Maxime Thiebaut @0xThiebaut
308 Permanent Redirect Location: https://t.co/xKLuDM5iDl 🇧🇪🕊🇺🇦 thiebaut.dev @[email protected] Joined January 2019-
Tweets92
-
Followers709
-
Following147
-
Likes759
Holy shit @DarthNull darthnull.org/noisestorms/
New blog post! Title: Hunting Chromium Notifications | By @0xThiebaut (Maxime Thiebaut) Link: wp.me/p84lDr-4sj #ThreatHunting #Phishing #Chromium #Chrome #Edge #Forensics
New blog post! Title: MEGAsync Forensics and Intrusion Attribution | By @0xThiebaut (Maxime Thiebaut) Link: wp.me/p84lDr-4FS #Forensics #MEGAsync #LockBit #Python #Statecache
Respectfully, your proposal does break encryption. I am happy to spend as much time as you need reviewing in as much detail as you are comfortable with exactly how it breaks encryption, and why this is so dangerous.
Respectfully, your proposal does break encryption. I am happy to spend as much time as you need reviewing in as much detail as you are comfortable with exactly how it breaks encryption, and why this is so dangerous.
ScriptBlock Smuggling is a new technique, developed by @_Hubbl3 & @Cx01N_ that allows that allows for the spoofing of PowerShell security logs & bypasses AMSI without the need for reflection or memory patching. Learn all about in our new blog post! bc-security.org/scriptblock-sm…
Tune in now!
We're closing out today's #ransomwareSummit w/ @_pete_0 & @0xThiebaut exploring the evolving landscape of #ransomware tactics and strategies, providing actionable insights for bolstering #cybersecurity defenses. Register Free to Join / Access Recordings: sans.org/u/1soB
At #RansomwareSummit, @_pete_0 & @0xThiebaut will explore the evolving landscape of #Ransomware tactics and strategies, providing actionable insights for bolstering #Cybersecurity defenses. Register for Free Live Online: sans.org/u/1soB
New blog post! Title: Covert TLS n-day backdoors: SparkCockpit & SparkTar | by NVISO Incident Response Link: wp.me/p84lDr-4w7 #Forensics #ReverseEngineering #CVE #Ivanti #PulseSecure
From ScreenConnect to Hive Ransomware in 61 hours ➡️Initial Access: ScreenConnect ➡️Defense Evasion: BITS Jobs, Embedded Payloads ➡️Lateral Movement: Impacket, RDP, SMB ➡️C2: ScreenConnect, Atera, Splashtop, Cobalt Strike, Metasploit ➡️Exfil: Rclone thedfirreport.com/2023/09/25/fro… 1/X
@JAMESWT_MHT Awesome article, and here is the tool that came with it put together by @0xThiebaut: github.com/0xThiebaut/PCA… Works like a charm; I used it more than once 🙂
IcedID & Qakbot's VNC Backdoors: Dark Cat, Anubis & Keyhole blog.nviso.eu/2023/03/20/ice…
Got the account locked because of DMCA. 🤦♂️ Forget to screenshot the step after the first screenshot, but anyway, it did not include which tweet got reported and by who, should check emails it said. So going to check now...
A Truly Graceful Wipe Out ➡️Initial Access: Email > TDS > Truebot download ➡️Credentials: LSASS & Registry Dump ➡️Persistence: Scheduled Task ➡️C2: Truebot, FlawedGrace, Cobalt Strike ➡️Exfiltration: FlawedGrace ➡️Impact: MBR Killer thedfirreport.com/2023/06/12/a-t… 1/X
A new report will be out June 12th by @Kostastsale, @svch0st & @0xThiebaut! This report will have a few things we haven't covered before, you won't want to miss it! Want to receive an email when we publish the report? Subscribe below thedfirreport.com/subscribe/
@malwrhunterteam @ShadowChasing1 @h2jazi maybe that someone was @0xThiebaut
🔎 IcedID’s VNC Backdoors: Dark Cat, Anubis & Keyhole A summary of #VNC #backdoor capabilities @0xThiebaut reconstructed from network traffic. 👀 Screenshots, videos and clipboard data at blog.nviso.eu/2023/03/20/ice… #Malware #PCAP #Reversing
A few weeks ago Microsoft released #CVE_2022_41120, a “Microsoft Windows #Sysmon Elevation of Privilege Vulnerability” reported by @filip_dragovic . With the #vulnerability and original #PoC released, I can now share the first time I #diff'ed a patch. thiebaut.dev/articles/diffi…
A few weeks ago Microsoft released #CVE_2022_41120, a “Microsoft Windows #Sysmon Elevation of Privilege Vulnerability” reported by @filip_dragovic . With the #vulnerability and original #PoC released, I can now share the first time I #diff'ed a patch. thiebaut.dev/articles/diffi…
https://t.co/f74ECyon45
For any #Microsoft365Security analysts out there, we've published addons.mozilla.org/addon/zipit/ to password-protect your #Malware downloads through the #LiveResponse sessions 🪲 A standard feature one could have said... #infected #zip
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
NVISO Labs @NVISO_Labs
4K Followers 371 Following NVISO Labs is the research arm of @NVISOSecurity, focused on infosec research. This is where our lab rats share the results! 🐀
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows | Interested in Security, Debugging, and Windows Internals.
Alexander Sinno @SinnoAlexander
672 Followers 766 Following 🌐 Cyber Security | 🇱🇧 🇬🇷 Ο Ελληνολιβανέζος | Γεννήθηκα στη Μασατσούσεττς. Living in Holland 🇳🇱
Kostas @Kostastsale
18K Followers 367 Following @TheDFIRReport | No longer active here – find me on Bluesky: https://t.co/qHzDSxCRfG. 🇬🇷🇨🇦
Olaf Hartong @olafhartong
17K Followers 965 Following @FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model
Jean @Jean_Maes_1994
12K Followers 1K Following @sansoffensive Certified instructor/SEC565 author/SEC699 co author
Alexandre Dulaunoy @a... @adulau
8K Followers 7K Following Enjoy when humans are using machines in unexpected ways. I break stuff and I do stuff. @[email protected]
Dexter @dextercasey
299 Followers 241 Following
Stefano @St78865642
0 Followers 23 Following
Lis21 @Lispen123
40 Followers 190 Following
Badr Eddine Boukari @P3dr0_s3c
2 Followers 44 Following
Cyber Ghost @CyberGhost13337
283 Followers 1K Following Hacker - Reverse Engineer - Malware Analyst - PWN lover https://t.co/f0z8MFOf9E
timlake @timlake252160
0 Followers 2K Following
1337ice_cream @1337ice_cream
73 Followers 311 Following Your Favorite Researcher's Favorite Researcher
lynchan @lynchan79
55 Followers 3K Following
Abolfazl Hayati @HayatiAbolfazl
6 Followers 377 Following و تو چه میدانی، شاید تقدیرت بهتر از آرزویت باشد…
Alpanama @Alpanama
50 Followers 951 Following
Cyber_nerd @Benjamin15469
94 Followers 1K Following Security + Pentesting + Web + Mobile + Network + Cloud + Ai + RE + IR
maT @maTsalgad0
15 Followers 270 Following Just another cyber warrior on a mission to battle black hat sorcerers in the digital realm.
babyfaceA @onlyavxo
171 Followers 390 Following
TechWizNet (❖,❖) @TechW1zNet
262 Followers 2K Following On the path to becoming a cybersecurity expert. Currently building skills in penetration testing and auditing smart contracts.
Gheorghiu Alexandru @GheorghiuAlex7
0 Followers 38 Following
test domain @User2Micro
721 Followers 4K Following
cl0ak_th3_r3ap3r @ghostin43
18 Followers 467 Following
Lontz @lontze7
1K Followers 422 Following Threat Intel Researcher. Opinions are mine. Special thanks to @censysio , @ValidinLLC & @ReversingLabs for making my research easier.
Vinod More @vinodm41
95 Followers 2K Following Incident Response | Threat Hunting | Threat Intelligence | Threat Research | Red Teaming
v5iix @v5iix_
2 Followers 135 Following
Kopper Ngounou @ngounoukopper
597 Followers 2K Following Co-Founder @mboactf 🇨🇲 | Beta #MLSA | Tech & Cybersecurity🛡️ Lover😍| Certified AZ-SC-900 | Cloud ☁️ Enthusiast | CTF Payer⛳
fathallah @FathallahBlh
1 Followers 246 Following
Deivison Mendes @psideivison
27 Followers 399 Following Acadêmico de Cybersecurity / Coordenador de BlueTeam / Psicologo / Threat intelligence Research / Mentor de cybersecurity
James Ibrahim @JamesIb54140322
55 Followers 3K Following
McSortue @McSortue280
107 Followers 3K Following
Marcin Marczewski @martinezku
217 Followers 2K Following CBCP, vCISO, black swans foreseer, business & cyber resilience architect, @resiliapl CEO, @KozminskiUni CyberSec postgraduate studies lecturer
ac@t:~# @iAngelus
179 Followers 3K Following Scio me nihil scire. #ThreatIntel/#CTI now; was #IncidentResponse/#IR. Humanities (AB Φ, Comm) grad, ex-seminarian (λόγος). Impostor Syndrome ∞. Opinions∴mine.
Vxshellew @vxshellew
551 Followers 4K Following
Boğaç @bogackayaa
36 Followers 405 Following
Gz.hk🇭🇰 @garyvgroup
7K Followers 1K Following cooking: @megafun2025 Web3浪没人管|Web3Fund @Dao_Trust VP | https://t.co/bAk5alXR0A 品牌挚友 / Web3 Buidler & Marketing & Education
Meruem @Meruem49839142
170 Followers 8K Following
Choupisson @Choupisson6
11 Followers 169 Following
nanjin002 @nanjin00272827
21 Followers 4K Following
skydrivesec @skydrivesec
0 Followers 66 Following
Derek Moore @derekm00r3
3K Followers 6K Following Scientist, technologist, programmer, entrepreneur, engineer https://t.co/CDu5AxFN1m
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Ivan Kwiatkowski @JusticeRage
11K Followers 75 Following Security @Meta. Maintainer of Manalyze, Gepetto, and writer. Trolling on a purely personal capacity.
NVISO Labs @NVISO_Labs
4K Followers 371 Following NVISO Labs is the research arm of @NVISOSecurity, focused on infosec research. This is where our lab rats share the results! 🐀
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows | Interested in Security, Debugging, and Windows Internals.
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Alexander Sinno @SinnoAlexander
672 Followers 766 Following 🌐 Cyber Security | 🇱🇧 🇬🇷 Ο Ελληνολιβανέζος | Γεννήθηκα στη Μασατσούσεττς. Living in Holland 🇳🇱
NVISO @NVISOsecurity
3K Followers 57 Following NVISO is a European cyber security start-up. Key focus includes Incident Response, Penetration Testing, Cyber Strategy & Awareness, and R&D (@NVISO_Labs)
Kostas @Kostastsale
18K Followers 367 Following @TheDFIRReport | No longer active here – find me on Bluesky: https://t.co/qHzDSxCRfG. 🇬🇷🇨🇦
hasherezade @hasherezade
89K Followers 910 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
4n6lady @4n6lady
62K Followers 669 Following #DFIR & #BlueTeam | IR & Threat Detection | #OSINT enthusiast | waiting for HL3 | AWS CIRT - my views are my own
MalwareHunterTeam @malwrhunterteam
244K Followers 38 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
The DFIR Report @TheDFIRReport
62K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion. Services: https://t.co/XW613EKt2w
Olaf Hartong @olafhartong
17K Followers 965 Following @FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model
Jean @Jean_Maes_1994
12K Followers 1K Following @sansoffensive Certified instructor/SEC565 author/SEC699 co author
0verfl0w @0verfl0w_
16K Followers 257 Following Malware Reverse Engineer & Malware Analysis Course Author | RE @ Unit 42
Alexandre Dulaunoy @a... @adulau
8K Followers 7K Following Enjoy when humans are using machines in unexpected ways. I break stuff and I do stuff. @[email protected]
Devon Kerr @_devonkerr_
8K Followers 722 Following Director of Threat Research and @ElasticSecLabs team lead; custodian of secret histories. Posts are my own.
Jonathan Bar Or (JBO)... @yo_yo_yo_jbo
4K Followers 1K Following Hacker, security research architect for @Microsoft Defender. Member of @thegooniesctf. Linux, Windows, Android, MacOS, iOS, ChromeOS, bare metal. 日本語オーケーです👌
PIVOTcon @pivot_con
933 Followers 276 Following Threat Research Conference in Europe - Malaga, Spain - 7-9 May 2025. #StayTuned #ComingSoon #PIVOTcon #PIVOTcon25
Fox_threatintel @banthisguy9349
14K Followers 261 Following Just a person who is against cyber crime and dictators like Putin
Sergey Lozhkin @61ack1ynx
2K Followers 478 Following Head of Global Research and Analysis Team(GReAT) - Asia Pacific, Middle East Turkey and Africa
MetallicHack @MetallicHack
838 Followers 379 Following 🇨🇵 Cybersecurity engineer enjoying Windows & AD security, DFIR and detection engineering @TheDFIRReport analyst
shenetworks @shenetworks
72K Followers 844 Following a menace • hacker • shenetworks @ TikTok & YouTube & Twitch. Co-Host of @breakingthepod. New episodes biweekly.
TracketPacer @TracketPacer
58K Followers 396 Following 🚀 rockit network engineer 👩🏼💻🛜 weird use cases & silly tech | find me on a platform not run by a nazi 👋🏼
malware_traffic @malware_traffic
2K Followers 0 Following
Cthulhu ( ;,;) @Cthulhu_Answers
16K Followers 6K Following ( ;,;) 🌮 🐙 Amateur Astrobiologist, Gravitic Propulsion Engineer, Eldritch Historian, Antifa Commander, Defcon TentacleOps. #CoT
Zach @svch0st
4K Followers 1K Following Everything DFIR @TheDFIRReport | @CuratedIntel | @XintraOrg https://t.co/ggakuKBS0S
Tornado @0xtornado
3K Followers 541 Following Incident Responder & @TheDFIRReport Member • Hunting and dissecting smart creatures called malware, doing forensics between whiles…
Miixxedup @Miixxedup
400 Followers 547 Following CTI at @Mandiant | Analyst at @TheDFIRReport | Security Intelligence, Automation and Innovation | Sourdough baker noob but a connoisseur anyway.
Alessandro Di Carlo @samaritan_o
2K Followers 1K Following Sr. Product Manager, XDR @Malwarebytes ThreatDown - @TheDFIRReport Analyst - 3x @SANSInstitute Lethal Forensicator - GCFA - GASF / Opinions Are My Own
𝙽𝙴𝚃𝚁𝙴�... @netresec
9K Followers 815 Following Experts in Network Forensics and Network Security Monitoring. Creators of #NetworkMiner, #CapLoader, #PacketCache, #PolarProxy and #RawCap.
Team Cymru Threat Res... @teamcymru_S2
5K Followers 93 Following Follow us for the latest blogs and IOCs from Team Cymru Threat Research A part of @teamcymru
Wiebe Willems @wiebe_willems
161 Followers 524 Following 🇧🇪 Ethical Hacker | Security Researcher @NVISOsecurity | Thoughts are my own.
Felix @felixw3000
2K Followers 499 Following 👨💻 Engineer, passionate about IT security 🔬 Daytime: Researcher @SophosXOps 🧪 Nightime: write-ups on experiments @ https://t.co/JD9nTOciQE 🙋 Opinions are my own
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
Daan Raman @ramandaan
47 Followers 202 Following
St0pp3r @_st0pp3r_
223 Followers 261 Following Detection Engineering · Threat Hunting · Incident Response
Andrea Allievi @aall86
5K Followers 375 Following Currently Senior Windows Core OS Engineer, Windows Internals Enthusiast and Book author, tennis lover, currently working for MS. Opinions and tweets are my own.
SwiftOnSecurity @SwiftOnSecurity
405K Followers 9K Following computer security person. former helpdesk.
Rick and Morty @RickandMorty
2.5M Followers 203 Following Watch Rick and Morty on @adultswim and @streamonmax
GitHub Security @GitHubSecurity
14K Followers 90 Following The @github Security team. 🚨 Report vulnerability: https://t.co/wTLhTm60PQ. Security Research: @GHSecurityLab. We're hiring!
Microsoft DART @MicrosoftDART
2K Followers 3 Following We are the Microsoft Detection and Response Team. All things #DFIR #IncidentResponse
Pierre-Alain Mouy @pamouy
11 Followers 38 Following
mr.d0x @mrd0x
44K Followers 296 Following Security researcher | Co-founder https://t.co/QxBlzp9A8w | https://t.co/zqMXQRZjQN | https://t.co/Fq7WSqTBva | https://t.co/eKezFcO6nd
Gal Z @0xgalz
6K Followers 431 Following Security Researcher. Reverse Engineering 💙 Vulnerability Research 💜 Embedded 🤖 C++🤩 OS Internals 🤍 Sewing🧵 Classical Music🎼 Opinions are my own.
Ariel Jungheit @ArielJT
1K Followers 214 Following Life under the sea was so much easier | Threat Research @harfanglab | Maker | Tweets are my own
Lawrence Abrams @LawrenceAbrams
18K Followers 837 Following Ransomware, Online Security, and Malware. Owner, Editor in Chief of @bleepincomputer. DM on Signal: LawrenceA.11 * https://t.co/LXVRoICs8Z
out of context brookl... @nocontxt99
385K Followers 20 Following if i die, turn my tweets into a book @nocontxtcloud9 @spidermannwh
Ido Veltzman @Idov31
4K Followers 33 Following I'm a security researcher who uses this platform to share my projects and research. Opinions are my own. https://t.co/UiWgKq40sV
Tommy M (TheAnalyst) @ffforward
14K Followers 195 Following Threat Researcher @proofpoint | @Cryptolaemus1
R136a1 @TheEnergyStory
4K Followers 211 Following Malware reverse engineer, threat hunter, tool developer
John Lambert @JohnLaTwC
43K Followers 800 Following Corporate Vice President, Security Fellow, Microsoft Security Research, johnla(AT)https://t.co/3dGtq71Nby
Jeremy Dallman @jdallman
1K Followers 153 Following Microsoft Threat Intelligence. Mostly promoting work stuff & smart security people. Obsessed with good coffee & scotch. Opinions my own.
Simeon @simandsec
2K Followers 1K Following Threat Intel @Microsoft Threat Intelligence. @HowardU and @Cambridge_Uni alum. Founder @kc7cyber. Sometimes says things that make sense. Views are my own.
Ned Moran @moranned
2K Followers 403 Following Professor. Consultant. Analyst. Technologist. Security Geek. Privacy Advocate. Runner. Couch Potato.
Mark Parsons @markpars0ns
2K Followers 829 Following Threat Analyst @ Microsoft - mostly tweet about astrophotography and occasional some work. Tweets are my ownTrends for United States
You might like
