birg0 @_birg0
Paris, Ile-de-France Joined October 2015-
Tweets90
-
Followers61
-
Following327
-
Likes363
Nouvel article technique concernant les comptes machines dans Active Directory. Découvrez comment ils sont exploités et comment s’en protéger dans notre dernier blog post : mobeta.fr/active-directo… #cybersecurity #pentest #activedirectory
Since an exploit has been published, here's ours: #CosmicSting (2024-34102) + #CNEXT (CVE-2024-2961), giving RCE on #Magento github.com/ambionics/cnex…
Scalpel is here: this @Burp_Suite extension lets you edit your requests, in Python 3, in the repeater or on-the-fly. ambionics.io/blog/scalpel
Iconv, set the charset to RCE: in the first blog post of this series, @cfreal_ will show a new exploitation vector to get RCE in PHP from a file read primitive, using a bug in iconv() (CVE-2024-2961) ambionics.io/blog/iconv-cve…
Here's an educational POC for #xortigate (CVE-2023-27997). I'll cover the vulnerability at @hexacon_fr this Saturday, and @BlackAlpsConf a few days later! github.com/lexfo/xortigat…
#Fortinet patched #CVE-2023-27997, a critical vulnerability affecting its VPN #Fortigate. Our latest blogpost describes the technical details about the bug, a pre-auth heap overflow, with a twist. #xortigate blog.lexfo.fr/xortigate-cve-…
Our researchers found a pre-auth RCE on #Fortigate SSL VPN. Stay tuned for the blogpost ! (CVE-2023-27997)
Our researchers found a pre-auth RCE on #Fortigate SSL VPN. Stay tuned for the blogpost ! (CVE-2023-27997)
Introducing sshimpanzee, a reverse shell made by @TitouanLazard based on openssh's sshd. It supports DNS, ICMP and HTTP encapsulation as well as SOCKS and HTTP Proxies : blog.lexfo.fr/sshimpanzee.ht…
Just dropped some new cool things on the AD cheatsheets: - SCCM primary site takeover - RODC attacks and pivoting - Techniques I have previously forgotten about retrieving credentials hideandsec.sh/books/cheatshe… hideandsec.sh/books/cheatshe…
A few months ago, we reported a pre-auth Remote Code Execution #RCE vulnerability to @vBulletin. The exploitation of this unserialize() bug was tricky, as vBulletin classes are not deserialisable. Discover the exploitation in our latest blogpost: ambionics.io/blog/vbulletin…
Great new tool by @bananabr to find folders excluded from antivirus scanning by comparing file write times across tested folders. Writes to excluded folders finish much faster as they don't have their writes intercepted by AV. Clever! github.com/bananabr/TimeE…
New technique to dump NTDS remotely WITHOUT DSRUAPI: github.com/zblurx/certsync (Golden Certificates + UnPAC the hash automation) Thanks @ly4k_ for certipy, which my script heavily relies on.
Today we're publishing new techniques for recovering NTLM hashes from encrypted credentials protected by Windows Defender Credential Guard. These techniques also work on victims logged on before the server was compromised. research.ifcr.dk/pass-the-chall…
In this post @Sant0rryu shows an attack chain where you can abuse ADCS to escalate from a Virtual Account / Service account to local SYSTEM. As homage to other *potato tools, it could even be called CertPotato. 👀 sensepost.com/blog/2022/cert…
Tunneling Internet through WhatsApp to avoid network restrictions github.com/aleixrodriala/…
Welcome to the new AD Mindmap upgrade ! v2022_11 will be dark only (this is too painful to maintain two versions). Thx again to : @Vikingfr and @Sant0rryu for their help 👍 Full quality and zoomable version here : orange-cyberdefense.github.io/ocd-mindmaps/i… Overview :
🧵 (1/) Forged Tickets Thread Golden 🔑 tickets are no longer in fashion, so here’s a short memo on using Diamond 💎 (@exploitph) and Sapphire (@_nwodtuhs) tickets with ticketer[.]py from #Impacket. At first let’s recap what we already know about Golden tickets ⤵️ #ad #kerberos
Audit your DNS config, you'd be shocked at how bad it can get github.com/punk-security/…
Glad to finally get my AS-REQ research out there. @Microsoft decided requesting ST's from the AS was by design so here's a couple of ways to Kerberoast without any creds and bypass detections based on 4769's
Glad to finally get my AS-REQ research out there. @Microsoft decided requesting ST's from the AS was by design so here's a couple of ways to Kerberoast without any creds and bypass detections based on 4769's
Earn USDC @w0r665v8g864742
2 Followers 269 Following Get stable daily returns ($2–$20,000) through smart contract staking—all from your phone! Join now: https://t.co/vqmg88Tpov
timlake @timlake252160
0 Followers 2K Following
Alruikoo @Alruikoo14490
0 Followers 408 Following
swéét @swt886885614728
53 Followers 4K Following
nanjin002 @nanjin00272827
21 Followers 4K Following
MalwareHunterTest @malware_test
1 Followers 112 Following
Sélim Lanouar @whattheslime
57 Followers 144 Following French cyber security auditor and researcher.
crawler_cookie_0 @crawler_cookie0
49 Followers 4K Following
topotam @topotam77
4K Followers 690 Following All I know is that I know nothing. I like Windows, Active Directory and IoT/Hardware hacking. "Responsable mais pas coupable" de PetitPotam
Mistress Sophia Sahar... @mistress_sah
38 Followers 227 Following
Titouan Lazard @TitouanLazard
342 Followers 1K Following Infosec and hacking, interested in firmware/kernel security
Charles Fol @cfreal_
4K Followers 667 Following previously @ambionics @LexfoSecurite – blogs: https://t.co/cLoNdCGPU7 https://t.co/JVMLjUzTJU https://t.co/t9a5IcOXSU
bernstein @bernsteining
331 Followers 1K Following information security, software dev, maths, fractals https://t.co/2BFPfvICgt https://t.co/SVAPm1RSZE
Worty @_Worty
3K Followers 555 Following Organizer of @HeroCTF || ctf w/ @FlatNetworkOrg || TeamFR 2021, 2022 & 2025 🇫🇷 || 🥷 @Synacktiv
Laluka@OffenSkill @TheLaluka
5K Followers 1K Following Sharing is Caring, Hacker, Eternel Learner, Cat! =^~^=
leco @_lec0_
42 Followers 265 Following
Raphael Walter @Raphzer
75 Followers 146 Following
akoz @akoz08036781
0 Followers 34 Following
Unlock Your Brain, Ha... @UYBHYS
2K Followers 1K Following The Wild Wild #infosec Conference organisée par @AnDaolVras 10e édition : les 7 & 8 novembre 2025 à #Brest ! #secnum #UYBHYS
Dmitry Vostokov 🇮�... @DumpAnalysis
8K Followers 6K Following Diagnostician. Author of Diagnomicon. Gang of One. Software Surgeon. Machine Learning and AI for Software Diagnostics and Observability. Generative Debugging.
meik 🥋☠️✌️... @meikk
1K Followers 3K Following X/Twitter is dead. read-only account follow me on bsky instead.
Nicolas Chatelain @Nicocha30
359 Followers 290 Following Security researcher | Ligolo/Ligolo-ng/Chashell author
francois mehault @FMehault
15 Followers 114 Following
mkarte @my3ker
54 Followers 290 Following
Issam Rabhi @Issam_Rabhi
4K Followers 1K Following Phd in Computer Science. Acknowledged by Google more than 100 times!
Olivier @NiluarO
759 Followers 850 Following Sysadmin Linux indépendant nano > vim Attention, j'suis probablement plus con que toi.
Katerina Caramanica @KaterinaCarama1
2 Followers 66 Following
Anaïs @AnaisJamrich
6 Followers 60 Following
Poppers pas cher @popperspascher1
1K Followers 2K Following Shop en ligne pour acheter vos 🔥 Poppers 💊 Stimulants 💦Lubrifiants aux meilleurs prix.
Julien RICHY @Julienrichy
20 Followers 60 Following Snap: julien.richy🐥 - Director of a summer camp company 🏕️ - 32 ♂️🌈
Ben Fullner @bfullner
424 Followers 2K Following
Philip Elder @MPECSInc
2K Followers 374 Following Microsoft MVP '09-Present. We design & build HA solutions for on-premises, data centre, & hybrid. Workload Migration Specialists. Active Directory Security.
BARA @barathinktank
7K Followers 178 Following Think tank étudiant collaboratif 👤 https://t.co/4DrJk2TiAI Ensemble, éclairons notre horizon 🌍
Sicarius @ElS1carius
2K Followers 259 Following Pentester, Web specialized 🪲 Top 30 YesWeHack https://t.co/bJ2s5TWqYf Check my website if you're bored https://t.co/tdzCTEUbuO :)
Petrus Germanicus @gothburz
7K Followers 393 Following Sr. Threat Researcher @theZDI 🥷🏻🛡️👨🏼💻Threat hunter 🎯 Creator of @cybercronai 🤖📊 opinions my own 💭
JESSIM 🇵🇸🍉 @jessimdev
16K Followers 674 Following 📱 Je code des sites et des applis 📨 Contact : [email protected] 🚀 Co Founder : Iqra / Subflow / Boostr
Manfred Paul @_manfp
5K Followers 315 Following Security but not as in "national security". Playing CTFs with @redrocket_ctf (and @Sauercl0ud). Pwn2Own Vancouver 2020..=2024\{2023}. @[email protected]
Dlive @D1iv3
2K Followers 1K Following Security Researcher. 2022 MSRC MVR. Windows Active Directory Security / Cloud Security / Web Security. Tweets are my own.
Sélim Lanouar @whattheslime
57 Followers 144 Following French cyber security auditor and researcher.
Tear Off @TearOffFR
210K Followers 211 Following Actus F1, Résultats, Déclas & plus. Suivez toute l'actualité du sport auto... sans filtre ! ✉️ [email protected]
L’encyclopédiste �... @Lencyclopediste
120K Followers 202 Following Le compte à suivre pour la culture et l’histoire. Autres réseaux : Snapchat ➤ lencyclo / Insta ➤ l_encyclopediste
AlertesInfos @AlertesInfos
777K Followers 196 Following ✍️ L’information dans la seconde | 📲 Suivez-nous sur TikTok : https://t.co/MNTuYBx1PX | 📩 Contact pro : [email protected]
n00py @n00py1
13K Followers 963 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
Titouan Lazard @TitouanLazard
342 Followers 1K Following Infosec and hacking, interested in firmware/kernel security
Thomas Seigneuret @_zblurx
3K Followers 389 Following Red Teamer & Security researcher Maintainer of #NetExec, #DonPAPI, dploot, certsync, and all the stuff on my github repo bsky: https://t.co/zISpgvDSWc
Mayfly @M4yFly
7K Followers 782 Following Former Dev and DevOps| Pentester and red teamer at orange cyberdefense | OSCE³| Tweet are my own| discord: m4yfly
MDSec @MDSecLabs
15K Followers 0 Following Consultancy and Training from a trusted supplier of offensive security. Red Team and Adversary Simulation by ActiveBreach team | https://t.co/fqpbJ9WDXD | https://t.co/UvOhGA4Zou
James Kettle @albinowax
79K Followers 92 Following Director of Research at PortSwigger aka Burp Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
张惠倩 @momika233
18K Followers 222 Following Anda boleh melakukan segala-galanya dari syurga ke bumi, wanita kecil!! If you have any questions, please contact me https://t.co/MkzsavUU9V
Kévin GERVOT (Mizu) @kevin_mizu
6K Followers 755 Following Researcher for @ctbbpodcast lab 🐛 | DOMLogger++ developer 👨🏻💻 | CTF with @FlatNetworkOrg, @rhackgondins 🦦 | @ECSC_TeamFrance 2023 🇫🇷
Cerfia @CerfiaFR
1.2M Followers 105 Following 📲 L’actualité à portée de main ! | 📩 [email protected] Suivez-nous sur Instagram : https://t.co/nikg4Gf4ZE 🗞️ @CerfiaInside | ▶️ @CerfiaPlay
Aurélien Chalot @Defte_
3K Followers 459 Following Hacker, sysadmin and security researcher @OrangeCyberdef 💻 Calisthenic enthousiast 💪 and wannabe philosopher https://t.co/SqDDhIGGGh 📖 🔥 Hide&Sec 🔥
Nepal News English @nepalnews_eng
37K Followers 1 Following Nepal News offers accurate and independent news with multi-sided perspectives on Nepal.
OPENCYBER @OPENCYBER_FR
111 Followers 32 Following
NK @Nikaiw
570 Followers 907 Following
Linux Kernel Security @linkersec
9K Followers 0 Following Links related to Linux kernel security and exploitation. Maintained by @andreyknvl and @a13xp0p0v. Also on https://t.co/GVE11dpBb8 and https://t.co/YpxPWXnA6Z.
bernstein @bernsteining
331 Followers 1K Following information security, software dev, maths, fractals https://t.co/2BFPfvICgt https://t.co/SVAPm1RSZE
I Fly Bernard @i_fly_Bernard
54K Followers 8 Following 63 milliardaires français émettent autant de CO2 que 50% de la population (source Oxfam / Greenpeace 2022)
Worty @_Worty
3K Followers 555 Following Organizer of @HeroCTF || ctf w/ @FlatNetworkOrg || TeamFR 2021, 2022 & 2025 🇫🇷 || 🥷 @Synacktiv
ACCEIS @acceis
798 Followers 91 Following Centre d'expertises en cybersécurité | CESTI | PASSI | Expertise technique, sécurité offensive et conseil en gouvernance cyber - on recrute !
Charlie Clark @exploitph
5K Followers 1K Following
SecureAuth @SecureAuth
9K Followers 6K Following SecureAuth IAM solutions provide dynamic, AI-driven authentication and privacy. Protect data, engage employees, delight customers. Welcome to Better Identity.
noraj @noraj_rawsec
3K Followers 382 Following 🇫🇷 Penetration test engineer, security researcher and #BlackArch Linux maintainer.
Trends for United States
You might like
