msm @MsmCode
Malware analyst. Cofounder of @p4_team. No independent thought: ALL opinions belong to my employers, cats. and friends. [email protected] https://t.co/AeZd6IJwQe tailcall.net https://msm.lt Joined February 2016-
Tweets135
-
Followers2K
-
Following66
-
Likes373
My new post about #malware #deobfuscation - cert.pl/en/posts/2025/…. I focus on the simple - but powerful - technique of local substitutions. Uses #ghidra and ghidralib. Thx @nazywam for review.
I analyzed thousands of messages from 35+ suspected state-sponsored hacktivist groups using machine learning—uncovering hidden connections through writing styles, language and topics. After a year of research, here’s what we found and how we did it. 👇 research.checkpoint.com/2025/modern-ap… 1/
Ghidralib development continues: py3 support, binary/asm patching, and symbolic propagation: github.com/msm-code/ghidr…. I also write docs for people who want to try it. Newest chapter: emulation msm-code.github.io/ghidralib/emul… #ghidra #reverseengineering
RULECOMPILE - Undocumented Ghidra decompiler rule language. A blog post about how frustration with poor decompilation led me to dive deep into Ghidra's decompiler to discover (and reverse-engineer) - an obscure, undocumented DSL msm.lt/re/ghidra/rule… #reverseengineering #ghidra
🚀Excited to announce ghidralib - a library that makes #Ghidra scripts drastically shorter and easier to write. I've been using it daily for #reverseengineering and decided it’s time to share! Check it out: github.com/msm-code/ghidr… And the docs: msm-code.github.io/ghidralib/ #infosec
Hi #Ghidra users. I've created a quick search/command palette/launcher plugin called "Ctrl+P". You can search for functions, labels, data, bookmarks, focus windows, launch scripts and trigger available action. github.com/msm-code/Ghidr… #reversing #reverseengineering #infosec
🚨 Uwaga na fałszywe reklamy na dużych platformach internetowych! Oszuści nadal skutecznie omijają mechanizmy weryfikacji, a platformy mają problem z ich powstrzymaniem. Jakie są rodzaje oszustw i dlaczego te mechanizmy zawodzą? 🤔 🔍➡️ cert.pl/posts/2024/11/…
[PL] Oprócz Paged Out!, wypuściliśmy dzisiaj też wywiad z 𝗣𝗼𝗹𝗮𝗻𝗱 𝗖𝗮𝗻 𝗜𝗻𝘁𝗼 𝗦𝗽𝗮𝗰𝗲, tj. (@p4_team + @DragonSectorCTF + przyjaciele) o HACK-A-SAT 4: ↓↓↓ youtube.com/watch?v=9Gl8ZZ… ↑↑↑
Slides (PL) from my yesterday's presentation at @OMHconf #ohmyhack are here: tailcall.net/static/talks/o…. I've talked a bit about my recent research about stealers in a - hopefully - approachable way.
I had the pleasure to conduct a 1.5 day #workshop about Threat Intel Pipelines and CTI to a room full of security experts during the #ITU Interregional #Cyberdrill for Europe and Asia-Pacific. I hope everyone had fun and maybe see you at the next Cyberdrill.
CERT Poland's Jarosław Jedynak has posted a detailed and technical description of the XWorm analysis process, including the unpacking. XWorm is a multi-purpose malware family, commonly used as a RAT. cert.pl/en/posts/2023/…
I wrote a detailed writeup about #XWorm #Malware reverse-engineering. The stealer itself is nothing fancy, but check it out if you're interested in dissecting malware step by step. And if not, hey I share some code and IoCs too. cert.pl/en/posts/2023/…
Finished my #flareon10 today! Fun fact: I used #Ghidra exclusively (no Ida) to solve almost all challenges (two exceptions: Android and PDP-11 Forth). It works great.
What's the first step of dynamically unpacking obfuscated .NET malware? Writing your own debugger, of course. A story of unpacking the recent .NET stealer campaign: cert.pl/en/posts/2023/…. (Going to start posting more writeups soon, stay tuned)
Better documentation, YARA scanning limitation, easier scaling, better user roles. Those are only some of the changes introduced in mquery 1.4! Full list of changes is available on ⬇️ github.com/CERT-Polska/mq…
Today Poland Can Into Space placed fourth on @hack_a_sat qualifier and we're going to Vegas! This year's finals will include hacking the Moonlighter platform on orbit! Can 🇵🇱🥫🚀 conquer real 🛰️? We'll find out during DEFCON 31.
Finally, Phobos decryptor PoC published 🙃. I worked on it with @nazywam when I was at CertPl. It can decrypt most Phobos samples from the last 2 years, if you know the exact time decryption started (and PID). Very hard to use in practice but interesting PoC nonetheless.
Finally, Phobos decryptor PoC published 🙃. I worked on it with @nazywam when I was at CertPl. It can decrypt most Phobos samples from the last 2 years, if you know the exact time decryption started (and PID). Very hard to use in practice but interesting PoC nonetheless.
Fell in love with typed-config github.com/bwindsor/typed…. It's a tiny Python library for reading config from ini files/environment/anywhere, used by mwdb (and maybe mquery soon). Typed, extensible, dependency free. How does it only have 14 stars on GH?!
Together with @DragonSectorCTF we've donated our winnings from Russian CTFs to humanitarian aid towards 🇺🇦#Ukraine! $3,000 from each team which we'll match from our #PolandCanIntoSpace winnings. $12,000 in total for @PAH_org. #NoToWar 🇺🇦🇵🇱 #CTFforUA siepomaga.pl/ctfforua
Gynvael Coldwind @gynvael
38K Followers 1K Following security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine ⁂ @DragonSectorCTF ⁂ https://t.co/ShG2c5As1K ⁂ ex-Google ⁂ he/him
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Łukasz @maldr0id
13K Followers 958 Following Military-grade @Android malware reverse engineer @Google || "Tom Brady of malware strings analysis" - @MalwareTech || Tweets are my own opinions || he/him ✨🌈🦄
ᴀᴅᴀᴍ ʟᴀɴ�... @AdamLangePL
4K Followers 583 Following Breaking things professionally | Researcher | Speaker | Lecturer | Podcaster | #ProudToBeDefender | Opinions are my own.
ςεяβεяμs - м�... @c3rb3ru5d3d53c
25K Followers 243 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/NoM1TXq00P
Bartek Jerzman @secman_pl
2K Followers 3K Following Hunting ghosts in wires and boxes, Head of CTI, former NCSC-PL, PL Navy #fightingthreats | @PIVOT_con co-founder
Pan od Komputerow @komputerow
4K Followers 623 Following Dziwne, u mnie działa | UNIX | hacking | security | Cisco | forensics
Alexandre Dulaunoy @a... @adulau
8K Followers 7K Following Enjoy when humans are using machines in unexpected ways. I break stuff and I do stuff. @[email protected]
John Hammond @_JohnHammond
298K Followers 3K Following Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyQtS || https://t.co/narO3sz7y6
Wojciech Lesicki @WLesicki
1K Followers 994 Following Lead, Threat Assessment and Countermeasures Things that I like to do: IR/TH CTI ICS/OT security cloud security(mostly Azure) #TogetherWeAreStronger
Luthen @TherealWaRL0k
54 Followers 669 Following
Eaqaba @Eaqaba5522
52 Followers 3K Following
Blank @bl4nk_end
2 Followers 140 Following
BlueEye @BlueEye46572843
672 Followers 850 Following Reverse engineer & malware researcher @FitsecLtd . Interested in #APT research and targeted #malware
Eleanora Oberbrunner @EOberbrunn47044
56 Followers 3K Following
Josh @eganosun
1 Followers 457 Following
Rachel Benford @benford_ra37950
4 Followers 126 Following Recr uiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/g1rG4gVQw5
Чіт @John44147535
0 Followers 415 Following
سيريوس @Si2AB
3 Followers 83 Following
Jevin Sweval @jevinskie
2K Followers 5K Following KEYWORDS ➡︎ cats, hacking, reverse engineering, LLVM, binary analysis, side channel analysis, FPGAs, NFC/EMV tricks Previously Pay Security he/him
Look at my homepage @cole_meyer43343
25 Followers 3K Following Virtual currency game platform, deposit and get 50% bonus, recruit agents to earn 100,000 USDT per month, contact us https://t.co/j3jdAz4niL
strmode @strmode
33 Followers 382 Following
hxdef hxdef @HHxdef
117 Followers 2K Following
Acno @Unk_614
21 Followers 951 Following
samanda Andre @SamandaAnd60506
0 Followers 98 Following
Mohammed al-Ramadany @al_ramadan343
1 Followers 276 Following
Bhargav Rathod @malwr4n6
368 Followers 3K Following All things DFIR & Malware Analysis | macOS/iOS DFIR & Malware Research | Security Analyst @ Salesforce | OC-DFRWS | GIAC - GREM, GIME & Advisory Board Member
Idan Banani @IdanBanani
40 Followers 614 Following Low level SW Security R&D | Vulnerability research
Mohammed BASAMED @mhbasamed
5 Followers 186 Following
Smeighez @smeighez24520
55 Followers 963 Following
C0dingBastard @C0dingB
83 Followers 85 Following Show me the code. Director de Argentina de Eclypsium Inc. Las opiniones publicadas en este medio son personales.
nicolodev @nicolodev
375 Followers 133 Following Reverse Engineer – Passion for decompiler, disassembler, and anything that breaks software
Narcisse. @narcisseuuh
240 Followers 353 Following CS Student @ Télécom SudParis | Formal Methods, Binary Analysis & Exploitation Enthusiast.
صفر الزمن @non___existen
87 Followers 7K Following
Dinohacks @nhegde610
544 Followers 2K Following Researcher. Malware Analyst. Part time threat hunter. Part time blogger
aldeb @4ldebaran
166 Followers 1K Following
babush @pmontesel
829 Followers 590 Following @mhackeroni / I do stuff with computers / opinions not my own / 🇮🇹🇨🇦🇯🇵
yeng @yeng_number
5 Followers 302 Following
Yusuf @cybaqkebm
633 Followers 862 Following
Little Lord F***leroy @ordinal0
67 Followers 650 Following security engineer. works for fun & profit
Moaz Sabra @Moaz__Sabra
59 Followers 2K Following
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
ZaufanaTrzeciaStrona ... @Zaufana3Strona
44K Followers 279 Following Wszystko co chcesz wiedzieć o hasłach: https://t.co/bn2iYZxaPh
CERT Polska @CERT_Polska
33K Followers 8 Following Oficjalny profil zespołu CERT Polska | Zgłoszenie incydentu: https://t.co/NNUSNq61UT | O nas: https://t.co/mv9SshTgzy
Gynvael Coldwind @gynvael
38K Followers 1K Following security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine ⁂ @DragonSectorCTF ⁂ https://t.co/ShG2c5As1K ⁂ ex-Google ⁂ he/him
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
hasherezade @hasherezade
89K Followers 910 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
Łukasz @maldr0id
13K Followers 958 Following Military-grade @Android malware reverse engineer @Google || "Tom Brady of malware strings analysis" - @MalwareTech || Tweets are my own opinions || he/him ✨🌈🦄
ᴀᴅᴀᴍ ʟᴀɴ�... @AdamLangePL
4K Followers 583 Following Breaking things professionally | Researcher | Speaker | Lecturer | Podcaster | #ProudToBeDefender | Opinions are my own.
MalwareHunterTeam @malwrhunterteam
244K Followers 38 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
ςεяβεяμs - м�... @c3rb3ru5d3d53c
25K Followers 243 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/NoM1TXq00P
Keidii / Tomasz Bukow... @_keidii
362 Followers 78 Following security - mostly technical. offensive and defensive ;) (and physics, nonlinear stuff ... )
Marcin Dudek @dudekmar
1K Followers 442 Following Head of @CERT_Polska, ICS/OT Security Researcher, @Info_CCI Poland Coordinator, @BEERISAC 131
WerWolv @WerWolv
5K Followers 116 Following I'm a 26 year old embedded systems electronics engineer. Mostly interested in low-level coding and console dev. Discord server: https://t.co/XmgrcyNxqP
szymex73 @szymex73
2K Followers 1K Following CTFs & 🎶🎮 | Capturing 🚩 with @justCatTheFish | @[email protected] / @szy.bsky.social
Bulek @bulkowo_
20 Followers 92 Following
implr @implring
382 Followers 404 Following Cursed Computer Connoisseur @dragonsectorctf, BGP shitposting @bgpwtf, infrastructure security at An Alphabet Corporation
Disconnect3d @disconnect3d_pl
3K Followers 690 Following Security Engineer at @trailofbits. Pwndbg maintainer, justCatTheFish CTF team captain. Opinions are my own =)
Jakub Sajniak @kubolos231
199 Followers 310 Following Pentesting at @stm_cyber. Playing CTFs with @p4_team | @S™.
Patryk Sondej @patryk4815
157 Followers 150 Following cve-2023-32233 (author), golang/ Back-end Developer working at @wirtualnapolska nicknames: Cypis, patryk4815, CTF player at @justcatthefish, Pwndbg maintainer
foxtrot_charlie @foxtrot_0x4fult
1K Followers 2K Following It won't get better. Brace for impact lads! IT security researcher/pentester, IRCop. Senior shitposter & meme evangelist. @pagedout_zine doorkicker.
Michał Leszczyński @icedevml
355 Followers 59 Following Former Expert at @CERT_Polska_en | Web security / Virtual Machine Introspection / ITSEC Automation / NFC technologies
Adam 'pi3' Zabrocki @Adam_pi3
3K Followers 334 Following Director of Offensive Security @NVIDIA, architecting @RISC_V, @LKRG_org Founder, @BlackHatEvents & @Defcon Speaker, #Phrack author, @PwnieAwards nominee
kazet @kazet1234
77 Followers 14 Following
Robert Tomkowski @trodbert
176 Followers 93 Following Software and security engineer. Currently working on his world domination plan as CEO of @hacking_dept and Head of R&D at @stm_cyber. Member of @p4_team.
TheSasza8 @TSasza8
30 Followers 101 Following
Bonus @BonusPlay3
444 Followers 500 Following programming & hardware & security 🦆 Pretending I know what I'm doing at @stm_cyber. Playing CTFs for @p4_team.
Maya :3 @meithecatte
553 Followers 191 Following standard-issue programmer catgirl · |she/her⟩ + |it/they⟩ · irredeemably genderfucked · slut for abstraction and bit-wrangling · alleged math nerd
@[email protected]... @ptrcnull
451 Followers 407 Following she/her | 🥰🥺 | moved to the fediverse https://t.co/VPvrftHF7U ( @[email protected] ) also @ptrc.gay on Bluesky
2 Wanda 💙 @mwk4
845 Followers 205 Following reach heaven through violence pfp: https://t.co/ZM36jIonjV
Itay Cohen 🌱 @megabeets_
6K Followers 525 Following Animal liberation activist 🌟 Forbes 30 Under 30 • Sr. Principal Security Researcher @ Unit 42 • Maintainer of Cutter and Rizin • I don't eat animals.
Direction Blind Human... @mickeyftnt
236 Followers 1K Following Current: TD Bank Account for following infosec and healthcare people. I may DM you if I have queries
Hubert Jasudowicz @hjasudowicz
108 Followers 235 Following Playing CTFs for @p4_team. pwns and stuff.
Anna Miaśkiewicz @devnullek
673 Followers 492 Following
Gabi @hookgab
2K Followers 413 Following Security Researcher and Threat Hunter @SecureWithHUMAN Malware, gaming and everything in-between. ⚠️ My tweets are my own ⚠️ https://t.co/IK7sesL9M4
Pierre-Luc Vaudry @VaudryPL
10 Followers 11 Following #AI R&D for #emailsecurity @ZEROSPAM. PhD in #NLP @UMontrealDIRO. Degrees in both Computer science and #Linguistics. Thesis and several internships in #NLG.
Felix @felixw3000
2K Followers 499 Following 👨💻 Engineer, passionate about IT security 🔬 Daytime: Researcher @SophosXOps 🧪 Nightime: write-ups on experiments @ https://t.co/JD9nTOciQE 🙋 Opinions are my own
Knudsen Baio @JasonMilletary
455 Followers 550 Following shitposting and/or basketball more serious: https://t.co/KkRDPJhwgH
Vitali Kremez @VK_Intel
44K Followers 86 Following Ethical Hacker | Reverse Engineer | CEO @AdvIntel | Malware Course Author "Zero2Hero" / "Zero2Automated" | Former .gov Cybercrime | Threat Seeker Award
icchy @t0nk42
2K Followers 155 Following CTF @TokyoWesterns (founder/captain), ja: @icchyr, Opinions are my own. @[email protected]
Daniel Plohmann @push_pnx
4K Followers 185 Following Reverse Engineering & Malware Research @Fraunhofer_FKIE. Projects: @Malpedia, DGArchive, MCRIT, SMDA, ApiScout, IDAscope.
R0bert R0senb0rg @drProct0r
1K Followers 942 Following Playing cat and mouse with malware. R0bert is not my real name. I work for an AV company. Tweets are obviously mine.
Michał Kowalczyk �... @dsredford
4K Followers 157 Following reverse-engineering / low-level security @DragonSectorCTF vice-captain / Invisible Things Lab Mastodon: @[email protected] bsky: @mkow.bsky.social
Dhia Mahjoub, PhD @DhiaLite
2K Followers 3K Following Problem solver. Product builder. Innovator. former Head of Security Research @OpenDNS. #Cybersecurity, #DataAnalysis, #Web3, #BlockchainAnalytics.
Paweł Srokosz @_psrok1
1K Followers 298 Following Security researcher | Malware analyst at @CERT_Polska_en | @p4_team member
Nazywam @nazywam
1K Followers 299 Following 301 @nazywam.bsky.social //Security research at @CERT_Polska_en
Not on here anymore, ... @malwaretech
31K Followers 2 Following No longer using Twitter. Check out https://t.co/BYnF2Aml7H for where to find me.
Paul Burbage @hexlax
3K Followers 965 Following Co-Founder @MalBeacon | Board Member @BSidesCHS. Tweets are mine & should be dismissed as bourbon-fueled ramblings.
Jakub Kroustek @JakubKroustek
7K Followers 531 Following ɿɘɘniǫnɘ ɘƨɿɘvɘЯ / Malware hexorcist / Researcher / Malware Research Director at Gen (Avast). My tweets, my opinions.
Michael Gillespie @demonslay335
37K Followers 66 Following Loves cats, bunnies, and coding. #Ransomware Hunter. Creator of the service ID Ransomware. Views expressed are my own.Trends for United States
You might like
