Christian Schulz @CS217_
Bavaria, Germany Joined January 2019-
Tweets297
-
Followers82
-
Following2K
-
Likes5K
Super simple, step by step way, to identify insecure delegations in Active Directory: 1. Download ADeleg 2. Run ADeleg 3. Click "View → Index view by… → Trustees" 4. Find and click on: - Authenticated Users - Everyone - Domain users - Domain Computers 5. Look for…
Sneak preview of the Hayabusa MCP server.
🔐 AccessLens – Visualize Microsoft Entra ID Conditional Access Policies. See policy scopes, apps, locations, device state, evaluation order & session controls in a clear interactive flow. Browser-only. Nothing stored. Nothing written back. 👉 accesslens.co.uk
@M_haggis In conclusion... AppLocker Inspector = a tool to help sysadmins get AppLocker right. Because “we deployed AppLocker” should mean more than “we checked a box.” 👇 👇 👇 👇 github.com/techspence/App…
In registered devices, windows sign in doesn't use Entra ID credentials, and no PRT at logon means: *conditional access & mfa aren’t enforced at sign in *local account or cached creds can bypass cloud identity checks *a threat actor with local access can pivot to the cloud…
In case you've been living under a rock... OpenIntuneBaselines (OIB) are probably a better starting point for most orgs than other benchmarks (including paid ones) This is the value of design and feedback by a community of passionate practitioners github.com/SkipToTheEndpo…
In case you've been living under a rock... OpenIntuneBaselines (OIB) are probably a better starting point for most orgs than other benchmarks (including paid ones) This is the value of design and feedback by a community of passionate practitioners github.com/SkipToTheEndpo…
It's been almost a year since my last blog... So, here is a new one: Extending AD CS attack surface to the cloud with Intune certificates. Also includes ESC1 over Intune (in some cases). dirkjanm.io/extending-ad-c… Oh, and a new tool for SCEP: github.com/dirkjanm/scepr…
Today at #Troopers24 we released Certiception – the ADCS honeypot we always wanted to have. Blog: srlabs.de/blog-post/cert… Source code: github.com/srlabs/Certice… Slide deck, including our guide to deception strategy: github.com/srlabs/Certice…
Default security settings are not security, and attackers/red-teamers are aware of this, and they rely on it. In every Cloud or AI PT engagement I had, my starting point is always the same, default configurations/security, and it works consistently. These defaults often expose…
#x33fcon 2025 talks: @kevin0x90 - Beyond PsExec - Stealthy Lateral Movement Techniques > youtu.be/C8i337_BdvE
🔴 Red and blue teams, this one's for you. 🔵 LudusHound bridges BloodHound Attack Paths with lab automation by creating a functional Active Directory replica testing environment. Read @bagelByt3s blog post for more. ghst.ly/40Ippn1
How to conduct a Password Audit in Active Directory (AD) | Pen Test Partners pentestpartners.com/security-blog/…
New video out 😊 showing how you can take control of port 445 and perform those magical relay attacks toward AD CS when working from a C2 agent. Way easier than before thanks to some great research by @zyn3rgy youtube.com/watch?v=e4f3h5…
It's July 2025 and I still regularly crack kerberoastable admin accounts. Here's one way to identify them... gist.github.com/techspence/ed9…
Domain controllers should be (should be) nearly ideal machines to run application control on. (If you can't run app control on domain controllers, where can you?) Believe me, I understand resource constraints, worries about reliability risk, etc. But we have to address this.
Domain controllers should be (should be) nearly ideal machines to run application control on. (If you can't run app control on domain controllers, where can you?) Believe me, I understand resource constraints, worries about reliability risk, etc. But we have to address this.
Do you know what's running on your Domain Controllers? During about 15% of assessments, we find a scheduled task that runs a script that's located on a share. We also find software that shouldn't be on a DC like VNC, Opera, Google Chrome, etc. Review your DCs to ensure they…
Dudes... please enable Detailed File Share auditing in your environment. All these attackers who switched over to the Impacket suite still run the default configs and it takes like 2 seconds to find them.
Hi everyone! 👋 Nimhawk v2.0 is coming — and it’s a big one! ✅ Decoupled: Electron client + TeamServer ✅ Multi-OS agent with its own logic ✅ Extension system for dynamic toolkit mutation/loading github.com/hdbreaker/Nimh… #redteam #maldev #offsec #c2framework #nim
Releasing a side project of mine: wsuks - automating the WSUS mitm attack🔥 github.com/NeffIsBack/wsu… TL;DR: If the Windows Server Update Service (WSUS) is configured to use HTTP instead of HTTPS, it's possible to take control of any Windows machine on your local network. 1/4🧵
New mode for BadSuccessor PS1 🤡
Casandra @casandraexum26
265 Followers 3K Following
EnidGibbon @1vs4B3hB4T3hNv
0 Followers 67 Following
Hazle Herzog @HHerzog68208
49 Followers 2K Following
Mwavau @Mwavau540
104 Followers 3K Following
Fuxar @Fuxar02126
31 Followers 994 Following
Alejandro Parodi @hdbreaker_
884 Followers 1K Following 2x Founder @VoltAI & @Hackmetrix, Security Researcher. D̶o̶n̶’̶t̶ have the drive to become a big scary famous hacker. I love vibe coded shit.
Chaya Ward-Moen @MoenWard38696
3 Followers 173 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/ELl4Wq2W7k
Jennifer Holloway @JenniferHo52583
153 Followers 2K Following
Amelia @SkilesStua29770
6 Followers 285 Following
AfraGabriel @gk8UFTN4uh71y
61 Followers 1K Following
Active Directory Thin... @ADAllTheTime
3K Followers 718 Following Microsoft Certified Master (MCM): Active Directory. Previously AD field engineer at Microsoft. Notes from the field & the lab (@duff22b)
Shewghoy @ShewghoycBC
42 Followers 5K Following
EmilyWindsor @6yWasT8o23Jw9BO
70 Followers 7K Following
Margaret @margaret_noble_
363 Followers 3K Following
MariaFaulkner @4jRuauI25WqRx
70 Followers 3K Following
Florence @ReezarlZ_8C2
7 Followers 558 Following
Phosmoth @PhosmothDigjZV
44 Followers 4K Following
Shosleson @shosleson85405
132 Followers 7K Following I'm new to Twitter accounts so I tried the messaging feature and it's great to meet you.
Trentent Tye @TrententTye
2K Followers 1K Following Former Microsoft MVP for AppV/RDS, former Citrix CTP, vExpert. Solving problems before anyone else. ControlUp employee. Opinions are my own. He/Him
IngridFrances @1Z6GF9TGYPF9j
53 Followers 6K Following
QueenaPullan @8lmyG14f3R1Wm
58 Followers 7K Following
Sarmad Aidrus @AidrusSarmad
3 Followers 46 Following IT OT Security Strategist | NIS2 CRA IEC 62443 | DevSecOps Enthusiast | Distributed Systems Engineer
Nanetoo @Nanetoo643238
126 Followers 7K Following
SimonaRobin @uj9BY856K6S67
70 Followers 7K Following
VioletVirginia @BeVSqG1lGmP10x
88 Followers 7K Following
SetllaAly @3fx30v36OfQ21VL
27 Followers 4K Following
Routhaez @RouthaezADUix
6 Followers 388 Following
ReneeBurke @Malzonelou32
52 Followers 5K Following
VeronicaAnn @V3rj29sQhFO13B
78 Followers 7K Following
SelenaBessie @64E36g2pYcqVKT
66 Followers 7K Following
Thresher @eWLW9eUv32ODGF4
24 Followers 3K Following
Tony Gore @nullg0re
623 Followers 1K Following Security Researcher, US Marine Corps Veteran, Microsoft Most Valuable Researcher 2023 & 2024
ZenobiaPiers @4Qj9BuGxaq0Nb2b
28 Followers 2K Following
Athena @koetterathena98
285 Followers 3K Following
Muriel @lobato_muriel59
260 Followers 3K Following
Virginia @v_lewis31
305 Followers 3K Following
Harm Veenstra | MVP @HarmVeenstra
2K Followers 4K Following 2x Microsoft MVP | #PowerShell Evangelist | Living apart together with @Eve_023 | Consultant | *Core | Google Pixel | #Espresso | https://t.co/8Aes02OcHf
Katherina @katherina_sando
295 Followers 3K Following
CathiYurkovich @CathiYurko5678
49 Followers 2K Following
Morten Knudsen | MVP @knudsenmortendk
494 Followers 528 Following Triple Microsoft MVP (Security, Azure & Security Copilot) | MCT | Security & Cloud Architect | Co-Founder Experts Live Denmark | Speaker | Blog https://t.co/b1b8SZHZpi
Ann @harris66ann
286 Followers 3K Following
Kathy @nehlsen_kathy49
218 Followers 3K Following
Kara @sims_kara46
260 Followers 3K Following
Frances @francesross47
265 Followers 3K Following
Mattie @mattie97phillip
309 Followers 3K Following
Angela @thompson77angel
361 Followers 3K Following
International Cyber D... @IntCyberDigest
5K Followers 3K Following Your weekly go-to cybersecurity newsletter, curated and commented on by our senior analysts. Got tips? Signal: IntCyberDigest.17
WatchGuard DACH @sichersein
579 Followers 146 Following WatchGuard gehört zu den führenden Anbietern, wenn es um Netzwerksicherheit, WLAN-Schutz, Multifaktor-Authentifizierung oder die Absicherung am Endpunkt geht.
John @systemofdoom
819 Followers 1K Following Security & Network Administrator with a focus on #ConfigMgr, #Intune, #Powershell, and #Defender. Vinyl Record Collector, Cyclist, Gamer, Hipster Doofus.
Block @blocks
91K Followers 10 Following Building blocks @Square @CashApp @spiralbtc @TIDAL @BitkeyOfficial @protomining
Bastien Perez @bastienperez_
572 Followers 455 Following 🇨🇵 MVP - consultant #Microsoft products #ActiveDirectory #EntraID 🌐 Share tips from the IT field 🏢 Founder of Clidsys 📃 #PowerShell #NoCode #LowCode
Mike Terrill [MVP] @miketerrill
7K Followers 772 Following Microsoft MVP. Principal Engineer @2PintSoftware. Intune, ConfigMgr and OSD specialist. Porsche & Tesla enthusiast. #WildcatForLife #BearDown #FSDBeta
GangExposed RU @GangExposed_RU
3K Followers 69 Following Cybercrime investigator | Exclusive leaks on $10M bounty targets
JB @JoshB96009544
76 Followers 508 Following
Maximales Drehmoment @MaximalesD
53K Followers 140 Following Schrauber/Ehemann/Vater/mit Herz und Seele💪 Rechtschreibung kann vom Original abweichen! Ersteller von #Schraubermoment Threadschreiber Header by @Taschentroll
whatever @whatever
262K Followers 1 Following Trying to make sense of the dating hellscape. LIVE Sundays at 5:00 PM Pacific on https://t.co/Ln0zNd1ZPY /// CASTING WOMEN: DM https://t.co/qQXhgAh1Cj
ibrahim rüdisühli �... @i_rudisuhli
1K Followers 2K Following Zusammenfassend kann man sagen, dass meine vulgäre Sprache im Kontext meiner Kritik an intoleranten faschistischen Ansichten als notwendig gesehen werden kann.
Matt Call @DeviceDeploy
3K Followers 177 Following PM @Microsoft - Helping build tech to secure endpoints - thoughts here are mine and are not always based in reality
Balthasar @BalthasarMartin
218 Followers 241 Following Red team lead @ https://t.co/fkrENrHmF5 @[email protected] (he/him)
Soroush Dalili @irsdl
20K Followers 909 Following Hacker (ethical), web appsec specialist, trainer, tools builder & apps breaker, @SecProjectLtd founder 🕸️https://t.co/YipuTcYnWc🥷 🍏A dad-joke maker🍐
Rafał Fitt @rafal_fitt
347 Followers 775 Following There is always a bigger fish. Check the compass, not the clock. Knowledge Is Power. #NAFO
_@_* @S3cAtW0rk
25 Followers 289 Following Interested in technical deep dives of IT-Security, Active Directory, Powershell, Authentication, Certificates, Cloud and other stuff
GitHub Projects Commu... @GithubProjects
187K Followers 105 Following We're sharing/showcasing best of @github projects/repos. Follow to stay in loop. Promoting Open-Source Contributions. UNOFFICIAL, but followed by github
Nir Ohfeld @nirohfeld
4K Followers 841 Following Head of Vulnerability Research @wiz_io | @Microsoft MVR (2021-2025) | Pwn2Own 2025 | @Forbes 30 Under 30
Markus Wulftange @mwulftange
3K Followers 195 Following Principal Security Researcher and Pâtissier at @codewhitesec
CODE WHITE GmbH @codewhitesec
7K Followers 41 Following Red Teaming. Security Research. Continuous Penetration Testing. Threat Intelligence.
Khoa Dinh @_l0gg
2K Followers 119 Following
Adam Juelich @acjuelich
3K Followers 4K Following IT Consultant. Focusing on Microsoft #ConfigMgr #SCCM #MSIntune, Azure, and Defender. Opinions are my own.
јаmеѕ ███�... @rotarydrone
850 Followers 596 Following lil bit of red, lil bit of blue. very purple. views my own
Dwyer @_Dwyer_
3K Followers 370 Following Threat research is the name of my game. I know enough to know that I have a lot to learn. opinions are my own
Alejandro Parodi @hdbreaker_
884 Followers 1K Following 2x Founder @VoltAI & @Hackmetrix, Security Researcher. D̶o̶n̶’̶t̶ have the drive to become a big scary famous hacker. I love vibe coded shit.
Keanu Nys @RedByte1337
897 Followers 74 Following Offensive Security Lead @ Spotit. Creator of GraphSpy
Horizon Secured @horizon_secured
588 Followers 135 Following Master Windows & Active Directory Security—From Defense to Attacks.
Airlock Digital @AirlockDigital
671 Followers 20 Following Practical Allowlisting and execution control that works.
Zack D. Films @zackdfilms1
327K Followers 0 Following A Collection of Things I Find Interesting (Zack D. Films’ Official Account)
Stadt München @StadtMuenchen
267K Followers 102 Following Landeshauptstadt München, Presseamt: Aktuelle Infos und Veranstaltungen der Landeshauptstadt #München Impressum / Datenschutz: https://t.co/y2v1q6o2jI
Muqsit 𝕏 @mqst_
8K Followers 97 Following Sharing resources from the cybersecurity community • Passionate learner and creator • YouTube: https://t.co/1BmE6QOd0D • Turn ON Notifications 🔔
SinSinology @SinSinology
13K Followers 674 Following Pwn2Own 20{22,23,24,24.5,25,25.5}, i look for 0-Days but i find N-Days & i chase oranges 🍊
cybercron.ai @cybercronai
220 Followers 1 Following The chronicles of cyber 📖 Emowering organizations through AI enhanced cybersecurity data, enrichment, & analytics. 🤖📊 Daily Feed 📰 #CyberCron #VulnAlert
Nic Losby @Blurbdust
657 Followers 963 Following Red Teamer | He/Him | Obligatory opinions don't reflect employer | Occasional terrible developer of tools | PGP: 826087AF5C6653F0BAACA1C5E4CE747DEA558A13
Ellis Springe @knavesec
1K Followers 422 Following Adversary Simulation X-Force Red, developer of tools, connoisseur of dogsTrends for United States
You might like
