Ryan "Chaps" Chapman @rj_chap
DFIR & malware analyst. @sansforensics FOR528 Author & FOR610 Instructor. @CactusCon crew. Husband & father. Comments = own. incidentresponse.training Phoenix, AZ Joined December 2008-
Tweets8K
-
Followers8K
-
Following3K
-
Likes10K
Active Directory hardening is free…outside of your time. Overall - PingCastle Passwords - FGPP, LAPS, Lithnet Permissions - ADeleg/ADeleginator Applocker - Applocker Inspector/Applocker gen ADCS - Locksmith Logon scripts - ScriptSentry GPO - GPOZaurr Baselines - CIS/Microsoft…
If you hold CTRL, then it will pause Task Manager so the processes don't move around when you're sorted by resource usage
If you hold CTRL, then it will pause Task Manager so the processes don't move around when you're sorted by resource usage
Join us!!
Big news! Someone finally noticed that if you hold down CTRL, the process list in Task Manager conveniently freezes so you can select rows without them jumping around. I did this so you could sort by CPU and other dynamic columns but then still be able to click stuff...
🌴 Join @EricRZimmerman at #DFIRCON for Mastering Investigations with #EZTools. You'll explore tools like KAPE, RECmd, & ShellBags Explorer to take your skills to the next level. 🔗 Learn more about DFIRCON & Community Learning Day: sans.org/u/1CRS 🚨 In-person only
Sigh. Another one.
If you're interested by an alternative way to dump domain users' NT hashes and TGT without touching LSASS, take a look at the new Masky tool :) Everything is explained in this article: z4ksec.github.io/posts/masky-re… Thanks @harmj0y, @tifkin_ and @ly4k_ for their amazing work on ADCS!
📣 Nominations close this Monday at 11:59 p.m. EDT (UTC-4) for #SANSDMA 2025! Don't miss this chance to shine a light on the #cybersecurity practitioners who are making breakthroughs every day in advancing security. ➡️ Nominate Now: sansurl.com/dma-nominate
Say hello to the most recent @sansforensics FOR610: Reverse Engineering Malware "Lethal Forensicator" challenge coin winners! This group performed wonderfully and secured coins on behalf of the Kingdom! Great job all!
Don't sleep on this man!! HIGHLY experienced. :)
Go go go!
Fantastic con for your next talk. Check it out!
GREAT con to sponsor and overall be a part of! Check them out!
GREAT con to sponsor and overall be a part of! Check them out!
Domain Admin shouldn’t logon to workstations. Here’s one way to restrict DA logins to workstations: Create a GPO… Computer Config → Windows Settings → Security Settings → Local Policies → User Rights Assignment → ‘Deny log on locally’ & ‘Deny log on through RDP’ → add…
"Not all heroes wear capes. Some have YouTube channels." .... hot DAAYUUMM CONGRATULATIONS @ScammerPayback !!!!!! 🤩💥🔥🥳🎊🎉 justice.gov/usao-sdca/pr/y…
Catch up on the latest insights from this year's SANS #DFIRSummit. Stream the full playlist now! 📺 youtube.com/playlist?list=…
🚨LAST CALL to submit your #DFIR tool! 🛠️ Submissions for the #EZTool Challenge closes today. @EricRZimmerman is standing by to build the winning idea. 💥 Want to shape the future of DFIR #OpenSource tooling? Learn more here: sans.org/u/1Cso
First we saw APT28 using an LLM to generate commands in their malware and now, a ransomware is using an LLM to start file system encryption 👀

Florian Roth ⚡️ @cyb3rops
207K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Dave Kennedy @HackingDave
224K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
SANS DFIR @sansforensics
109K Followers 98 Following The world's leading Digital Forensics and Incident Response provider. This feed updates you on latest DFIR news, events, and training.
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Thomas Roccia 🤘 @fr0gger_
32K Followers 2K Following AI Security x Threat Intel · Sr. Threat Researcher @Microsoft · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @McAfee_Labs · Views mine 😈
Mehmet Ergene @Cyb3rMonk
13K Followers 438 Following https://t.co/uAlYlXIpyV Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR @BluRavenSec | Microsoft Security MVP | #DataScience
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Eric Capuano - Bsky: ... @eric_capuano
11K Followers 3K Following Co-Founder @recon_infosec | SANS DFIR Instructor | IANS Faculty | https://t.co/yUXCSu2Yso | ⬡ ❤ @shortxstack
💻 Sherrod DeGrippo... @sherrod_im
36K Followers 7K Following Weird security voyeur. Vibe merchant. CISO of your 🩷 Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast. I like crime actors.
Michael Koczwara @MichalKoczwara
23K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
Will @BushidoToken
36K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Christopher Peacock @SecurePeacock
7K Followers 2K Following #PurpleTeam | Ex @RaytheonTech MSSP, @SCYTHE_IO, & @GD_OTS | Taught at BlackHat & DEFCON | #100DaysofSigma | Keep exploring, keep learning, and stay curious
Nicole Beckwith @NicoleBeckwith
42K Followers 7K Following Director, Security Operations @kroger 🍓 Intel, Hunting, IR, Detection Engineering, Insider Risk, Fraud & Forensics 💻 Fmr LE & DFIR for OH & Secret Service TF.
Josh Stroschein | The... @jstrosch
12K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 😱 1M+ views on YT | 🎙️ Host of Behind the Binary podcast 👇
Nasreddine Benchercha... @nas_bench
11K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
Black Hills Informati... @BHinfoSecurity
48K Followers 2K Following Specializing in pen testing, red teaming, and Active SOC. We share our knowledge through blogs, webcasts, open-source tools, and Backdoors & Breaches game.
Lori @cscnm77387421
71 Followers 534 Following Life is ultimately worth living 🌸 No DM's. I'll never get out of my comfort zone. Golf, Interesting movies and upbeat songs. 🏌🏻♀️🎬🎶
Apleamu @Apleamu49869
13 Followers 986 Following
Lalsllslsjn Aliksk @forensics_tools
0 Followers 85 Following
Saide Hossain @nemocyberworld
106 Followers 1K Following Offensive Security | Exploit Dev | Malware Dev
shivaraj @shivaraaaj
1 Followers 314 Following
Camron Conroy @CamronConr7120
127 Followers 4K Following
LetitiaMore @2n89nskDA20hIOZ
17 Followers 565 Following
TF @tf70865090
14 Followers 218 Following
Kimberly @StopMalvertisin
16K Followers 628 Following Security Researcher | Cyber Threat / Malware Analyst | Ex Sr. Threat Analyst @ Proofpoint | Founder of Stop Malvertising
s13_mac @s13_mac
0 Followers 627 Following
CyberVenom 👾 @CyberVenom888
2 Followers 90 Following
Mduduzi Thanjekwayo @Mdu_Thanjekwayo
277 Followers 178 Following
Pasquale Palermo @0xPasPal
1 Followers 117 Following Malware Analyst and Windows Malware Developer Reverse Engineering, Threat Intelligence, EDR Evasion Focused on APTs, C2 Development, and Red Team Tools
Shittu Olapojoye Nini... @ShittuNini
41 Followers 296 Following *VOICE FOR ALLAH SWT. *Chartered Accountant *About 10 years stint in the Banking Industry *CyberSecurity Enthusiast/Student *Digital Biz Owner/Advisor/Mentor
Shaun Fisher @ShaunFishe55867
109 Followers 4K Following
Lily tan tan @Lilytantan42654
6 Followers 246 Following
Dummy Account @Asta_nine
2 Followers 548 Following
Taylor Parsons @iTweetITgeek
315 Followers 892 Following Customer Operations Director, husband, father, coach, USMC Vet, Co-Host of Locked Down with Kayla and Taylor!
Rob @robditmer
2 Followers 130 Following
Lourdes Dach @DachLourde32600
114 Followers 4K Following
Noetis @Noetis88
3 Followers 385 Following a cybersec geeker, 0day/apt/vulnerabilities research/dataleak/secops
Tejas Pharande @tejas_pharande
1 Followers 42 Following
Banda Pamungkas @escortdubaij3
1 Followers 28 Following Click link WhatsApp booking girl beautiful European available
M Sai Preetham Reddy @gh0stkn1gh7
37 Followers 235 Following DFIR enthusiast | Windows & macOS forensics | CTF @teambi0s | OSINT lover 🕵️♂️ #DFIR
STH TEXAS Gigi @LEC_01
260 Followers 746 Following Patriot wife, mother and dog mom. I am here because X is the news now. 🚫Please no DM’s - will block🚫 No Bots - will block. On Truth Social @SouthTXGiGi
AlmaTomlinson @89lI5lq5JdkDS
9 Followers 481 Following
Marek Tóth @marektoth
423 Followers 140 Following Security Researcher / Penetration Tester • Web Application Security
Salman @Sal_2211
1 Followers 204 Following
Salah @slh_1993
139 Followers 266 Following Cybersecurity | Gaming | Anime | Coffee | #CRTP #eCPPT أمن سيبراني مهتم بكل ماهو جديد في المجال
0xddy @0xddy1
0 Followers 172 Following
Crockett @CrockettLabs
78 Followers 2K Following
Davide Ciacciolo @davideciacciolo
3 Followers 95 Following Detection Engineer & Threat Hunter at Gyala S.r.l.
Eegomxa @Eegomxa880050
17 Followers 456 Following
Ouroboros @Ouroboros155414
0 Followers 539 Following
THOMAS @0xSH4RKS
120 Followers 1K Following
Tyler @TG01_Actual
226 Followers 382 Following Principal Architect & Security Researcher | Recovering OSINT & Threat Hunter | Builder of AI/ML and security things
SubratSahu_IN @iamsubrat_IN
132 Followers 5K Following Coder| Cyber Security| AI ML DL #Infosec 01110010 01101111 01101111 01110100 01000000 01110011 01110101 01100100 01101111
Florian Roth ⚡️ @cyb3rops
207K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Dave Kennedy @HackingDave
224K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
Jake Williams @MalwareJake
143K Followers 2K Following Breaker of software | VP R&D @hunterstrategy | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | GSE #150 | He/him
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Mick Douglas 🇺🇦... @bettersafetynet
31K Followers 570 Following Consultant for InfoSec Innovations | @SANSInstitute Principal Instructor | @IANS_Security Faculty | I like information security. How about you?
mRr3b00t @UK_Daniel_Card
114K Followers 8K Following Department of Cyber WAR CEO of everyone's email servers!
4n6lady @4n6lady
62K Followers 669 Following #DFIR & #BlueTeam | IR & Threat Detection | #OSINT enthusiast | waiting for HL3 | AWS CIRT - my views are my own
SANS DFIR @sansforensics
109K Followers 98 Following The world's leading Digital Forensics and Incident Response provider. This feed updates you on latest DFIR news, events, and training.
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Kostas @Kostastsale
18K Followers 367 Following @TheDFIRReport | No longer active here – find me on Bluesky: https://t.co/qHzDSxCRfG. 🇬🇷🇨🇦
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows and Devices | Interested in Security, Debugging, and Windows Internals.
Chris Sanders 🔎 �... @chrissanders88
34K Followers 489 Following Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSM
Thomas Roccia 🤘 @fr0gger_
32K Followers 2K Following AI Security x Threat Intel · Sr. Threat Researcher @Microsoft · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @McAfee_Labs · Views mine 😈
Mehmet Ergene @Cyb3rMonk
13K Followers 438 Following https://t.co/uAlYlXIpyV Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR @BluRavenSec | Microsoft Security MVP | #DataScience
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Eric Capuano - Bsky: ... @eric_capuano
11K Followers 3K Following Co-Founder @recon_infosec | SANS DFIR Instructor | IANS Faculty | https://t.co/yUXCSu2Yso | ⬡ ❤ @shortxstack
Florian Hansemann @CyberWarship
84K Followers 46 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
Jennifer Wood @CurrentJen
1K Followers 1K Following Space geek, roaming gnome, comms @LutaSecurity. Ex-USG: @OMBPress @NASA @EPA US_Senate. Formerly @Kaspersky @BlackBerry @Microsoft/@WEcomms_@UF Grad_My opinions
Uriel Kosayev @MalFuzzer
5K Followers 435 Following Author of MAoS - Malware Analysis on Steroids & Antivirus Bypass Techniques | Cybersecurity Researcher | Keynote Speaker | Co-Founder @TrainSec Academy
Rebekah Brown @PDXbek
6K Followers 574 Following Senior Researcher @citizenlab | Author | SANS Instructor | Spend my time on threat intel, research, music, & coffee.
Marek Tóth @marektoth
423 Followers 140 Following Security Researcher / Penetration Tester • Web Application Security
THOMAS @0xSH4RKS
120 Followers 1K Following
spencer @techspence
13K Followers 2K Following 🛡️Empowering defenders & dismantling threats | Ethical Threat | pentester @securit360 | host @cyberthreatpov | SWAG https://t.co/AFJtZQcti7
@[email protected]... @Baybe_Doll
4K Followers 1K Following AKA n3x7. #TeamHashcat. @defcon SOC GOON. Staff DEF CON @PasswordVillage, @BSidesLV, @Hushcon. Bug hunter @SynackRedTeam. Fmr COO @TerahashCorp
PC Philanthropy @PcPhilanthropy
26K Followers 2K Following Tech enthusiast | Nostalgia Addict | Philosopher | The natural world has much to teach if we but just listen…
sixtyvividtails @sixtyvividtails
3K Followers 395 Following Currently working as an independent GUID merchant. Fully licensed. I acquire, produce, and sell high-quality GUIDs.
CodeX @codex_tf2
2K Followers 211 Following advanced persistent clown 🤡 📕 redteam blog: https://t.co/ihAv2kG3JR 🛠️ github: https://t.co/VhmOUAWcTp
Klara @klara_sjo
65K Followers 10K Following Non-practicing intellectual Chaotic neutral Running at a mental speed of one thought per sometimes.
Security BSides Albuq... @BSides_ABQ
538 Followers 56 Following 𝐖𝐡𝐞𝐧: 25 & 26 July 2025 𝐖𝐡𝐞𝐫𝐞: UNM Continuing Education 𝐓𝐢𝐜𝐤𝐞𝐭: https://t.co/qr8h0p9CfZ
Simon Roses @simonroses
3K Followers 990 Following AppSec, Pen Testing, Technology, Business and anything interesting. Founder & CEO of @vulnexsl (https://t.co/s15XGDIFGD) -Un mallorquin explorando el mundo
Ezra Woods @Shammahwoods
121 Followers 70 Following we do a bit of security research ‘round these parts.
Nathan McNulty @NathanMcNulty
17K Followers 1K Following Loves Jesus, loves others | Husband, father of 4, security solutions architect, love to learn and teach | Microsoft MVP | @TribeOfHackers | 🦋@nathanmcnulty.com
Zöe @Zoe_r_Jay
813 Followers 6K Following Economist. Techie. Geek. 🏳️⚧️ https://t.co/ORywUXz1ZI @CyberSec916
mathew @mathew_dev
3K Followers 1K Following technologist, systems architect (code, data, infrastructure and networking). infantry (ret.) hobbies: RF Radio, Motorcycles. pronouns: boss/chief/sir/top
Kali 🅅 🏳️�... @RadicalKjax
2K Followers 670 Following 💍👩❤️💋👩🪴👩🏼💻🧘🏼♀️🏳️⚧️🔮✨🌕🐇| She/Her | weeb | nerd | goober | hack-a-doodler | smartest airhead | https://t.co/Edx234I8sK
Ⓥ Schmoo's Inclusiv... @inclusiveunicrn
4K Followers 1K Following Human. Wife. Mother. Girlfriend. Daughter. Sister. Friend. Pansexual. Unicorn. 🏳️⚧️ Ally. Infosec adjacent for 20 years. & I stand against genocide always 🍉
The Wheres Wally Podc... @TheWheresWally
19 Followers 137 Following Intel, warfare, hacking and the weird corners of geopolitics. Hosted by a USMC vet & intel pro deployed to Iraq, Afg, & Africa. YouTube: @thewhereswallypodcast
Skylando Bloom @SkylerJEgert
461 Followers 83 Following Native American, 25M co-founder of @EvilRabbitSec 13+ Years of software development Orlando Bloom lookalike My tweets are my own.
Michael Lenz Jr @jr_lenz27968
19 Followers 23 Following
SHIFKEY @shifkey
118 Followers 145 Following Senior SoyDev | Junior Security Researcher | Very distracted by stocks & economics
TheMagician @31337Magician
999 Followers 847 Following I'm The Magician, I pick locks, social engineer folks, & test pens. I only know #dadjokes. Built in Rick Roll. #Pentester #ADHD #ActuallyAutistic #Cyborg
Edna (they/them) 🅅... @ednas
1K Followers 1K Following Black Badge WWHF '25 | @DEATHCon2025 Orlando Site organizer | @BsidesORL Vol Coordinator | DEF CON Group Orlando | Malware analyst
Talking Sasquach @TalkingSasquach
2K Followers 99 Following An actual Talking Sasquach teaching tech stuff to skids and kids of all ages! Check me out on YouTube!! https://t.co/hYb3aVI5Gy
Jackie O. @gat0rg1rl
931 Followers 549 Following Cloud Security Eng & sometimes runner. Miami born and raised, NYC trained me for life🦾. She/Her/Ella #GoGators #LatinaInTech
. @3jkmr
29 Followers 566 Following Eternal apprentice of Google, with no chance of ever outsmarting the master | Pentester
coruscant ventures @coruscant_ven
5 Followers 16 Following
TRΛVIS 🚀 @DreamFighter22
1K Followers 1K Following ICS/OT Cybersecurity 🏭 | avgeek 🚀 | All views mine.
normalhuman @normalhumanfun
171 Followers 276 Following we’re all just normal humans. cyber. advisor to execs. techno-humanist. private AI tamer.
Jenn @_nextjenn
1K Followers 364 Following Black Badge @DEFCON, Social Engineering | Private Investigator | Locksmith | Offensive Security Consultant
Dustin @dmissp
723 Followers 4K Following Hubby, Daddy, Company Fella. #BlackLivesMatter #PurpleTeam, #InfoSecWhiskey, #TeamDuck @[email protected]
sudox @kmcnam1
12K Followers 3K Following CCIEx2 #50931 and a bunch of random paper. Opinions are my own and not the company I work. I guess I'm Green Arrow's daughter or something...
Maxie Reynolds @__maxreynolds
2K Followers 86 Following Data center expert. CEO of @subseacloud. Author of The Art of the Attack (cyber security book) and contributing author to Greener Data V2&3.
Hollie Hennessy @HollieHennessy
4K Followers 737 Following Lead Analyst covering IoT and OT Cybersecurity. London. Foodie. Classicist. Views are my own.
Chi-en (Ashley) Shen ... @ashl3y_shen
4K Followers 1K Following Security researcher @TalosSecurity / Ex-Google TAG / Black Hat USA & HITCON Review Board / Organizer of @rhacklette41. My tweets are my own opinion.
Alphabet Soup @Alph4betSoup
1K Followers 232 Following Abandoning privacy should not be a prerequisite for achieving security | data/privacy/security nerd | Just some chick
rekdt @rekdt
11K Followers 729 Following // unethical hacker // cybersecurity leader: megacorp, usa // ex big tech, else // @redteamvillage_ & @sec_defcon daemon // take sincerely at your own risk
Bug Bounty Village @BugBountyDEFCON
8K Followers 580 Following Official X account for the Bug Bounty Village @DEFCON. Founded by @infinitelogins and @arl_rose.
medusfour Ⓥ @medus4_cdc
27K Followers 7K Following I exist, but at what cost? privacy nerd, maker of cursed art, hacking the world for chaotic good. all nodes are equal.