMs open 👀 • [email protected]
Piotr Bazydło @chudyPB
4K Followers 310 Following Principal Vulnerability Researcher at watchTowr | Previously: Zero Day Initiative | @[email protected]
hacktive security @hacktivesec
710 Followers 187 Following
kiks @kiks7_7
298 Followers 193 Following
Barrett Adams @peewpw
763 Followers 368 Following Founder; Developer; Hacker Co-Founder @getCourseStack. ex Snap Labs - acq. by Immersive Labs.
Stephen Sims @Steph3nSims
24K Followers 833 Following Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/CadJehomsU
Will Butler @willbtlr
571 Followers 1K Following Security @OpenAI | Former Red Team @RobinhoodApp, @100xGroup, @Cruise, @Apple, and @PwC | I tweet about security, software, and entrepreneurship
RedStack @redstackio
10K Followers 196 Following Cloud Secure Architecture; Platform Engineering; DevOps; AI ML Automation
VCSLab @vcslab
3K Followers 26 Following This is the Twitter channel of VCSLab - the research team of Viettel Cyber Security
kennyog @kennyog
8K Followers 2K Following Professor of Computer Science at ETH Zurich. Views my own. Apparently in a semi-religious crypto/privacy cult. Join us! He/him.
Nikhil @Ox4d5a
18K Followers 1K Following Penetration Tester | i XCHG 0's 1's and do hacks | Red Team Sorcery https://t.co/6LUhkvN2hz | #eJPT | #OSCP | #CRTP | #CRTA | #CESP | #CRTE
Will Hunt @Stealthspl... @Stealthsploit
1K Followers 474 Following Hacker, Black Hat trainer, speaker, musician, gamer. Co-founded @insecurity_ltd. https://t.co/T3s2B55WJl Discord - https://t.co/nFzmfIfjxa
Help Net Security @helpnetsecurity
60K Followers 27 Following Independent cybersecurity news since 1998. Discover what matters in the world of information security today.
Bojan Zdrnja @bojanz
4K Followers 689 Following IT Security guy, penetration testing is my thing. One of the SANS Internet Storm Center handlers at https://t.co/KLxU4pooKI. SANS SEC542 instructor and course co-author.
Thomas Seigneuret @_zblurx
3K Followers 392 Following Red Teamer & Security researcher Maintainer of #NetExec, #DonPAPI, dploot, certsync, and all the stuff on my github repo bsky: https://t.co/zISpgvDSWc
Trends for United States
You might like
