-
Tweets3K
-
Followers8K
-
Following392
-
Likes3K
A detailed description of the R&D process with its ups and downs, a great deep dive into Windows internals to try to remotely enable the Web Client service. Great work 👏
A detailed description of the R&D process with its ups and downs, a great deep dive into Windows internals to try to remotely enable the Web Client service. Great work 👏
Hosts running the WebClient service are prime targets for NTLM relay attacks, and it may be possible to start the service remotely as a low-privileged user. @0xthirteen breaks down the service startup mechanics, plus the protocols and technologies. ghst.ly/41QT7GW
If you want to quickly check whether the guest account is enabled, you can now do it with NetExec. This is not enabled by default you need to set the custom flag check_guest_account in your nxc.conf file. Maybe one day it will be set to true by default 🪂
gpoParser, which I presented at #leHACK2025 and #DEFCON, is available here: github.com/synacktiv/gpoP… It is a specialized utility designed to enumerate Group Policy Objects (GPOs) and identify potential security misconfigurations.
You didn’t click, but your password challenge is leaked. I’m excited to share my latest research: CVE-2025-50154, a high severity NTLM hash disclosure vulnerability in the explorer.exe process, exploitable without any user interaction. cymulate.com/blog/zero-clic…
Session enumeration is only possible with admin privileges? That is a problem of the past thanks to the new --reg-sessions core functionality of NetExec, made by @toffyrak🔥
Today, together with Jonathan Elkabas, we're releasing EntraGoat - A Deliberately Vulnerable Entra ID Environment. Your own hands-on Entra lab for identity attack simulation. Built for red teams, blue teams and identity nerds. Check it out here👉github.com/semperis/entra…
Added a small Quality of Life improvement to NetExec: When the target allows null authentication the host banner automatically displays this info now🚀
In this blog post I explain the fundamental building blocks, vocabulary, and principles of attack graph design for BloodHound: specterops.io/blog/2025/08/0…
hashcat v7.0.0 released! After nearly 3 years of development and over 900,000 lines of code changed, this is easily the largest release we have ever had. Detailed writeup is available here: hashcat.net/forum/thread-1…
It's been almost a year since my last blog... So, here is a new one: Extending AD CS attack surface to the cloud with Intune certificates. Also includes ESC1 over Intune (in some cases). dirkjanm.io/extending-ad-c… Oh, and a new tool for SCEP: github.com/dirkjanm/scepr…
To trigger local SYSTEM authentication for relaying to ADCS or LDAP for LPE you would usually need the printer service or EFS service to be enabled (printerbug/petitpotam). Here is an alternative without this requirement 🤠 github.com/rtecCyberSec/R…
Okta chained with Azure with auto MFA subscription for Okta and frame-buster bypass to perform Bitb ! Evilginx is really nice to setup custom phishing campaign whatever the environment is... Phishlet available here : github.com/OtterHacker/Ok…
SCCM’s Management Points can leak more than you’d expect. @unsigned_sh0rt shows how Network Access Accounts, Task Sequences, and Collection Settings can be stolen by relaying a remote Management Point to the site database. Check it out ⬇️ ghst.ly/4eNLaHU
Netexec users and Windows lovers here is a small tip I learned experimenting with @scam_work about windows loggedon-users and scheduled task impersonation
New video out 😊 showing how you can take control of port 445 and perform those magical relay attacks toward AD CS when working from a C2 agent. Way easier than before thanks to some great research by @zyn3rgy youtube.com/watch?v=e4f3h5…
🧐Le 11 juin dernier, deux chercheurs de @Synacktiv ont publié un billet de blog révélant CVE-2025-33073, une faille critique qui est pourtant passée (presque) sous le radar. 🤓On passe en revue la vuln' aujourd'hui ! youtu.be/sXdca8lfG14
Je serai à #LeHack vendredi 27 et samedi 28 juin, et si tu n'as pas encore ta place, tente ta chance pour venir gratuitement, en résolvant ce petit challenge made by @LoginSecurite 💪 linkedin.com/posts/login-s-…
Introducing the BloodHound Query Library! 📚 @martinsohndk & @joeydreijer explore the new collection of Cypher queries designed to help BloodHound users to unlock the full potential of the BloodHound platform by creating an open query ecosystem. ghst.ly/4jTgRQQ
While performing penetration tests on SAP Financial Consolidation, our ninjas @l4x4 and @alexisdanizan discovered an authentication bypass for local accounts including the built-in ADMIN account, leading to the underlying system compromise: synacktiv.com/en/advisories/…
Charlie Bromberg « ... @_nwodtuhs
15K Followers 653 Following Trying to hack the way we hack things 🏴☠️
mpgn @mpgn_x64
18K Followers 230 Following Flibustier du net ̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿ Podcast Hack'n Speak @hacknspeak / https://t.co/GyACSFg9mw
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
Rémi GASCOU (Podalir... @podalirius_
8K Followers 651 Following Security Researcher & Speaker | Microsoft Security MVP | Developer of security tools 🎬 https://t.co/QaAENc4NcY
sn🥶vvcr💥sh @snovvcrash
12K Followers 488 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Adam Chester 🏴�... @_xpn_
36K Followers 501 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Mayfly @M4yFly
7K Followers 782 Following Former Dev and DevOps| Pentester and red teamer at orange cyberdefense | OSCE³| Tweet are my own| discord: m4yfly
n00py @n00py1
13K Followers 963 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
Dirk-jan @_dirkjan
28K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
Swissky @pentest_swissky
20K Followers 2K Following RedTeam | Pentest Author of PayloadsAllTheThings & SSRFmap https://t.co/w1ZLRqoafG
an0n @an0n_r0
13K Followers 725 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
🥝🏳️🌈 Be... @gentilkiwi
62K Followers 286 Following A kiwi coding mimikatz & kekeo github: https://t.co/eS3LVgU6i0 Head of security services @banquedefrance Tweets are my own and not the views of my employer
Mike Felch (Stay Read... @ustayready
16K Followers 2K Following Targeted Ops Red Team @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | I speak for myself only | K1HAQ
Josh @passthehashbrwn
10K Followers 332 Following Adversarial Simulation at IBM, tweets are mine etc.
Marcello @byt3bl33d3r
30K Followers 560 Following CyBeRsEcUrItY | Not afraid to put down with some THICC malware on disk | securing and breaking AI @PaloAltoNtwks | Ex @spacex
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows | Interested in Security, Debugging, and Windows Internals.
kota31 @_kota31
3 Followers 160 Following
Raphaël Lacroix @Chepycou
0 Followers 64 Following 🇫🇷 French ✏️ Aspiring penetration tester (Currently looking for a Penetration Tester position in Toulouse). CTF Player 🎹 Plays piano, drums and composes
fongpei chou @clmtn88
0 Followers 126 Following aspiring financial accountant, technology and security
MetalZen0 @MetalZeno
8 Followers 211 Following My Second account since the first one got hacked and twitter was no help
squ4r00t @squ4r00t
1 Followers 18 Following
Vee @Vee0x0
1 Followers 67 Following
Danish Mehmood @danish_mehm00d
2 Followers 464 Following R3d_t3am | Security Researcher | Pentester & Technology lover
Earn USDC @nq7emoddlb96954
1 Followers 186 Following Get stable daily returns ($2–$20,000) through smart contract staking—all from your phone! Join now: https://t.co/TVMS5iXkjN
Tyjol4 @Tyjol4
4 Followers 427 Following
Ansuz Security @AnsuzSecurity
1 Followers 47 Following
zerotoxin @zerotoxin
13 Followers 643 Following
Anataar @AnataarXVI
6 Followers 117 Following
Hammad Ali @hammad2656
42 Followers 975 Following
v1nc @v1__nc
8 Followers 101 Following bruteforce brother | security | pentesting | reverse engineering | privacy | opsec
PhoenixProject @__0_Phoenix_0__
3 Followers 39 Following Association à but non lucratif visant à promouvoir l’usage de l’informatique et de l’IA pour tous de façon éthique!
Racim Boussa @racim_boussa
0 Followers 432 Following
Antoine Aurand @aur40148
0 Followers 43 Following
Meg4R0M🏴☠️ ... @ToosDL
68 Followers 350 Following Consultant infra // Consultant Cybersecu // Tech Lead // Ex dev Symfony/EzPublish/EzPlatform // Formateur // Facilitateur // Validateur Technique - @neverhack
seek @seeknes
9 Followers 86 Following
Ellosys @ellosys
2 Followers 350 Following
Ronin_x86 @Ronin_x86
1 Followers 206 Following
Marshall';--🐼🍌 @MJHallenbeck
1K Followers 301 Following Don't hate me 'cause I'm beautiful. I like breaking shit. Red Teamer & Pen Tester. Cat lover. NetExec maintainer. CPTC Director & AppDev Team Lead
loiute buio @LoiuteB4155
5 Followers 413 Following
0x2A Security @0x2asec
49 Followers 956 Following Security: the answer to the ultimate question of life, the universe, and everything.
AVA @a1v7a9
4 Followers 680 Following
sm00v! @5m00v
45 Followers 120 Following Proud father of 4, here to bring light to the world, CEO @3NailsInfoSec
yabo @yabo255944
5 Followers 534 Following
Jaime villanueva @Jaime54354688
26 Followers 902 Following
07x_v3177.exe @VedGawde
81 Followers 2K Following Trust in His plan | God's love makes even the hardest journeys worthwhile | His love is the compass guiding your life's purpose |
kirsav5 @kirsav5
0 Followers 8 Following
jerikoo 🇪🇸 @�... @jerikoo
98 Followers 524 Following
Marion @BornFreeewe
57 Followers 464 Following
CharlB @CharlB29
7 Followers 201 Following Cyber reverse-engineer, CTF Player, Home Assistant User, https://t.co/b8a2kZ8iEd
0d@y_kitty @0dykitty1
11 Followers 519 Following
Amalia Radoi @AmaliaRado56600
5 Followers 359 Following
haaju @pirate_502
1 Followers 203 Following
ابو حنانه @AboHannaneh
327 Followers 2K Following عطر یوسف كَربلائک قمنا نشتمها بردائک نحیی و نموت بلقائک یا حسین
Hussein Sherafat @Hussein_Sherafa
233 Followers 6K Following
Charlie Bromberg « ... @_nwodtuhs
15K Followers 653 Following Trying to hack the way we hack things 🏴☠️
Florian Hansemann @CyberWarship
84K Followers 47 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
mpgn @mpgn_x64
18K Followers 230 Following Flibustier du net ̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿ Podcast Hack'n Speak @hacknspeak / https://t.co/GyACSFg9mw
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
ippsec @ippsec
119K Followers 353 Following
Rémi GASCOU (Podalir... @podalirius_
8K Followers 651 Following Security Researcher & Speaker | Microsoft Security MVP | Developer of security tools 🎬 https://t.co/QaAENc4NcY
DirectoryRanger @DirectoryRanger
35K Followers 96 Following This account assembles and disseminates information related to Active Directory and Windows security.
Adam Chester 🏴�... @_xpn_
36K Followers 501 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Mayfly @M4yFly
7K Followers 782 Following Former Dev and DevOps| Pentester and red teamer at orange cyberdefense | OSCE³| Tweet are my own| discord: m4yfly
n00py @n00py1
13K Followers 963 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
Dirk-jan @_dirkjan
28K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
Swissky @pentest_swissky
20K Followers 2K Following RedTeam | Pentest Author of PayloadsAllTheThings & SSRFmap https://t.co/w1ZLRqoafG
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
Synacktiv @Synacktiv
20K Followers 271 Following Offensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
Binni Shah @binitamshah
141K Followers 165 Following Linux Evangelist, Malwares, Security enthusiast , Investor, Contrarian , Philanthropist , Reformist , Sigma female 🦋 https://t.co/WOvf41tMKV
🥝🏳️🌈 Be... @gentilkiwi
62K Followers 286 Following A kiwi coding mimikatz & kekeo github: https://t.co/eS3LVgU6i0 Head of security services @banquedefrance Tweets are my own and not the views of my employer
Franso @Fransosiche
928 Followers 308 Following Pentester & Content Creator @rootme_org | Vulga Cyber | CTF enjoyer | Powerlifter https://t.co/3pgcxclBjh https://t.co/INGswbIHrv
Scaum @SScaum
30 Followers 25 Following
Quentin Roland @croco_byte
292 Followers 36 Following Pentester @Synacktiv 🤖 https://t.co/FhHN2RnPym
Simone Margaritelli @evilsocket
47K Followers 2K Following Music, cybersecurity, open source and AI • Author of bettercap, pwnagotchi, opensnitch, bleah, legba and a few other things.
Volker @volker_carstein
570 Followers 613 Following Hacker 💻 speaker 📣 Jack of All Trades 🃏 Social Engineering, OSINT, AD, TTRPG Pentester / Red Team Operator @ Bsecure / Parabellum Services
Mounir Laggoune @moonlaggoune
39K Followers 655 Following CEO @finaryhq - Rejoignez 550.000 investisseurs, suivez votre patrimoine, gérez votre budget et investissez. Mon livre pour investir👇
wrongbaud @wrongbaud
5K Followers 1K Following Cars, Bikes, Coffee and Embedded Systems Security | Founder @voidstarsec Training and Consulting https://t.co/0ib8fK31Ib https://t.co/YzN9K2LaST
T. @trendytofu
862 Followers 636 Following something something Cyber, something something security something.
OtterHacker @OtterHacker
7K Followers 77 Following Professional redteamer and malware development enthusiast ! I will share some tips and experiences. Look at my work here : https://t.co/cxLBvW7pcI
Finary @finaryhq
21K Followers 12 Following Prenez votre patrimoine en main 📱 Contruisez votre empire 👑 Envie de vous former à l’investissement & co-construire Finary : https://t.co/LAMNw4PMUN
k1nd0ne @k1nd0ne
606 Followers 212 Following Digital Forensic & Cyber Threat Intelligence. https://t.co/Qw6hzaf348
RandoriSec @RandoriSec
2K Followers 154 Following Cybersecurity company founded by security experts providing the following services: Security audits, Vulnerability research, SecOps, SecArch and Trainings
Fahad @Pwn3dx
2K Followers 402 Following Adversary Emulation | #OSEP | #CRTL | #eCPTXv2 | #CRTE | #CRTO | #CRTP | #eCPPTv2 | #eWPT | #APTLabs | #ZEPHYR
No Context French �... @nocontextfra
215K Followers 1 Following
Jim Sykora @JimSycurity
2K Followers 2K Following I enjoy security, technology, learning, books, & the great outdoors. Trying to be human & kind. Opinions = mine. He/Him/Hän
Nathan Blondel @slowerzs
808 Followers 122 Following
Akamai Security Intel... @akamai_research
26K Followers 109 Following All security research, all the time. Bringing you the latest insights from @Akamai’s research teams across the globe.
Aurélien Chalot @Defte_
3K Followers 459 Following Hacker, sysadmin and security researcher @OrangeCyberdef 💻 Calisthenic enthousiast 💪 and wannabe philosopher https://t.co/SqDDhIGGGh 📖 🔥 Hide&Sec 🔥
Gateway @intogateway
2K Followers 6 Following The Web3 Security University, incubated by @guardianaudits
Jason Lang @curi0usJack
16K Followers 200 Following @TrustedSec Red Team lead | Hi-Fidelity trolling | Privacy Enthusiast | Putting the "no" in nano | Avatar: https://t.co/3XHmKR8nCk
d1rkmtr @d1rkmtr
8K Followers 463 Following
Daniel Avinoam @daniel_avinoam
108 Followers 62 Following
wwwGeneral @wwwGeneralFR
26 Followers 135 Following Pentester @Holiseum Part-Time Teacher @ESIEEParis Staff @HackDayfr CTF Player Active Directory breaker Blog : https://t.co/tzZUgyKrpa
DEFCON GROUP Paris @dcgparis
2K Followers 10 Following A reboot of the DEFCON GROUP Paris group. Free bimonthly meetups. If you would like to give a talk, contact us here: [email protected]
Vincent Yiu @vysecurity
29K Followers 308 Following Director, Red Team, Offensive Security. Help organizations safeguard their businesses from the bad guys.
Snowball @snowball
5K Followers 0 Following 👨🏫 Apprends les rouages de l'éco, de la finance et des cryptos en toute simplicité. pas de « get rich quick » ici.
Caroline Jurado @CarolineJurado
2K Followers 543 Following Vulgarisatrice crypto, Autrice, Conférencière. Je rends les cryptos simples. Ma newsletter crypto n°1 en 🇫🇷 ⎥Rejoins-nous !
Trackflaw @trackflaw
177 Followers 1 Following Trackflaw is a french startup specialized in offensive security and specifically in penetration testing.
AlexOnCrypto @mis4nthr0pic
2K Followers 655 Following Business Growth @zokyo_io DevRel at @opensensepw. Bitcoin. Ethereum. Solana.
Cyfrin CodeHawks @CodeHawks
10K Followers 4 Following Helping companies secure smart contracts and auditors get paid. More than $2M+ rewarded to auditors. Powered by @cyfrinAudits
Thomas Seigneuret @_zblurx
3K Followers 389 Following Red Teamer & Security researcher Maintainer of #NetExec, #DonPAPI, dploot, certsync, and all the stuff on my github repo bsky: https://t.co/zISpgvDSWc
Review @TheGreatReview_
129K Followers 226 Following Youtube : https://t.co/D73xhMdtvq / Twitch : https://t.co/dlqgKqDMi0 / Patreon : https://t.co/0FSS4nMjou [email protected]
Aitor Zaldua @azdraft_
222 Followers 89 Following Co-Founder & Head of Security at @Bubblefi_xyz | Web3 & Web2 Security | Smart Contract Auditing | ISO, EU & US regulatory compliance expert.
Kristian Apostolov @KrisApost1
3K Followers 262 Following Blockchain Security Researcher | Bounty Hunter @immunefiTrends for United States
You might like
