James Forshaw @tiraniddo
Security researcher in Google Project Zero. Author of Attacking Network Protocols. Tweets are my own etc. Mastodon: @[email protected] tiraniddo.dev United Kingdom Joined July 2009-
Tweets7K
-
Followers48K
-
Following365
-
Likes2K
Taking a cue from @D1iv3 and @decoder_it's work on inducing authentication out of remote DCOM I thought I'd quickly write up a post about getting Kerberos authentication out of the initial OXID resolving call. tiraniddo.dev/2024/04/relayi…
Published a short blog post on a quirk in symbol resolving on Windows 11 ARM64 that broke OleViewDotNet's process parsing code and how I went about trying to fix it. tiraniddo.dev/2024/04/issues…
Released a new version of OleViewDotNet (v1.14) on the PS gallery. A big change is better source code formatting for proxies and typelibs in IDL format rather than the old pseudo C# one. The video below also shows an example of dynamic parsing and display of source in the UI.
If you're in the US (or maybe Canada?) and are willing to wait for a physical copy of my new book, Barnes and Noble are having a pre-order discount of 25%. barnesandnoble.com/w/windows-secu…
My friend @tiraniddo wrote his second book. He won the first ever $100k bug bounty from Microsoft. He’s a genius & a great writer of technical content. Buy his book & learn from one of our industry’s greatest living legends, available from @nostarch now: nostarch.com/windows-securi…
My friend @tiraniddo wrote his second book. He won the first ever $100k bug bounty from Microsoft. He’s a genius & a great writer of technical content. Buy his book & learn from one of our industry’s greatest living legends, available from @nostarch now: nostarch.com/windows-securi…
James is next level genius - and with @Lee_Holmes as a tech reviewer you know this book is on point! Buy it! It has been a joy to partner with James - and to be included in a mention with former MSRC greats such as @k8em0 and @n0x08 is an absolute honor. @nicfill @msftsecresponse
James is next level genius - and with @Lee_Holmes as a tech reviewer you know this book is on point! Buy it! It has been a joy to partner with James - and to be included in a mention with former MSRC greats such as @k8em0 and @n0x08 is an absolute honor. @nicfill @msftsecresponse https://t.co/kN1Pkh2DQU
Ok I’m a nerd. CanSecWest finished, I slept a full night, played with kiddo, helped a buddy move his aquariums, and then immediately cracked open @billpollock ‘s incredibly gracious gift of one of the first two copies of @tiraniddo ‘s amazing new book - which is now mandatory…
I try an avoid this hellsite, but I did a quick dive into sudo in Windows and here are my initial findings. tiraniddo.dev/2024/02/sudo-o… The main take away is, writing Rust won't save you from logical bugs :)
I just released a blog post on an Android ITW exploit chain: googleprojectzero.blogspot.com/2023/09/analyz… A big thanks to Google TAG and the other members of Project Zero who participated in the creation of this blog post and analysis of the chain!
Excited to share my hardest research about UAC 🤯 "Bypassing UAC with SSPI Datagram Contexts" 🔥 Enjoy the read! 👇 splintercod3.blogspot.com/p/bypassing-ua…
North Korean actors 🇰🇵 are targeting security researchers again including use of at least one 0-day. IOCs in the blog ⬇️ If you've been in contact, please reach out blog.google/threat-analysi…
After 8.5 years Microsoft fixed the bug class where services impersonating a user can have their system drive hijacked through symlinks. Maybe it helped that I said this bug class would never get 90 days again 😆 RE: bugs.chromium.org/p/project-zero…
[POC2023] - SPEAKER UPDATE1⃣ 💁♂️@tiraniddo Building More Windows RPC Tooling for Security Research #POC2023
I'm going to be speaking at @44CON again this year, no doubt complaining about Microsoft in some fashion. Come and say hi :)
Today‘s the day: my book was finally released!!! And it already looks like people like it: it is already Top New Release in several categories 😱🤩 I‘m so excited! ⭐️📖 Get my book: packt.link/MiriamCW
Grzegorz Tworek @0gtweet
30K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-Yarden Shafir @yarden_shafir
19K Followers 273 Following A circus artist with a visual studio licenseOliver Lyak @ly4k_
8K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KIMike Felch (Stay Read.. @ustayready
15K Followers 2K Following Pentester / Red Team | Hacking since Renegade BBS backdoors | Dev since vb3 | Content since '99-'03 ezines | Prior CrowdStrike / BHIS | In Christ's griphasherezade @hasherezade
84K Followers 845 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)b33f | 🇺🇦✊ @FuzzySec
32K Followers 844 Following 意志 / Antiquarian @ IBM Adversary Services / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabsVincent Yiu @vysecurity
27K Followers 203 Following Follow me for Cybersecurity #Thought #Leadership. Director Red Team. Help organizations safeguard their businesses from the bad guys.Charlie Bromberg « .. @_nwodtuhs
13K Followers 648 Following Trying to hack the way we hack things 🏴☠️mgeeky | Mariusz Bana.. @mariuszbit
11K Followers 611 Following 🔴 Red Team operator, ex-MWR/F-Secure pentester, ex-AV engine developer @ESET, green tea addict. 🫖 @[email protected]Will Dormann @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. @[email protected]Rad @rad9800
6K Followers 830 Following labs @praetorianlabs opinions are my own and not of my employerSaar Amar @AmarSaar
18K Followers 362 Following Reversing, exploits, {Windows, Hyper-V, *OS} internals, mitigations. Apple SEAR. Opinions are my own. @[email protected]h0mbre @h0mbre_
12K Followers 577 Following tryhard at linux kernel && avatar is by Ching Yeh: https://t.co/oanjFPPhe7lcamtuf (@lcamtuf@inf.. @lcamtuf
35K Followers 494 Following Homepage: https://t.co/iFAXZxCO5H Substack: https://t.co/yFvmNisGW3an0n @an0n_r0
11K Followers 716 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺Tejas Karkhanis @tejaskarkhanis
8 Followers 3K Following Googler at Google (Search, Data, and AI)|Angel investor & advisor| Opinions expressed are solely my own and do not express the views or opinions of my employer.Alexa @iamalec01
1 Followers 125 Followingyagyuu @yagyuu37316
0 Followers 113 FollowingZermyrv @zermyrv
16 Followers 208 FollowingAlberto Spelta @albertospelta
73 Followers 314 Following0q1111 @0q1111
23 Followers 45 Followingmkhntr @mk_log_hntr
0 Followers 40 Followingpsikore @psikore
194 Followers 138 FollowingGray_Boy @theblackone404
10 Followers 408 Following Ethical hacker | CTF player | Bug Hunter | penetration Tester |Surya Dev Singh @kryolite_secure
99 Followers 223 Following On kryolite security, we share the knowledge about red-teaming concepts & penetration testing TTP, and bug bounty, and other ethical hacking concepts !!TECNO Security Respon.. @TecnoSRC
2K Followers 722 Following Security Bug Bounty Program of TECNO Mobile. #hack #infosec #bugbounty #AppSec #cybersecurity #TECNOsecurity Contact Email: [email protected]Dwane Johnson @DwaneJo06435671
9 Followers 86 Followingmolu @xmo1u
7 Followers 229 FollowingMike @mmaurialj
4 Followers 295 Following Academic background in healthcare admin & management; CS & infosec enthusiast.Creds @Creds1337
0 Followers 29 Followingausldavid @ausldavid1
0 Followers 23 FollowingError403 @2rr0r4o3
41 Followers 350 Following0x59901R @0x59901R
38 Followers 499 FollowingIdan Raz @IdanR_z
0 Followers 14 FollowingOneBadAlien @WilliamTaack
119 Followers 3K FollowingSai Charan Paloju @SmartCherrysTho
27K Followers 17K Following Founder of Smart Cherrys Thoughts, Global Technology Influencer, International Speaker.Thumindu Wickremesing.. @t__wicks
16 Followers 498 Following Capital Markets & Securities @TW_Capitol | OSINT | ML | Cyber Security @StaffsUniNorbert Biedermann @ .. @NJBiedermann
595 Followers 3K Following VIsionary - Expert (@LinkedIn) - Online Research ProfessionalwwwGeneral @wwwGeneralFR
29 Followers 119 Following Pentester @CERTXMCO Part-Time Teacher @ESIEEParis Staff @HackDayfr CTF Player Active Directory breaker Blog : https://t.co/tzZUgyKrpa@mil @jsarba
105 Followers 854 Following a toda velocidad... en la ruta del oído y el olfato... degustando la vista y el tacto. ig. @jonathansarbaGerson @Gerson62009665
51 Followers 135 FollowingMatthew Kolb @matthewkolb13
109 Followers 983 FollowingSySNORLAX @0x0Fuck
263 Followers 1K Following Narcoleptic SysAdmin & Threat Hunter [email protected]Matti Mikkola @AmMattiM
20 Followers 101 Following I'm not interested in what computers do. Instead, I'm interested in what one can make them do.chip @mcelvain1
9 Followers 28 Followingh31d1 sec @H31D1_Sec
1 Followers 11 Followingyagyuu @topyagyuu
6 Followers 71 FollowingMooney @Mooney007Moon
0 Followers 59 FollowingSoftware Eng @KerberosCript
29 Followers 89 FollowingGrzegorz Tworek @0gtweet
30K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-Yarden Shafir @yarden_shafir
19K Followers 273 Following A circus artist with a visual studio licensehasherezade @hasherezade
84K Followers 845 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)b33f | 🇺🇦✊ @FuzzySec
32K Followers 844 Following 意志 / Antiquarian @ IBM Adversary Services / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabsWill Dormann @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. @[email protected]Saar Amar @AmarSaar
18K Followers 362 Following Reversing, exploits, {Windows, Hyper-V, *OS} internals, mitigations. Apple SEAR. Opinions are my own. @[email protected]lcamtuf (@lcamtuf@inf.. @lcamtuf
35K Followers 494 Following Homepage: https://t.co/iFAXZxCO5H Substack: https://t.co/yFvmNisGW3Dirk-jan @_dirkjan
25K Followers 173 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.🥝🏳️🌈 Be.. @gentilkiwi
62K Followers 278 Following A kiwi coding mimikatz & kekeo github: https://t.co/eS3LVgU6i0 Head of security services @banquedefrance Tweets are my own and not the views of my employerPavel Yosifovich @zodiacon
12K Followers 939 Following Developer, trainer, author and (sometimes) speaker. Founder at @trainsec academy.Adam @Hexacorn
24K Followers 1K Following Red Brain, Blue Fingers [email protected] https://t.co/Bm0C9KQDDY RIP Twitterϻг_ϻε @steventseeley
21K Followers 519 Following Hermetic Initiate. Exploring conscience and the nature of reality. I also hack things. @[email protected]Dr. Nestori Syynimaa @DrAzureAD
17K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)mdowd @mdowd
32K Followers 744 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)Maddie Stone @maddiestone
64K Followers 847 Following Security Researcher - Google's Threat Analysis Group | 0days all day. Love all things bytes, assembly, and glitter. she/her.Richard Johnson @richinseattle
16K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFHDominic Chell 👻 @domchell
16K Followers 531 Following Just your friendly neighbourhood red teamer @MDSecLabs | Creator of /r/redteamsec | https://t.co/3k3EBAZqGd | https://t.co/KwO2OwDOklGino C. Mongelli @InterestnWeirdo
29 Followers 15 Following A writer, musician and 3D artist interested in philosophy, TV & film analysis, computer science, art, technology, and everything else.Will Schroeder @harmj0y
46K Followers 938 Following Researcher @SpecterOps. Coding towards chaotic good while living on the decision boundary.Nic Fillingham 🇦�.. @nicfill
2K Followers 2K Following @msftSecResponse + @msftBlueHat + Podcast co-host. Not an expert; good at asking questions. Dad of a #T1D How can I help?Steve Syfuhs @SteveSyfuhs
17K Followers 2K Following Windows and Authentication at Microsoft. Developer. Mostly dog pictures. Might actually be two dogs in a trench coat. 🇺🇸 / 🇨🇦 @syfuhs.net on blue skyPandas Daily @PandasDaily2
2K Followers 78 Following Come with me, and we'll be, in a world of pure impandanationBrian in Pittsburgh @arekfurt
6K Followers 774 Following Former attorney, current IT & infosec consultant in the 'Burgh. Happy to talk about password spraying one minute and constitutional law the next. Son of #wvu.Liam O 🦆 @liamosaur
7K Followers 808 Following White rabbit hacker 🐇 Duck enthusiast 🦆 Gaeilgeoir ☘️ He/Sé @[email protected]Erye Hernandez @eryeh
1K Followers 455 Following Security Researcher, @inicmu alum, gamer, snowboarder, weekend baker, PPP memberKaylin Trychon @KaylinTrychon
3K Followers 2K Following Chaos Causer @chainguard_dev | Comms @SecureAerospace | @GirlSecurity_ Mentor | Prev Security Comms Lead @google | Rule Bender l New EnglanderDiane Dubois @0xdidu
2K Followers 417 Following Senior Security Engineer @Google (opinions expressed here are my own). Vulnerability research on systems is my favorite playground. Windows enthusiast. She/herAntonio Cocomazzi @splinter_code
8K Followers 442 Following offensive security - windows internals - reverse engineering | https://t.co/29suYwH66HCCob🏴�.. @_EthicalChaos_
8K Followers 414 Following Ceri Coburn: Hacker | R̷u̷n̷n̷e̷r̷ DIYer| Vizsla Fanboy and a Little Welsh Bull apparently 🏴 Author of poorly coded tools: https://t.co/P6tT2qQksCap @decoder_it
7K Followers 259 Following Incident Response and Security Consultant @semperistech . Independent Security Researcher. Cyclist & Scubadiver. MSRC MVR 2022.@nicolas_noble@mastod.. @nicolas_noble
503 Followers 1K Following Grumpy Software Engineer, former game dev, now working for Google. My opinions are my own and won't reflect the view of my employer. Cis, he/him.Alex Gough @quidity
497 Followers 911 Following Chrome Security Improver. Antarctican. Kiwi. Cyberblah. ACSC(J) survivor. All opinions mine or 3x your money back. @[email protected] https://t.co/D75X0cARMopod2g @pod2g
337K Followers 470 Following According to ChatGPT: @pod2g is a renowned cybersecurity expert specializing in iOS. @vigilant_labsJoshua Hill @p0sixninja
140K Followers 2K Following CTO/Co-Founder VivaSecuris. Supervillain Mad Scientist Hacker. 🥷 Chaotic NeutralChris Krebs @C_C_Krebs
266K Followers 3K Following @SentinelOne. @AspenDigital. @UVA @Center4Politics Scholar. 1st Director @CISAgov. Fired by tweet. Sanctioned by RU.Marcus J. Carey @marcusjcarey
52K Followers 6K Following Hope Dealer. Hacker. Husband, Father, Author, Artist, Mentor, & Inventor. @TribeOfHackers, ex-@usnavy @nsagov @threatcare.GrumpSec Spottycat �.. @kyhwana
3K Followers 3K Following Spottycat, absurdist, geek, queer/pan, iconoclast, misanthrope, infosec, ham radio, furry, he/him? Mastodon: [email protected]Walied Assar @waleedassar
5K Followers 559 Following Reverse Engineer / Malware & Vulnerability Researcher / SOC Analyst / Pharmacist / FishermanYuki Chen @guhe120
9K Followers 277 Following 古河, Indepent security researcher, Bug bounty, ACG Otaku, Pwn2Own 15/16/17, PwnFest16,TianfuCup 18/19/20, 4 times MSRC MVR yearly Top 1. Got two pwnie awards.Patrick Wardle @patrickwardle
37K Followers 959 Following Founder of the Objective-See Foundation 🛠️🍎Jeroen Frijters @JeroenFrijters
1K Followers 24 Following Retired software developer. De novo high volume metastatic prostate cancer. Castrated. Sex worker client. Carpe diem, ...Clément Labro @itm4n
7K Followers 169 Following Pentest & Windows security research (I stopped using this account in December 2022) ➡ Mastodon: @[email protected]Ulf Frisk @UlfFrisk
7K Followers 963 Following IT-Security Minion | https://t.co/N1gIUL5rKc | https://t.co/XbBOnQPYoK | DMA | PCILeech | MemProcFSgandolf @_gandolf
977 Followers 2K Following Game Security. I dabble in the Windows kernel sometimes. Former U.S Marine, Haitian Descent. #blacktechtwitterCarrie Roberts @OrOneEqualsOne
5K Followers 423 Following Mechanical Engineer turned Developer turned Pentester turned Red Teamer turned Blue-ish Purple. Instructor for Antisyphon Training. GIAC GSE Certification.Cybergibbons 🚲🚲.. @cybergibbons
49K Followers 3K Following Head of hardware. IoT hacker. Alpha Male.ᴊᴀᴋ ᴄooᴘᴇ.. @JakCooper
89 Followers 578 Following Daughter, Sister, Wife, Happy Human. Born in the UK - Living in the USA!Gal De Leon @galdeleon
1K Followers 463 Following Fuzzing, vulns & exploits. MSRC top researcher (2018, 2019, 2020). Tweets are my own.Georgios Baltas @gebaltas
607 Followers 73 Following All things systems security. Opinions are my own.Johnathan Norman @spoofyroot
4K Followers 334 Following Security research and engineering lead at @microsoft. Don't feel welcome here. Moved to mastodon: https://t.co/YfJkktByFvMax Moroz @Dor3s
2K Followers 428 Following ByteDance / TikTok Security. Past: @GoogleChrome Security and https://t.co/Ni4fXsguyC. @BalalaikaCr3w (& LC↯BC) CTF team. Hopefully all tweets are mine.billy leonard @billyleonard
4K Followers 635 Following pogue life. @Google TAG, Global Head of Analysis of State Sponsored Hacking And Threats.Jelena 😷 @_j3lena_
5K Followers 1K Following Pediatric nurse/ ICU nurse/ Psychiatric and mental health nurse Privacy & Security in healthcare Activist #LongCovidI noticed an interesting change starting from Windows 11 22H2 in the behavior of NtSystemDebugControl when taking a live kernel dump (SysDbgGetLiveKernelDump) including user-mode pages (flag IncludeUserSpaceMemoryPages). Until Windows 11 21H2 code in nt!DbgkCaptureLiveKernelDump…
Finallyyyyy! Best book about Windows Security Internals by @tiraniddo just arrived 🥳
Wireshark now has an easy way to embed TLS pre-master secrets (SSLKEYLOGFILE) into a capture file from the GUI: Edit -> Inject TLS Secrets This will make it MUCH easier to save decrypted TLS sessions in a .pcapng file to share with others!
@tiraniddo A couple years later... it's now fixed (in spec at least)! winprotocoldoc.blob.core.windows.net/productionwind…
finally received in France! Thanks @tiraniddo :)
@tiraniddo @u1fh3dn42 @nostarch I just received mine!
Super stoked to finally get the paper copy of another great @nostarch publication to add to my shelf! Definitely a great read and full of excellent material...thanks @tiraniddo for putting it all together! 🙌🤘😎
@tiraniddo @billpollock @nostarch @Lee_Holmes Awesome!! This is a huge accomplishment! Definitely going to pick this one up. My book will be out soon-ish too, so your post is my inspiration haha 😁
Excited to see this published!! Congrats @tiraniddo !
This new book has finally arrived. Thank's to @nostarch as well as @billpollock for making it happen as well as @Lee_Holmes as my tech reviewer.
cover art goes hard
This new book has finally arrived. Thank's to @nostarch as well as @billpollock for making it happen as well as @Lee_Holmes as my tech reviewer.
My friend @tiraniddo wrote his second book. He won the first ever $100k bug bounty from Microsoft. He’s a genius & a great writer of technical content. Buy his book & learn from one of our industry’s greatest living legends, available from @nostarch now: nostarch.com/windows-securi…
This new book has finally arrived. Thank's to @nostarch as well as @billpollock for making it happen as well as @Lee_Holmes as my tech reviewer.
James is next level genius - and with @Lee_Holmes as a tech reviewer you know this book is on point! Buy it! It has been a joy to partner with James - and to be included in a mention with former MSRC greats such as @k8em0 and @n0x08 is an absolute honor. @nicfill @msftsecresponse
This new book has finally arrived. Thank's to @nostarch as well as @billpollock for making it happen as well as @Lee_Holmes as my tech reviewer.
@tiraniddo @PyroTek3 @nostarch @billpollock @Lee_Holmes Preodered!
Looks very interesting. I'm currently buying @nostarch books faster than I can read them.
This new book has finally arrived. Thank's to @nostarch as well as @billpollock for making it happen as well as @Lee_Holmes as my tech reviewer.
@tiraniddo @nostarch @billpollock @Lee_Holmes Was waiting for this for quite long. Hope after the heatwave we're passing through, I am gonna go through it
@tiraniddo @nostarch @billpollock @Lee_Holmes Ordered. Went to no starch press and ordered direct.
@tiraniddo @nostarch @billpollock @Lee_Holmes pre-ordered!
@tiraniddo @nostarch @billpollock @Lee_Holmes I've already got immense value from the early access version. Can't wait for the hard copy.
@tiraniddo @nostarch @billpollock @Lee_Holmes What an amazing book @tiraniddo. I have been learning a lot and applying some tips that you gave in the book. I was reading other internals windows books and you touch great topics for security.
@tiraniddo @nostarch @billpollock @Lee_Holmes Congrats, will pick up a copy!