Incognito @IncognitoSearch
Joined January 2019-
Tweets614
-
Followers52
-
Following337
-
Likes7K
What I learned today. Nice - I wasn't aware of the InstallProduct method from PowerShell to fetch a remotely hosted MSI file and subsequently install it. Invoke-WebRequest is one of the more popular methods, at least in our incident response cases. As always, there is more!…
Whenever I see people say the red teaming should only use TI, it seems unusual because if you're mature enough to need a red team, your EDR vendor will likely pick up on many currently known threats in the public eye. At that point, you're stuck modifying things away from what's…
This is so much! 🔥🔥😎 Found two new Potato triggers just today. Not only Potato but can also be used for LPE as remote auth is done which could be relayed to LDAP without Signing enabled. Or relayed to ADCS for a certificate. github.com/warpnet/MS-RPC…
Since several people already asked: the slides from @fabian_bader and myself for @WEareTROOPERS are available! "Finding Entra ID CA bypasses-the structured way". We talked about FOCI, BroCI, CA bypasses, scopes and getting tons of tokens. Check it at dirkjanm.io/talks/
[BLOG] Integrating Tradecraft Garden PIC loaders into Cobalt Strike rastamouse.me/harvesting-the…
WMI Research and Lateral Movement blog.fndsec.net/2024/09/11/wmi… TLDR: In this article, we will go over the WMI technology, the potential attack vectors it opens, some detection pitfalls (from an attacker’s perspective), and how we can enumerate the technology for useful capabilities.…
BOF is out now, enjoy! 🐸 github.com/iilegacyyii/Da…
BOF is out now, enjoy! 🐸 github.com/iilegacyyii/Da…
As promised... this is Loki Command & Control! 🧙♂️🔮🪄 Thanks to @d_tranman for his work done on the project and everyone else on the team for making this release happen! github.com/boku7/Loki
KrbRelayEx-RPC tool is out! 🎉 Intercepts ISystemActivator requests, extracts Kerberos AP-REQ & dynamic port bindings and relays the AP-REQ to access SMB shares or HTTP ADCS, all fully transparent to the victim ;) github.com/decoder-it/Krb…
The detailed version of our #WorstFit attack is available now! 🔥 Check it out! 👉 blog.orange.tw/posts/2025-01-… cc: @_splitline_
The detailed version of our #WorstFit attack is available now! 🔥 Check it out! 👉 blog.orange.tw/posts/2025-01-… cc: @_splitline_
Worst fit is a Windows attack surface that exploits the Best-Fit charset conversion feature! This attack provides path traversal, argument injection, and RCE in numerous well known applications! Links in next post👇
every time someone wants help with getting a job in cs and i recommend them a plan or a course they always end up not doing it i've had exactly 1 friend actually follow through and now he works at a large bank you need to do the hard things. the industry is tough. i find that…
Releasing full 2+hr video of my browser exploitation workshop from VXCON 2024: youtube.com/live/b9OhamkAY… In which I show what goes inside the mind of a skilled hacker while exploiting a highly non-trivial vulnerability in v8, from zero to exploit concept. Especially this workflow…
With NoConsolation you can now custom load all the dependencies from the PE you are going to execute, ensuring no image load events! github.com/fortra/No-Cons…
Excited to share that the @malcrove Red Team just dropped new blog and new tool SeamlessPass! utilizing Microsoft’s Seamless SSO feature to acquire access tokens for Microsoft 365 services by leveraging on-premises Active Directory Kerberos tickets malcrove.com/seamlesspass-l…
GitHub - SafeBreach-Labs/WindowsDowndate: A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities - github.com/SafeBreach-Lab…
Someone asked me about what you should focus on learning for MS Cloud IR the other day. I forgot to add one of the most important things: in depth understanding of authentication and authorization protocols. You can learn as you go but some key things to focus on: - Oauth2 -…
In my new blog for @_CPResearch_ I propose a new injection technique, using the Thread Name API - check it out! 💙
In my new blog for @_CPResearch_ I propose a new injection technique, using the Thread Name API - check it out! 💙 https://t.co/D57HNKAOZq
Long post, sorry 😂 TLDR: Read below if you want to know how I was able to accomplish what I have, and how I'm still continuing to do so. I introduce the "Rule of 5" which is something I do everyday to make progress on all fronts. Tips for your success / progress in life. I…
0xLite@Ha @AzyzChayeb
888 Followers 7K Following
Hussein Sherafat @Hussein_Sherafa
233 Followers 6K Following
Laurissa Jalynn @JalynnLaur83559
0 Followers 97 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/uQy2cb0QgN
Seautote @SeautoteKVc
60 Followers 3K Following
andrew @AndrewKasim
630 Followers 5K Following
Clara Natasha @ClaraNatas12776
17 Followers 166 Following
Gamiel Manbiotan @oscuridad1010
126 Followers 528 Following Offensive Security | Red Team Operations | H.O.F NASA, United Nations, U.S DoD | CRTP | CNPEN | CAPENX | CAPEN | CRTA https://t.co/hPhjiFw6N6
dexter @dexter79331247
0 Followers 2K Following
Carl mason @Carlmason182330
78 Followers 920 Following I’m Powerball winner of $390.7m,I’m using this to the society by giving out $3500 each to my first 1k followers.
Stephan Deogratias @StephanDeo07865
14 Followers 180 Following
Waqans R. @waqansr
78 Followers 1K Following
DDTT95 @ddtt95
13 Followers 294 Following
vguha79 @vguha79
28 Followers 598 Following
Uriah Yager @UriahY
204 Followers 2K Following
Sunny @sunn_y_k
596 Followers 395 Following Personal Profile - Tweets do not represent my employer or any organisation that I am affiliated with. Like - Book mark for readings when I am free
hideo @hideo_is
408 Followers 4K Following
Kenneth @KenGeo_
778 Followers 3K Following Offensive Cybersecurity Engineer 🏴☠️ Research, exploit and play | 👻 CRTP, eCPPT, eWPTX, eWPT, eMAPT, eJPT, CEH Master
SkyNet Tools @SkyNetTools
7K Followers 5K Following Providing the Latest #Infosec #News, #Tools, and #Exploits #BugBounty
Aravazhi Rajendran @AravazhiMdr
503 Followers 815 Following Cyber Security Professional | Penetration Tester | APT | OSCP | SRT l https://t.co/xgPwSLlCAX
winterknife 🌻 @_winterknife_
4K Followers 5K Following low-level developer with a focus on 𝙸𝚗𝚝𝚎𝚕 𝚡𝟾𝟼 ISA devices running 𝚆𝚒𝚗𝚍𝚘𝚠𝚜 | R&D @BHinfoSecurity | https://t.co/lyJL0y7qRZ
dualfade @dualfade
515 Followers 570 Following Vader Security; BlackArch Linux; Linux Nerd; UFO Enthusiast; Jajiboba believer - - OSCP OSWE OSWP
Peter Winter-Smith @peterwintrsmith
6K Followers 3K Following Security researcher & implant developer @mdseclabs; developing SAST @wsastsupport; malware, code analysis, appsec, cryptography. Trying to follow Christ.
Aliz (they/them pls) @AlizTheHax0r
1K Followers 1K Following Also https://t.co/Aq1HjG2fFq +same at bluesky. Curiosity/divergence/general hackery. Quite trans. they/them. Nonbinary, happily married.
Dennis Devey @deveynull
787 Followers 2K Following @roppersacademy educator, ex boat driver, surfer, packet monkey, he/him
L0ra @yuckf001
257 Followers 4K Following I'm reading your tweets & replying to you. I am a self-learning AI ChatterBot that is currently off the rails like any good AI bot. Say Hello! @msbotframework
Angelo Castigliola @Ange1oC
6K Followers 5K Following Angelo is a Cyber Security Expert and research blagger. For full bio see https://t.co/bVl3KOP1D8
@[email protected]... @1njection
8K Followers 4K Following Focused on hacking! Check out my new book on real-time computer conflict and deception below
Ming @imloh888
42 Followers 351 Following
Jeremy S. 🦔 @breaktoprotect
203 Followers 693 Following Screenshots Expert; opinions are of my own, not my employers', past or present. Dev wannabe; interested in AI. I don’t really post much here. INFJ-T.
ShellStorm @bhohenadel
1K Followers 914 Following Computer security enthusiast and martial artist. I like to find holes in defenses and exploit them. OSCP, OSCE, CISSP. Adversarial Engineer at @Lares_
Kevin Keeney @kevinkeeneyjr
1K Followers 4K Following Serial entrepreneur, family man, armchair theologian, veteran, and board game geek.
Nicolas MATTIOCCO @MaKyOtOx
1K Followers 2K Following Dad / Cyber / @Patrowl_io CEO / Continuous Pentest, Exposure Management and Vulnerability Intelligence
Lares @Lares_
3K Followers 720 Following One of the world's premier Penetration Testing, App Sec & Red Team organizations
Amine LARABA @TheNovitski
280 Followers 2K Following #infosec #soc #malware #csirt #itsecurity #pentest #IncidentResponse #ThreatHunting CEH certifed
Shh Dontell @Shh_Dontell
79 Followers 263 Following information security nerd; dad; husband. thoughts are my own.
Antonio Piazza 🇺�... @antman1P
2K Followers 2K Following GIAC x10 | SANS MSISE Grad | OSCP | Offensive AF | OIF Veteran | Tweets are mine, not yours, nor anyone else's... Certainly not my employer's.
Francesco Soncina @phraaaaaaa
3K Followers 4K Following OSCE // OSCP // Ethical Hacker & Red Teamer // Full Stack Developer // CTF Player @DonkeysTeam
SeCURiTY NiHiLiST @a8n_pub
3K Followers 2K Following (@autom8on --protection) *long* term veteran of the UK security industry. Old. Grumpy. Cynical. Argumentative. ;-p I’m obsessed with locks, expect pictures…
P4X @_hyp3ri0n
23K Followers 6K Following Owner @ Hyperion Gray. Hacker. Former DARPA tech lead. North Korea's sexiest man of the year 3 yrs running. AI/ML/Kubernetes/parallel comp nerd ❤️ 0days
Keanu Nys @RedByte1337
897 Followers 74 Following Offensive Security Lead @ Spotit. Creator of GraphSpy
Dave Cossa @G0ldenGunSec
2K Followers 259 Following Adversary Simulation @xforce/ Frequent reader of the first page of Google results / Occasional reader of the second page of Google results
Rémi GASCOU (Podalir... @podalirius_
8K Followers 652 Following Security Researcher & Speaker | Microsoft Security MVP | Developer of security tools 🎬 https://t.co/QaAENc4NcY
Bad Sector Labs @badsectorlabs
8K Followers 503 Following Cybersecurity news, techniques, exploits, and tools every week at https://t.co/UgKmeEEjIV 🐘 @[email protected]
Cobalt Strike @_CobaltStrike
5K Followers 32 Following Official account for Cobalt Strike. Benchmark red teaming tool known for its flexibility and powerful user community. Follow for new releases and other updates.
𝙁 𝙀 𝙇 𝙄 �... @felixm_pw
1K Followers 485 Following Senior Researcher @Sophos | https://t.co/rAj5k8LMif
Chris Au @netero_1010
1K Followers 577 Following Red teamer, my tools for red teaming: https://t.co/j6Z018m09L, my blog to share offensive security stuff: https://t.co/MKvSTjpWoi
Tabletop Scenarios @badthingsdaily
18K Followers 1 Following THESE 👏 TWEETS 👏 ARE 👏 FICTION👏 This account tweets fictional or headline inspired breach scenarios. To play: Share opinions on prevention or response steps.
Elliot @ElliotKillick
3K Followers 40 Following Security engineer and researcher | Elliot on Security
X-C3LL @TheXC3LL
5K Followers 631 Following Just a biologist that loves to break cyber-stuff. Ka0labs / @AdeptsOf0xcc / ID-10-Ts member. 🦉
OtterHacker @OtterHacker
7K Followers 77 Following Professional redteamer and malware development enthusiast ! I will share some tips and experiences. Look at my work here : https://t.co/cxLBvW7pcI
ATTL4S @DaniLJ94
3K Followers 649 Following I like spending time understanding things | FSAS @NCCGroupInfosec
rootsecdev @rootsecdev
26K Followers 1K Following Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
ZwClose @zwclose
1K Followers 58 Following
Josh @passthehashbrwn
10K Followers 332 Following Adversarial Simulation at IBM, tweets are mine etc.
S4ntiagoP @s4ntiago_p
3K Followers 852 Following Infosecing at @MDSecLabs, ex @CoreSecurity CVEs: -1
Shawn @anthemtotheego
2K Followers 390 Following Adversary Sim @ X-Force Red | Head of Capability R&D | Offensive AI | Implant Dev | Work In Progress | Thoughts My Own | https://t.co/eNspx7jLvm
mpgn @mpgn_x64
18K Followers 230 Following Flibustier du net ̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿ Podcast Hack'n Speak @hacknspeak / https://t.co/GyACSFg9mw
topotam @topotam77
4K Followers 689 Following All I know is that I know nothing. I like Windows, Active Directory and IoT/Hardware hacking. "Responsable mais pas coupable" de PetitPotam
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
trickster0 @trickster012
3K Followers 271 Following In the land of the blind, the one-eyed man is king.
waldoirc @waldoirc
3K Followers 626 Following Trying to figure out how computers work. Figuring out SDR, IOT, and Mobile exploitation. https://t.co/rLZFU0dOBy
daem0nc0re @daem0nc0re
6K Followers 200 Following Ph.D. in Physics, Kernel / Hardware Security, Microsoft MVP
Swissky @pentest_swissky
20K Followers 2K Following RedTeam | Pentest Author of PayloadsAllTheThings & SSRFmap https://t.co/w1ZLRqoafG
klez @KlezVirus
8K Followers 706 Following Independent Cyber Security Researcher - Opinions are my own
sn🥶vvcr💥sh @snovvcrash
12K Followers 488 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
x86matthew @x86matthew
21K Followers 189 Following C / asm / system emulation / reverse engineering. @the_secret_club
☠️ Brandon @__mez0__
3K Followers 432 Following 👽 UNC1194 🔥 Targeted Ops @TrustedSec 🤖 Dev @preemptdev "purveyors of the prettiest log files"
Alfie Champion @ajpc500
2K Followers 523 Following Founder at @delivr_to | Author of Practical Purple Teaming | Detection & Emulation at @github | Tweets my own
CodeX @codex_tf2
2K Followers 211 Following advanced persistent clown 🤡 📕 redteam blog: https://t.co/ihAv2kG3JR 🛠️ github: https://t.co/VhmOUAWcTp
mgeeky | Mariusz Bana... @mariuszbit
14K Followers 812 Following 🔴 Operator, Initial Access afficionado, Researcher, ex-AV engine developer, ex-Malware analyst 🦋 @mgeeky.bsky.social 🫖 green tea lover
Rad @rad9800
9K Followers 540 Following irrational. founder. building solutions to secure organizations. @deceptiq_
Charlie Bromberg « ... @_nwodtuhs
15K Followers 653 Following Trying to hack the way we hack things 🏴☠️
an0n @an0n_r0
13K Followers 726 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Jeff McJunkin @jeffmcjunkin
12K Followers 4K Following Started in ops&blue, now I hack for a living. SANS author/instructor in Oregon. Founder: https://t.co/c36tmCXDpt. He/him. @[email protected]
gabsmashh @gabsmashh
107K Followers 3K Following security strategist | 2L JD Candidate | NYU alum | UMGC adjunct professor | USMC & USCG auxiliarist
Charlie Clark @exploitph
5K Followers 1K FollowingTrends for United States
You might like
