wout @woetroe2
oscp crto crtl Joined April 2020-
Tweets477
-
Followers43
-
Following1K
-
Likes3K
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…
Analysis of Windows CLFS #EoP vuln (#CVE-2025-29824) in-the-wild exploitation sample and root cause Report: ti.qianxin.com/blog/articles/… ITW sample: virustotal.com/gui/file/808cb…
Exciting times. I'm publishing Dittobytes today after presenting it at @OrangeCon_nl ! Dittobytes is a true metamorphic cross-compiler aimed at evasion. Use Dittobytes to compile your malware. Each compilation produces unique, functional shellcode. github.com/tijme/dittobyt…
Announcing our whitepaper on the future of endpoint security. preludesecurity.com/runtime-memory…
blog.malicious.group/the-quiet-side… This is a living document at the moment, but here it is for now. 😅As mentioned in the paper, if you are a researcher and have questions after reading, just reach out to me and I will answer everything I can.
Wintel is coming for your SMEP bypasses! No more flipping the U/S bit in a PTE to mark a user-mode page as supervisor-mode on Intel Arrow Lake CPUs :) (note: this is meant for protection against speculative attacks, with the side effect of becoming SMEP 2.0)
We’re cooked, guys. A new vulnerability has been discovered in sudo and you don’t even need to be in the sudo group to get root. I just tried it 👇
Just wrapped up our talk at @reconmtl ! 🎤@t0nvi 🚀 My Emulation Goes to the Moon (Until FALSE_FLAG) is now also a blog post: 📖 retooling.io/blog/my-emulat… 🎥 cfp.recon.cx/recon-2025/tal… #recon2025 #reverseengineering #emulation
Published the third part of my blog series about Hydroph0bia (CVE-2025-4275) vulnerability, this one is about the fix as Insyde applied it, and my thoughts on improvements for it. coderush.me/hydroph0bia-pa…
Weekly summary is out.. ctoatncsc.substack.com/p/cto-at-ncsc-…
Releasing this fun tool Golem based on @0xdea, LLVM, LLM and @semgrep Golem automates C/C++ vulnerability discovery by combining Semgrep rule scans, LLVM call-graph & CFG slicing, and AI-driven context analysis. Tool: github.com/20urc3/golem Article: bushido-sec.com/index.php/2025…
Here's our new blog on hiding your implant in VTL1, where even an EDR's kernel sensor can't see it.🧑🦯 Post includes full operational details. Plus our OST offering has been updated with a Cobalt Strike sleep mask exploiting secure enclaves. Full read ➡️ outflank.nl/blog/2025/06/1…
Dive deep into malware detection with the latest article by John Uhlmann: "Call Stacks: No More Free Passes for Malware." Discover how call stacks provide vital insights into malware behavior. Read more: go.es.io/4kDWjgr
How #PreventionEngineering is used to stop #ADCS 𝐂𝐞𝐫𝐭𝐢𝐟𝐢𝐞𝐝 𝐏𝐫𝐞-𝐎𝐰𝐧𝐞𝐝 attacks? @SagieDulce demos how attacks via #Certify and other tools are mitigated with the #RPCFirewall, #LDAPFirewall and #NetworkSegmentation. Read more here: hubs.li/Q02PlSxC0
New post: dawnslab.jd.com/%E4%B9%8B%E6%A… writeup for CVE-2025-22056, which we also found but collide with other researchers. A nice bug that can be stably exploited to get kernel privilege on Ubuntu.
🎉 It is finally time for a new blog post! 🎉 Join us on our deep dive into Windows Authentication Coercion and its current state in 2025, including some brand-new tooling ✨ #itsec #infosec #pentest #redteam blog.redteam-pentesting.de/2025/windows-c…
Good morning! Just published a deep dive into PatchGuard internals: how it works, key internal functions, context init, and possible bypasses. r0keb.github.io/posts/PatchGua…
Hypervisors for Memory Introspection and Reverse Engineering by @memn0ps secret.club/2025/06/02/hyp…
🚨 New Blog Post Read the full post to understand the risks and how to protect your systems: ow.ly/608550VZPNB #Cybersecurity #WindowsSecurity #PrivilegeEscalation #Vulnerability #InfoSec
New blog post: Fuzzing Microsoft Defender's mpengine.dll using snapshot fuzzing (WTF, kAFL/NYX). We uncovered several out-of-bounds read & null dereference bugs that can crash the main Defender process on a file scan. Details -> labs.infoguard.ch/posts/attackin…
Uzrowar @Uzrowar428
16 Followers 496 Following I am not a product of my circumstances. I am a product of my decisions.
EZ @IAMERICAbooted
2K Followers 1K Following Yesterday is history. Tomorrow is a mystery. Cloud Solutions Engineer at Contoso. Hacktive Directory admin. Posts don't represent my employer(s).
Gwendolyn Monahan @GwendolynM72334
34 Followers 2K Following
CarolineSawyer @wq8l9byK3EN82
112 Followers 4K Following Lawyer by day | True crime podcaster by night ⚖️🎙️
Samanta Goyette @SGoyette48818
121 Followers 4K Following
Erbounlal @Erbounlal64178
78 Followers 3K Following
Alibabas @0x_alibabas
76 Followers 359 Following
jcatblackhat @jcatblackhat
135 Followers 168 Following Justin Credico VXR from VX Heavens (now chillin w/ VX Underground) ransomwarez cyberwarz clandestine chemistry lawz sole proprietor
Harriett @h_toone31
202 Followers 3K Following
Charles Shirer @bsdbandit
25K Followers 27K Following A Hacker who is A Lover of People, and Life @RetroTwinz @Secbsd, @GrumpyHackers, @NovaHackers, @deadpixelsec @hacknotcrime Advocate @PositivelyBlue_ OSCP, OSWP
PhyllisAlice @6nP48xm01RVzbA
94 Followers 2K Following
Michael🙏🏻 @Michael52851968
860 Followers 8K Following May lord comfort you for what ever you are doing brothers and sisters. Support us here🙏🏻✝️
Amankumar Badhel @amanbadhel1993
26 Followers 724 Following
md jaker hossain @mdjakerhos72086
239 Followers 2K Following Md Jaker Hossain Cybersecurity Enthusiast | Ethical Hacker | SEO Specialist 💼 3+ Years Experience | 🌍 Working on Fiverr & Upwork
Aiming Duck @AimingDuck
2 Followers 174 Following
Forrest Orr @_ForrestOrr
4K Followers 526 Following Red Teamer, low level coding extremist and malware researcher. Windows exploit writer and bug hunter
cryptoplague 🇺🇦 @cr7pt0pl4gu3
305 Followers 373 Following Offensive Security Specialist | OSCP | OSCE3 | OSMR | pro-radfem | 🇺🇦
S0ns3 @0xs0ns3
86 Followers 131 Following Red Team Operator | Researcher | Everything burn when it come close to the sun ☄
︎ ︎ @0xocdsec
4K Followers 7K Following ︎ ︎︎ ︎︎ ︎︎ ︎︎ ︎🏴☠️ ︎︎ ︎︎ ︎︎ ︎︎ ︎🌹︎ ︎︎ ︎︎ ︎︎ ︎︎ ︎ ︎︎🏴☠️︎ ︎︎ ︎︎ ︎︎ ︎︎ ︎💚︎︎ ︎︎ ︎︎ ︎︎ ︎︎ ︎🇺🇦 ︎︎ ︎︎ ︎︎ ︎︎ ︎︎|︎ ︎︎ ︎︎ ︎︎ ︎︎603,628 km² ︎ ︎︎
shamrock hoax @shamrockhoax
263 Followers 785 Following
0x4d @0x4d_
2K Followers 1K Following
Hors @horsicq
5K Followers 1K Following Binary researcher. Assembler/C++. Author of many RE tools: https://t.co/DYTw9z5RSf
Peter Winter-Smith @peterwintrsmith
6K Followers 3K Following Security researcher & implant developer @mdseclabs; developing SAST @wsastsupport; malware, code analysis, appsec, cryptography. Trying to follow Christ.
rce_trent @rce_trent
217 Followers 775 Following Disclaimer: Does not represent professional advice, opinions, or employer. CTI-League Member. Former Fortinet. Former Symantec. Former Big4. Former Transformer.
Dmitry Vostokov 🇮�... @DumpAnalysis
8K Followers 6K Following Diagnostician. Author of Diagnomicon. Gang of One. Software Surgeon. Machine Learning and AI for Software Diagnostics and Observability. Generative Debugging.
Victor vdH @D0y0u3v3nl33t
267 Followers 981 Following Red team enthusiast, malware tinkerer and pentester
Hakai Offsec @HakaiOffsec
544 Followers 272 Following We discover security flaws that your team would never have thought of. https://t.co/1go7S1J6cm
Ionut Popescu @NytroRST
4K Followers 4K Following Interested in C/C++, ASM, Windows internals, reverse engineering, exploit & shellcode development and advanced web exploitation. GitHub: https://t.co/nyWUyFo0KW
Game Hacking Academy @GameHackingAcad
2K Followers 2K Following Publishing game hacking tutorials at https://t.co/lZxoetqs7Q.
Wolpertwo 📯 @Wolpertwo
1K Followers 3K Following „Westoid Cyberhawk“ Remember to talk to your CISO about activating EventID 4688 with commandline logging via GPO. Забирайся звідси, Сталкер
Paupertelecom @PauperTelecom
285 Followers 302 Following Paupertelecom poogt te verbinden met unieke en spraakmakende telecommunicatie oplossingen. Bel onze klantenservice: 053 240 1200
tzar @dsec_net
314 Followers 513 Following Red Teamer, this is the neglected home of my security ramblings. Sometimes there's useful stuff.
EZ @IAMERICAbooted
2K Followers 1K Following Yesterday is history. Tomorrow is a mystery. Cloud Solutions Engineer at Contoso. Hacktive Directory admin. Posts don't represent my employer(s).
Tibor Blaho @btibor91
31K Followers 2K Following Lead Engineer at @AIPRMcorp (https://t.co/fepyWfV4kA) and @lrt_co (https://t.co/p7LEvIKduG), building AIPRM for ChatGPT & Claude. Signal @ btibor.91
kr0tt @_kr0tt
85 Followers 264 Following
Dark Web Informer @DarkWebInformer
132K Followers 58 Following Providing intel from the Dark Web & Clearnet: Breaches, Ransomware, Darknet Markets, Threats & more. Follow the X Bot: @DarkWebIntelBot. https://t.co/Fi7VW9lg94
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
Bill Marczak @billmarczak
13K Followers 357 Following senior researcher @citizenlab, phd @UCBerkeley, co-founder @BHWatch. كلنا راجعين
Yeeb @Yeeb_
255 Followers 490 Following Penetration tester, red teamer and capture the flag player with incident response experience.
Almond OffSec @AlmondOffSec
823 Followers 1 Following Offensive Security team at Almond - Follow us also on https://t.co/cIfn3rvLxC
REcon @reconmtl
17K Followers 700 Following REcon: Annual reverse engineering and security conference held in Montreal.
Eduardo Vela @sirdarckcat
12K Followers 602 Following not mad. mentally divergent. personal profile, opinions my own. everything I say is probably wrong. 🐘 @[email protected]
Charles Fol @cfreal_
4K Followers 670 Following previously @ambionics @LexfoSecurite – blogs: https://t.co/cLoNdCGPU7 https://t.co/JVMLjUzTJU https://t.co/t9a5IcOXSU
Helthydriver @Helthydriver
674 Followers 571 Following
Hot Fiendish Dr. Noid... @_noid_
6K Followers 1K Following @DEFCON Organizer (1993 - 2013), @Layer_One Founder, #DC206 Founder, Herder of Chickens, Keeper of Bees, Eater of Ice Cream. Follow me on OnlyFans
Dodge This Security @shotgunner101
7K Followers 5K Following Computer Security Professional. Tweets are my own. Rooster Teeth Archive Project: https://t.co/gawoj5ZZyG
TomU | I'm still here... @c_APT_ure
8K Followers 6K Following #InfoSec professional, husband & father of two (in random order). #BlueTeam #DFIR #APT #CTI #RedTeaming #BSidesZH (RT/Likes ≠ endorsement) 👀➡️#MalwareChallenge
jcatblackhat @jcatblackhat
135 Followers 168 Following Justin Credico VXR from VX Heavens (now chillin w/ VX Underground) ransomwarez cyberwarz clandestine chemistry lawz sole proprietor
AnMioLink @anylink20240604
273 Followers 15 Following 404.02 Undefined Request Behind the fog where the link lead. I'm not here, so do you. Ver. Confusus
sixtyvividtales @sixtyvividtales
21 Followers 1 Following Same foundation, optimized execution. No wasted potential. No wasted motion.
kokumօtօ @__kokumoto
6K Followers 328 Following #Infosec kiddy. All posts are personal. 情報処理技術者(全区分) ISSAP/ISSEP/ISSMP/CISSP/CCSP/CSSLP/CGRC/SSCP/CC/OSCP/OSEP/CISA/CISM/CRISC/AAIA/CIA/CRMA/CAMS. MS27 @INICMU
William Knowles @william_knows
1K Followers 3 Following
root@alex:~/ # @offsec_ginger
2K Followers 200 Following Hacker Wannabe • Fan of Stitch • #OSCP #GXPN • #infosec #hacking #judo • Standard Disclaimer Jargon
Dor @Dor00tkit
373 Followers 663 Following
Toffy @toffyrak
195 Followers 222 Following
Nacho Gomez @_nag0mez
455 Followers 394 Following Offensive Security @ NCC Group | ❤️ Breaking Things
Pavlo Myroniuk @TheBestTvarynka
78 Followers 126 Following A software developer from Ukraine. Loves Rust and open-source software.
Crispr @crispr_x
490 Followers 330 Following CTFer@Dubhe / 2024 & 2025 MSRC MVR / Windows security / Web security/ Red Teamer / BlackHat USA Graduate for Ph.D. in Fudan University
Costin Raiu @craiu
39K Followers 7K Following Cybersecurity researcher focused on threat intel & APTs. Breaking down attacks, hunting threats, and crafting YARA rules. 🛡️💻 #ThreatIntel #CTI #Crypto #YARA
Ryan Naraine @ryanaraine
28K Followers 838 Following 🎧 Three Buddy Problem: https://t.co/ZGEyqy2h7g. ✍🏼 Writing: @securityweek 🗣️ Conference: @labscon_io
Ivan Rouzanov @ivanrouzanov
2K Followers 1K Following Debug Engineer. Windows, drivers and all things kernel mode. I express my views, not my employer's. My views are my own and just my personal opinions.
cocofelon @1Cocofelon
3K Followers 2K Following Offensive Security Engineer| MQL5 developer | [email protected] | https://t.co/gPT0NWTi6w
White Knight Labs @WKL_cyber
443 Followers 34 Following We are a small band of engineers that work intimately with our clients to develop risk-based approaches to improve the overall security of their business.
Ver @Ver0759
387 Followers 130 Following Windows Security / 2024 MSRC MVR #11 / CTFer @天枢Dubhe / Tweets are my own.
Hiroshi Suzuki @herosi_t
825 Followers 295 Following A malware analyst, forensic investigator, incident responder and researcher. A conference speaker and trainer such as Black Hat, Virus Bulletin and FIRST.
Trends for United States
You might like
