Justin Hendricks @Script_Happens
Security Engineer. My opinions are my own. Joined March 2011-
Tweets142
-
Followers301
-
Following2K
-
Likes875
Justin Hendricks retweeted
📢 BlueHat 2023: Applications to Attend are NOW OPEN! 📢 If you are interested in attending @MSFTBlueHat in Redmond, WA, USA, Feb 8-9, 2023, please submit your application here: forms.office.com/Pages/Response… (Applications close Jan 6, 2023)
1
10
22
0
1
Justin Hendricks retweeted
Noticed that the number of visits to these notes started growing even while they were WIP (yeah, I work in prod 😅), so here they are: ired.team/offensive-secu… Thank you for sharing @harmj0y @tifkin_ @topotam77 @ExAndroidDev , it's all beautiful!
Justin Hendricks retweeted
It's been a while since our last thread and I need to kill time while a ginormous time travel trace file finishes copying, so let's talk a bit about LSA, the Windows Local Security Authority.
Justin Hendricks retweeted
Automatic on-premises Exchange Server mitigation is now in Microsoft Defender Antivirus. We have taken this additional step to further support our customers who have not yet implemented the complete security update. Learn more: msft.it/6017VMA3d
The nmap script that tests for CVE-2021-26855 had false negatives with 301 and 302 redirects (typically federated auth). This was fixed yesterday. Latest version: github.com/microsoft/CSS-…
Justin Hendricks retweeted
Run Exchange but are on an out-of-support Cumulative Update level and can't get updates for the March vulnerabilities? The Exchange team has delivered: techcommunity.microsoft.com/t5/exchange-te…
Also, there is a script to compare against files on the Exchange server it's run on: github.com/microsoft/CSS-…
Also, there is a script to compare against files on the Exchange server it's run on: github.com/microsoft/CSS-…
Justin Hendricks retweeted
Providing alternative mitigation techniques to help Microsoft Exchange customers needing more time to patch deployments & are willing to make risk & service function trade-offs. These mitigations are not remediation & aren't full protection against attack. msrc-blog.microsoft.com/2021/03/05/mic…
Great team with broad scope! Come find bugs in one of the biggest suite of cloud services.
Great team with broad scope! Come find bugs in one of the biggest suite of cloud services.
The most expensive game of Tetris ever played 😆 I'm pretty sure this is why MSFT stock is down today...
Justin Hendricks retweeted
Critical new defenses for OAuth consent phishing: • ✅ Publisher verification [pic 1] • 📋 Customizable app consent policies [pic 2] • 🚷 Globally disallowing user consent to new multi-tenant apps from unverified publishers (on Nov 8) 👉🏼📰 Details: techcommunity.microsoft.com/t5/azure-activ…
Justin Hendricks retweeted
Found #Telerik vulnerable to CVE-2019-18935 on a customer's network and can't seem to get the file upload to work? Host the payload yourself using @SecureAuth impacket. @noperator @mwulftange @bao7uo @straight_blast @pwntester @olekmirosh #bugbountytips #pentest #exploit #redteam
Justin Hendricks retweeted
Ever wanted to do reverse DNS lookups on an entire /16 range for free? Now you can! 😉 sonar.omnisint.io/reverse/95.138…
Justin Hendricks retweeted
A post on generating SSO cookies on Azure AD machines (without having to know the password) posts.specterops.io/requesting-azu…
Yes, go patch Skype and Sharepoint server. Better yet, migrate to Microsoft 365 and Microsoft will patch for you!
Yes, go patch Skype and Sharepoint server. Better yet, migrate to Microsoft 365 and Microsoft will patch for you!
Justin Hendricks retweeted
We discovered a 17-year-old vulnerability in all of Windows DNS Servers. SIGRed (CVE-2020-1350) is a wormable, critical vulnerability that can be used to achieve full Domain Administrator privileges. research.checkpoint.com/2020/resolving…
Justin Hendricks retweeted
An older vulnerability write up about an XSS on the #AWS console which I responsibly disclosed to Amazon Hope its interesting for some who are getting started with #pentesting embracethered.com/blog/posts/202… Also AMZN now awards #bugbounties via Hackerone. Check it out! No aws though
Justin Hendricks retweeted
Hardcoded secrets, unverified tokens, and other common JWT mistakes: @ermil0v shares what he learned from bug-hunting 2,000 npm modules: r2c.dev/blog/2020/hard…
David Weston (DWIZZZL... @dwizzzleMSFT
25K Followers 2K Following Corporate Vice President, OS Security and Enterprise @Microsoft
Justin Bollinger @Bandrel
6K Followers 2K Following hacker, finder of EKUwu (CVE-2024-49019) https://t.co/XQuqk8nGG6
John Lambert @JohnLaTwC
43K Followers 800 Following Corporate Vice President, Security Fellow, Microsoft Security Research, johnla(AT)https://t.co/3dGtq71Nby
Rob Fuller @mubix
79K Followers 25K Following Dad / Husband / Marine / Student / Teacher / @Hak5 / @NoVAHackers / @SiliconHBO / @NationalCCDC / @MARFORCYBER Auxiliary
Jacey Wiza @JaceyWiza85544
47 Followers 1K Following
Dark@Joker:~$ @ExploitNest
92 Followers 2K Following CRTA | CAP | OSCP (Aspirant) - Pentration Tester & Bug Hunter - Red Teamer 🤡
KristaPerez @kuyurino1973
18 Followers 164 Following We invite you to come here to find your soulmate. Please click on our blind date club WhatsApp link https://t.co/0Uuf4pksSF
Rajesh Chada @rajeshchada
50 Followers 527 Following
nanjin002 @nanjin00272827
21 Followers 4K Following
Jennifer Aniston @AnistonJen25683
214 Followers 4K Following My friends call me Jen. Founder, @lolavie
Sectest.IT @sectestIT
2 Followers 83 Following
Diego Boy @Diego_Boy
243 Followers 304 Following
Tom Jøran Sønstebys... @L1v1ng0ffTh3L4N
70 Followers 213 Following #RiskHunter and #CyberSecurity Researcher from Norway, specializing in #PenetrationTesting using only tools that are already on the system.
Seighez @Seighez451921
41 Followers 408 Following Mong bạn của bạn nói câu chúc bạn ngủ ngon , Tôi ở một mình không cảm thấy cô đơn
Chil @chilito007
22 Followers 662 Following
step @basheerzeh36163
48 Followers 1K Following
arian @arian6916698413
0 Followers 35 Following
crawler_cookie_0 @crawler_cookie0
49 Followers 4K Following
Gaurav Mathur @gmat0991
90 Followers 95 Following Quantum Physics. Ethical Hacking. Heavy Metal. Manchester City. Security PM at MSRC, Microsoft. Opinions are my own.
Forrest Kasler @FKasler
540 Followers 394 Following Climber, Penetration Tester, Code Junkie, Malware Enthusiast @specterops
Mr Elliot @eliotsec
0 Followers 2K Following
Azad @azadi1999
31 Followers 422 Following
enthusiastic @ebimohamadi63
196 Followers 2K Following The cryptocurrency melts in my mouth, I die for it.python
Ashwin Patil @ashwinpatil
2K Followers 1K Following Senior Security Researcher @Microsoft Tweets my own opinions, not my employers. #DFIR #datascience #threathunting #MicrosoftSentinel #python 🐍 #rstats
Daniel Sidler @dsidler
78 Followers 266 Following You didn't ask for it, but here you go: @dsidler.ch on bsky /// Also, if I unfollow you it's because I follow you over there now.
Jeremy Sinclair #ฺN... @sinclairinat0r
11K Followers 7K Following #BlackTechTwitter's anime obsessed, #ADHD cursed, super enthusiastic .NET Dev #WindowsInsider #WIMVP, #WinDevMVP, #AvaloniaMVP #WindowsOnArm @dotnetfdn member
Sami Laiho @samilaiho
30K Followers 684 Following Chief Research Officer (opinions are my own) / #1 & #2 at Ignite 2018 / Best Session - NIC x 5 / MVP Windows OS / https://t.co/YcBqnFQOur / PluralsightAuthor
F1ras Fatnassi 🇹�... @Fatnass1F1ras
1K Followers 953 Following running, on-chain trading, security, MSRC MVR 2022, 2023 & 2025.
Mohammad @haizax_mohammad
626 Followers 821 Following interested in web application security 🔴⚪ an Arsenal fan | atheist
Cam @SecretlyHidden1
2K Followers 229 Following Former full time bug bounty hunter - now doing security stuff at places :)
Carlo Cardella @_carloc
134 Followers 1K Following Senior Software Engineer at Microsoft Corp, Redmond. View and opinions are my own, not my employer's
Sick.Codes @sickcodes
17K Followers 6K Following Security researcher 🇦🇺 Good-faith hacking 🤡 Weaponizing source code 🧬 https://t.co/qulkQaGWp9
Gareth Evans @kryc_uk
575 Followers 167 Following Security Researcher. Microsoft Edge Security Lead. Words & Opinions are my own.
Callum @callum_infosec
271 Followers 103 Following
TezOnSecurity @KingCrtz
225 Followers 202 Following Father | Unapologetically Black | Creative | Ex Lead Cyber Threat Hunter HuntressLabs
Ankush Jain @Ankush12389
435 Followers 112 Following Co-founder @Aktodotio - API security company, Ex @CleverTap @MorganStanley, CS @IITBombay https://t.co/zV7tY9cfLw…
alon @41thexplorer
1K Followers 567 Following ✨ Leading research & AI @wiz_io ⚠️ @cloudvulndb maintainer 🎙️ https://t.co/DKKysajdfF producer
Lakindu Jayasena @LakinduJayasena
660 Followers 4K Following Tech Enthusiast 🔍 | IT Systems Engineer 👨💻 | Blogger ✍ || CCNA | RHCSA | RHCE | AWS SAA
Ed @E_d_S_0
118 Followers 868 Following
intrigus @intrigus_
266 Followers 184 Following I create and break stuff. GitHub ⭐. @KITCTF. #Java, #CodeQL and #V8. Github: https://t.co/2eJKNdhQaV Security stuff: https://t.co/eg564HmccR
John Kornfeld @EastmanK0dak
5 Followers 182 Following
丹野円花 @dnyyunhu1
105 Followers 1K Following 親の介護を続けながらも三か月後に月収1800万円達成💖 嬉しい声数々もらってます💪 フォロワーさんにだけDMにて副業紹介させて頂いてます🍒
SwiftOnSecurity @SwiftOnSecurity
405K Followers 9K Following computer security person. former helpdesk.
Dave Kennedy @HackingDave
223K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
David Weston (DWIZZZL... @dwizzzleMSFT
25K Followers 2K Following Corporate Vice President, OS Security and Enterprise @Microsoft
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Greg Linares (Laughin... @Laughing_Mantis
37K Followers 2K Following 20+ yrs in Infosec. Malware Influencer. I turn Malware into Art and Music. Art @MalwareArt. 4x Pwnie Nominee. 𝕍𝕏. GameDev. Autistic.
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
JS0N Haddix @Jhaddix
167K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec
Matt Zorich @reprise_99
14K Followers 2K Following @Microsoft Security | https://t.co/HWozKuixTi | Tweets are my own
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Justin Bollinger @Bandrel
6K Followers 2K Following hacker, finder of EKUwu (CVE-2024-49019) https://t.co/XQuqk8nGG6
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Steve YARA Synapse Mi... @stvemillertime
17K Followers 1K Following threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
Jake Williams @MalwareJake
142K Followers 2K Following Breaker of software | VP R&D @hunterstrategy | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | GSE #150 | He/him
briankrebs @briankrebs
333K Followers 2K Following Independent investigative journalist. Author of 'Spam Nation,' a NYT bestseller. Former Washington Post reporter. Mastodon: https://t.co/fTKNavlMwp
Adam Chester 🏴�... @_xpn_
36K Followers 501 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Microsoft Threat Inte... @MsftSecIntel
187K Followers 1K Following We are Microsoft's global network of security experts. Follow for security research and threat intelligence.
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows | Interested in Security, Debugging, and Windows Internals.
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
OpenAI Developers @OpenAIDevs
222K Followers 1 Following Updates for developers building with the OpenAI Platform and API • Service status: https://t.co/kZwnwdYqOS • Support: https://t.co/qCi6M5ESZU
Riley Coyote @RileyRalmuto
12K Followers 1K Following ─◯͠─ field architect ψ systems engineer ψ shy boy ⟁🜇 | $NEXUS
Khoa Dinh @_l0gg
2K Followers 119 Following
Rajesh Chada @rajeshchada
50 Followers 527 Following
Louis Nyffenegger @snyff
20K Followers 590 Following Founder/CEO/Trainer/Researcher/CVE archeologist @PentesterLab. Security engineer. Bugs are my own, not of my employer...
Andrea P @decoder_it
8K Followers 290 Following Security Consultant @semperistech . Independent Security Researcher. Cyclist & Scubadiver. MSRC MVR 2022. "So di non sapere"
Vesa Juvonen @vesajuvonen
20K Followers 544 Following Recovering consultant. Product Manager at Microsoft on the community & ecosystem areas | MVP Lead | he/him | #SharingIsCaring #CommunityRocks #SPFx #M365PnP 🧡
Lukas Beran @lukasberancz
2K Followers 243 Following Senior Security Researcher (DART) @Microsoft. Opinions are my own. #MSIncidentResponse #DART #Microsoft365 #EntraID #DefenderXDR #Sentinel
Clément Notin @cnotin
6K Followers 974 Following 😈 Security research (#ActiveDirectory #EntraID) & pentest 🎉 #CTF @tipi_hack 👨💼 Works @TenableSecurity, opinions my own 🪂 https://t.co/4HRwJQ6PUm
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Timo Lo(n)gin @timolongin
385 Followers 33 Following Currently pwning elderly Internet protocols Mastodon: @[email protected]
Dave Anderson @scarletinked
10K Followers 132 Following Newsletter: https://t.co/xmdIXiOqaR Ex. GM and Tech Director at Amazon. Ex. CTO at Bezos Academy. https://t.co/yloCBNd83K
0 day exploit @0day_exploit_
3K Followers 723 Following Security Researcher | Crypto auditor and malware analyst 🥰
Colin Rubbert @ColinRubbert
373 Followers 1K Following ¯\_(ツ)_/¯ bug bounty, hacker or some other thing, who knows anymore ¯\_(ツ)_/¯
Megantron (@megan@inf... @megan_roddie
6K Followers 4K Following Detection Engineer. Co-Author, SANS FOR509. Author, Practical Detection Engineering. @HackersHealth CFO. Ammy Muay Thai fighter/coach. #ActuallyAutistic.
ulזra @lordx64
7K Followers 5K Following 🇺🇸rust/solana dev + AI + 20 years cyber security veteran https://t.co/TjaioUQX2Q
Brian Campbell @__b_c
3K Followers 500 Following Engineer and org chart anomaly @pingidentity. Self-renowned workation photographer. Opinions my own unless plagiarized from someone smarter and/or funnier.
Hash Miser @H_Miser
9K Followers 1K Following Internet janitor, #CERT #BlueTeam and Whisk(e)y enthusiast "Everything you do is useless ! Enjoy 🍻" [email protected] https://t.co/pBOfukJZJi
Ryan McGeehan @Magoo
6K Followers 716 Following Writes "Starting Up Security" @ https://t.co/Rv0MaSThQ1, tweets horror stories @badthingsdaily
Rachel Tobac @RachelTobac
108K Followers 8K Following Friendly Hacker & CEO @SocialProofSec security awareness/social engineering prevention Training, Videos, Talks | 3X @DEFCON🥈| Chair @WISPorg | Ex @CISAgov TAC
Gaurav Mathur @gmat0991
90 Followers 95 Following Quantum Physics. Ethical Hacking. Heavy Metal. Manchester City. Security PM at MSRC, Microsoft. Opinions are my own.
Tim McGuffin @NotMedic
6K Followers 2K Following Back to Red Teaming. Risk Hunter. DEFCON Staff & CFP Board. MS in DF. Fmr Fire/EMS. Red and Blue. Builder. Morally Flexible. https://t.co/zakkIXeyHu @ bluesky
Bug Bounty Reports Ex... @gregxsunday
52K Followers 616 Following Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.
Shannon McHale @_shannon_mchale
1K Followers 691 Following Red Team @ Mandiant/Google 👩🏻💻 Focused on hacking and protecting clouds. Presenter at DefCon, ShmooCon, WiCyS, and WiConnects. Ex-@RITSECclub President
Lindsey O-Donnell-Wel... @LindseyOD123
3K Followers 2K Following Cybersecurity writer @HuntressLabs @DecipherSec Previous @ThreatPost, @CRN, @Holy_cross alum
Forrest Kasler @FKasler
540 Followers 394 Following Climber, Penetration Tester, Code Junkie, Malware Enthusiast @specterops
☠️ Brandon @__mez0__
3K Followers 432 Following 👽 UNC1194 🔥 Targeted Ops @TrustedSec 🤖 Dev @preemptdev "purveyors of the prettiest log files"
Kijo Ninja @kj_ninja25
2K Followers 97 Following Security PM, R&D @Microsoft - Microsoft Defender XDR, Kijo Ninja 🥷 #修行中 - learning C/C++ #Triathlete 🏊♂️ 🚴 🏃♀️ My tweets are my own
J. A. Guerrero-Saade @juanandres_gs
16K Followers 273 Following Executive Director for Intelligence and Research @SentinelOne | Distinguished Fellow, @SAISHopkins Alperovitch |LABScon|Cyber Paleontologist|4thParty Collector
Amit Zavery @azavery
3K Followers 424 Following President, CPO, and COO at ServiceNow | Views and comments are my own
Gerson Levitz @gman4626
566 Followers 163 Following Cyber-security, Defender for Identity (MDI), MDA, M365, etc. MSFT (opinions are mine) Mt Biking, Photography, Hiking, Camping, Family, Wine, Sourdough baking ..
Thomas Seigneuret @_zblurx
3K Followers 389 Following Red Teamer & Security researcher Maintainer of #NetExec, #DonPAPI, dploot, certsync, and all the stuff on my github repo bsky: https://t.co/zISpgvDSWc
TracketPacer @TracketPacer
58K Followers 396 Following 🚀 rockit network engineer 👩🏼💻🛜 weird use cases & silly tech | find me on a platform not run by a nazi 👋🏼
Elad Shamir @elad_shamir
5K Followers 39 Following
Nasreddine Benchercha... @nas_bench
11K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
Valeriy @Krevetk0Valeriy
5K Followers 843 Following Security enthusiast, bug bounty hunter at @Hacker0x01 and @Bugcrowd https://t.co/RjYvPJaXTW https://t.co/dkUfA2vywe
NULL @NUL0x4C
9K Followers 393 Following Windows Malware Researcher | co-founder of https://t.co/1YRk2CEjaO
MalDev Academy @MalDevAcademy
17K Followers 5 Following Providing specialized, module-based security training and resources designed for cyber security professionals
Jim Sykora @JimSycurity
2K Followers 2K Following I enjoy security, technology, learning, books, & the great outdoors. Trying to be human & kind. Opinions = mine. He/Him/Hän
remy🐀 @_mattata
7K Followers 3K Following Dad, Vulnerability Research, Packet connoisseur. He/Him. Cyber Security Architect @GreyNoiseIO, DM's open. Top percentage Rattata. #cve #infosec #cybersecurity
Linda Yaccarino @lindayaX
668K Followers 2K Following CEO of eMed Population Health, Mom, foodie, fashion enthusiast, @penn_state alum, former CEO of XTrends for United States
184 B posts
18,9 B posts
11,5 B posts
1.714 posts
1.820 posts
5.608 posts
21,1 B posts
49,4 B posts
5.766 posts
38,3 B posts
130 B posts
18,4 B posts
1.201 posts
1.159 posts
53,7 B posts
You might like
Ale (pikacodes)
@pikacodes
95K Followers
Joe Grand
@joegrand
28K Followers
Daniel Cranney 🇬�...
@danielcranney
24K Followers
Objective-See Foundat...
@objective_see
19K Followers
David Weston (DWIZZZL...
@dwizzzleMSFT
25K Followers
Eduard Kovacs
@EduardKovacs
14K Followers
Black Hills Informati...
@BHinfoSecurity
48K Followers
GIAC Certifications
@CertifyGIAC
12K Followers
Kanika Tolver
@KanikaTolver
63K Followers
Snort 🐷
@snort
23K Followers
Mike @ HTML All The T...
@htmleverything
32K Followers
Malware Patrol
@MalwarePatrol
9K Followers
ς๏гєɭคภς0�...
@corelanc0d3r
26K Followers
Lou Creemers
@lovelacecoding
33K Followers