Dirk-jan @_dirkjan
Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier. dirkjanm.io Joined December 2017-
Tweets2K
-
Followers28K
-
Following206
-
Likes4K
Dirk-jan retweeted
For those of you at home, here's your reminder that the conference is being live streamed! ;) Track 1: youtube.com/live/JBDqwVuQb… Track 2: youtube.com/live/7ktbrzuoe…
0
12
26
3K
12
Download Image
📢 New date for my "Offensive Entra ID security" course: December 8-11th 2025. This will be the last event this year. The previous events sold out quite fast so don't wait too long if you want to attend! 😀 events.outsidersecurity.nl/entra-25-12/
Dirk-jan retweeted
Looking at a Roadrecon collection through the lenses of SQLiteBrowser may pay dividends. It allows you to perform custom SQL queries and, overall, search intelligently. For this purpose I'm publishing a list of Roadrecon-compatible SQL queries stmxcsr.com/micro/roadreco…
Dirk-jan retweeted
🚨 Microsoft admins, are your conditional access policies weak? 😱 @fabian_bader shares some common bypasses in our latest Entra.Chat podcast episode! 🔒 Dive into this thread for must-know insights to secure your tenant! 🧵👇 #Cybersecurity #MicrosoftEntra
This was fun! Though I probably skipped a few steps 😅
This was fun! Though I probably skipped a few steps 😅
It seems there now is a BOF implementation of ADSyncDecrypt to dump Entra ID connect creds 👀 github.com/Paradoxis/ADSy…
Dirk-jan retweeted
I just started a new blog, and this is my first post. I took a bit of PTO, so this is a little record of some fun I had playing around with Intune during that time. It's about enrollment restriction bypass😄 temp43487580.github.io/intune/bypass-…
If you didn't find my Black Hat / Def Con slides yet, they are available on dirkjanm.io/talks . Also includes the demo videos where I use actor tokens from on-prem to access SharePoint online and get Global Admin.
Dirk-jan retweeted
👀Turns out MS-EVEN can do a lot more than NULL auth: In addition to leaking environment variables, it is possible to coerce authentication from arbitrary logged on users* 🤯 *If you are willing to trigger Windows Defender.
This is awesome research and worth a watch!
This is awesome research and worth a watch!
Dirk-jan retweeted
Le sigh... This isn't bypassing FIDO auth (it's called passkeys now btw). It's just asking the user to use a weaker method that they were allowed to use. The solution is to randomize the password so nobody knows it, and if you can't, use auth strengths to prevent weaker methods
Le sigh... This isn't bypassing FIDO auth (it's called passkeys now btw). It's just asking the user to use a weaker method that they were allowed to use. The solution is to randomize the password so nobody knows it, and if you can't, use auth strengths to prevent weaker methods
More BroCi resources! Great write-up on a few cases where Nested App Authentication is useful 😀
More BroCi resources! Great write-up on a few cases where Nested App Authentication is useful 😀
Dirk-jan retweeted
PDQ SmartDeploy versions prior to 3.0.2046 used static, hardcoded encryption keys for cred storage. Low-privileged users could potentially access admin creds from registry or deployment files. @unsigned_sh0rt unpacks his testing in his latest blog post. ghst.ly/4mjyuvw
Dirk-jan retweeted
A special shoutout to the many 🇪🇺European cyber researchers presenting their work at #DEFCON, you were awesome. 🇳🇱@_dirkjan @John_Fokker 🇮🇹@Van1sh_BSidesIT 🇫🇷@christophetd @fr0gger_ @kalimer0x00 🇧🇪@RedByte1337 🇨🇿@marektoth 🇬🇧@_mattmuir @johnnyspandex @buffaloverflow +many others
Dirk-jan retweeted
I am back to posting to ADSecurity.org in my free time (which I have again). I plan on adding new content relating to Active Directory & Azure AD (now Entra ID). First up is "Entra & Azure Managed Access Revisited". This article expands on one I wrote years ago about…
Dirk-jan retweeted
You can read about our overall research project at blog.amberwolf.com/blog/2025/augu… and learn about a SAML Authentication bypass in Zscaler (CVE-2025-54982) at blog.amberwolf.com/blog/2025/augu…
Dropped some ROADtools stickers at the @cloudvillage_dc CTF room 👀
Dirk-jan retweeted
Soooo close. Great stuff
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Florian Hansemann @CyberWarship
84K Followers 47 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
ippsec @ippsec
119K Followers 353 Following
Adam Chester 🏴�... @_xpn_
36K Followers 501 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
DirectoryRanger @DirectoryRanger
35K Followers 96 Following This account assembles and disseminates information related to Active Directory and Windows security.
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Charlie Bromberg « ... @_nwodtuhs
15K Followers 653 Following Trying to hack the way we hack things 🏴☠️
mpgn @mpgn_x64
18K Followers 230 Following Flibustier du net ̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿ Podcast Hack'n Speak @hacknspeak / https://t.co/GyACSFg9mw
Josh @passthehashbrwn
10K Followers 332 Following Adversarial Simulation at IBM, tweets are mine etc.
Mike Felch (Stay Read... @ustayready
16K Followers 2K Following Targeted Ops Red Team @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | I speak for myself only | K1HAQ
sn🥶vvcr💥sh @snovvcrash
12K Followers 488 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
rootsecdev @rootsecdev
26K Followers 1K Following Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
mgeeky | Mariusz Bana... @mariuszbit
14K Followers 812 Following 🔴 Operator, Initial Access afficionado, Researcher, ex-AV engine developer, ex-Malware analyst 🦋 @mgeeky.bsky.social 🫖 green tea lover
Matt Zorich @reprise_99
14K Followers 2K Following @Microsoft Security | https://t.co/HWozKuixTi | Tweets are my own
Antoine Aurand @aur40148
0 Followers 43 Following
0xf2258f @0xf2258f_fr
66 Followers 1K Following Infosec/DFIR → DevOps & Data Eng | Builder of automation & SaaS | Agentic AI | Blockchain/crypto, finance & econ buff | Always with coffee
maxi @maxi_rch
208 Followers 1K Following
Manuel Borries @Maneridiet
12 Followers 248 Following
cd @cd5567
0 Followers 44 Following
Sharon @Sharon18866
6 Followers 139 Following 👨💻 Dev Advocate | OSS Security Enthusiast Next-gen open-source WAF: SafeLineWAF. Feel free to reach me out!📮[email protected]
IJ @iliko_official
26 Followers 171 Following
Raven158 @Turbo5atan
0 Followers 59 Following
Tomasz Foltman @toffitomek
43 Followers 718 Following
dariush @dariush_2026e
14 Followers 958 Following 🖤یاور از ره رسیده با من از ایران بگو🖤 درود بی کران بر شما مهربانو و مهربان آریایی خوش آمدید سپاس برای همراهی ما به پاس آمدن شما از جای خود بر می خیزیم
Joey Fitzpatrick @_joeyfitz
98 Followers 219 Following Threat Analysis Director @ Stealth Startup | USAF Veteran | views are my own
Info Sound Cybersecur... @soundcybersec
0 Followers 17 Following Independent cybersecurity consulting & testing for SMB's. Complimentary external pentest (10 IPs) + attack surface scan - DM us today to learn more!
csec123 @Csec123Csec99
3 Followers 210 Following
Bill @Bill58441559
0 Followers 54 Following
kkkkk12345 @kkkkk123456722
1 Followers 50 Following
Sambam4mba @he31707900
8 Followers 917 Following Bor3d hacker of iot devices, security researcher? Security Breacher!
Max Andreacchi @atomicchonk
3 Followers 43 Following AI Security Researcher and Red Teamer at SpecterOps | Corgi Dad
chiru.rs 🦀 @chiru_chintha9
96 Followers 2K Following web3 security researcher | obsessed with rust 🦀| solana
aseel @aloufi_asm
4 Followers 310 Following
Rohit Rajwansi @rajwansi_rohit
17 Followers 390 Following IIT Bombay EE 2018 भारतीय अभियंता, Network Security, Red Team, White Hat, Backend developer, Python, Lang-chain, LLM, Bug Bounty, DHH, Music production 🎁
GR @glauberjr
68 Followers 499 Following
Xidious @X1dious
26 Followers 414 Following Professional log pursuer | putting the whoami in advanced actors | questionable at best
Jahuni @iamjahuni
34 Followers 278 Following
Darrius Robinson @rbnroot
0 Followers 54 Following
AkamuNui @AkamuNui
0 Followers 101 Following
almosaiki @almosaiki_
0 Followers 28 Following
Youming Lin @SudoR00tMe
38 Followers 256 Following
Anass0x @Anass0x
3 Followers 189 Following
giaogiao @nzgiao
0 Followers 5 Following
Romulus Crisan @cromica_82
261 Followers 938 Following I blog and create software at Microsoft. Principal Software Engineering Manager, Identity Security.
rlxAR @unlab4c4
0 Followers 408 Following
Dylan Ryan-Zilavy @dyl_491
0 Followers 4 Following Security Researcher/Bug Bounty Hunter for Microsoft
Alexis @_heilancoos
7 Followers 102 Following Security Researcher | Threat Simulation & Incident Response
ً @AdamParsonz
1K Followers 730 Following Father of 2 mini-mes. "Talented individual" - MT, "Notable patience" - SW, "You were right, and it made it better" - @SwiftOnSecurity
aleksander @MerlinAlex666
70 Followers 659 Following
Igor G. Goldberg @IgorGoldberg
169 Followers 1K Following In theory, there is no difference between theory and practice, but, in practice, there is.
Adam Chester 🏴�... @_xpn_
36K Followers 501 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
DirectoryRanger @DirectoryRanger
35K Followers 96 Following This account assembles and disseminates information related to Active Directory and Windows security.
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Charlie Bromberg « ... @_nwodtuhs
15K Followers 653 Following Trying to hack the way we hack things 🏴☠️
Mike Felch (Stay Read... @ustayready
16K Followers 2K Following Targeted Ops Red Team @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | I speak for myself only | K1HAQ
rootsecdev @rootsecdev
26K Followers 1K Following Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
mgeeky | Mariusz Bana... @mariuszbit
14K Followers 812 Following 🔴 Operator, Initial Access afficionado, Researcher, ex-AV engine developer, ex-Malware analyst 🦋 @mgeeky.bsky.social 🫖 green tea lover
Will Dormann is on Ma... @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
🥝🏳️🌈 Be... @gentilkiwi
62K Followers 286 Following A kiwi coding mimikatz & kekeo github: https://t.co/eS3LVgU6i0 Head of security services @banquedefrance Tweets are my own and not the views of my employer
Marcello @byt3bl33d3r
30K Followers 560 Following CyBeRsEcUrItY | Not afraid to put down with some THICC malware on disk | securing and breaking AI @PaloAltoNtwks | Ex @spacex
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / Antiquarian @ IBM X-Force / t501 / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Nathan McNulty @NathanMcNulty
17K Followers 1K Following Loves Jesus, loves others | Husband, father of 4, security solutions architect, love to learn and teach | Microsoft MVP | @TribeOfHackers | 🦋@nathanmcnulty.com
Dominic Chell 👻 @domchell
18K Followers 540 Following Just your friendly neighbourhood red teamer @MDSecLabs | Creator of /r/redteamsec | https://t.co/3k3EBAZqGd | https://t.co/KwO2OwDOkl
Oddvar Moe @Oddvarmoe
19K Followers 1K Following Red Teamer @TrustedSec | MS MVP | Speaker | Security Researcher | Blogger | Total n00b & always learning | UNC1194 | Tinkerer | Gamer I try to inspire!
Cas van Cooten @chvancooten
10K Followers 673 Following Benevolently malicious offensive security enthusiast || OffSec Developer & Malware Linguist || NimPlant & NimPackt author || @ABNAMRO Red Team
Vincent Le Toux (Pari... @mysmartlogon
12K Followers 58 Following Author of #PingCastle, contributor to #mimikatz (DCSync, setntlm, DCShadow) and #OpenSC. Wrote GIDS applet, OpenPGP card driver on Windows and OpenSC stuff.
John Jiang @SecurityThunder
54 Followers 212 Following Researcher/UCCU Hacker Co-founder/HackerPeanutJohn
will i am @BSummerz
251 Followers 478 Following Red/Purple teamer and senior consultant @Mandiant Canada 🇨🇦
Mr.Un1k0d3r @MrUn1k0d3r
13K Followers 508 Following I don't know how to search on Google so I do research on my own and tweet about it. Hacking as a life style https://t.co/a05mevChzu
Marc André Tanner @marcandretanner
110 Followers 720 Following Information Security, Systems Programming, Text Editors, ...
CODE BLUE @codeblue_jp
6K Followers 625 Following CODE BLUE 2025: International cybersecurity conference 📆 Training: 11/16-17 |Conference: 11/18-19 📢 参加登録受付中!Now Accepting Registrations! HP https://t.co/blERauRf35
Luke @lukeparadoxis
52 Followers 217 Following Does the cyber thing @ 🦊 Views and opinions expressed here are mine and not that of my current or past employers'. Not active a lot, contact me via my website
samarth @riddl3sec
53 Followers 158 Following fellow disruptor of space-time; security @ JP Morgan. Views are my own.
/* BlazingWind */ @BlazingWindSec
258 Followers 502 Following Security researcher at @GHSecurityLab. Views are my own.
OrangeCon @OrangeCon_nl
1K Followers 217 Following The New Dutch Cybersecurity Conference! Experience the Hackers Community in Amsterdam, on September 5th!
Haifei Li @HaifeiLi
8K Followers 151 Following For contact in the security community. NOTE: All the tweets are totally my personal opinions, not about any of my current employer stuff.
Keanu Nys @RedByte1337
896 Followers 74 Following Offensive Security Lead @ Spotit. Creator of GraphSpy
Jose Rodriguez 🇵�... @Cyb3rPandaH
6K Followers 342 Following #CyberDefense #AI #DataScience @GeorgeMasonU @NOVAcommcollege @pucp
hordalex @hordalex
6 Followers 11 Following
Alberto @__ar0d__
453 Followers 2K Following Infosec | Tech | Entrepreneur 👋. https://t.co/NipeaWw1t2 | https://t.co/7MkpQbduIo
Chris Thompson @_Mayyhem
3K Followers 467 Following Senior Security Researcher @SpecterOps https://t.co/Sz5fRYkX6u
wero1414 @ForeverWero
1K Followers 1K Following Ingeniero en electrónica/Crossover Developer/Co-founder @electronicats
Leo Pigñer @kfs
4K Followers 860 Following CEO @ekoparty · Gathering troublemakers since 2001 · Still no idea what I’m doing ¯\_(ツ)_/¯
Rey Bango 🇺🇦�... @reybango
23K Followers 6K Following Advocate for AI & Security | I hack into things sometimes. Opinions are mine. Fortis fortuna adiuvat. It's a good time to cause a little chaos.
Rogier Dijkman | Micr... @DijkmanRogier
796 Followers 655 Following Cloud Security Researcher | Developer | Author | SecureHats | Marathoner | #PowerShell, #ARM, #GitHub #DevOps #CLI #Security, #KQL Enthusiast
klez @KlezVirus
8K Followers 705 Following Independent Cyber Security Researcher - Opinions are my own
Alain M. @plopz0r
448 Followers 249 Following
Emilien Socchi @emiliensocchi
675 Followers 130 Following Passionate security researcher and professional #EntraID #Azure #GCP #Kubernetes | Sharing technical tips and ideas
Area41 Security Con @a41con
3K Followers 131 Following Area 41 security conference - 6-7.June 2024 - the technical security conference in the center of europe: Switzerland powered by DC4131
Max Grim @max__grim
584 Followers 284 Following Red Teamer @OutflankNL | Cyber Security | Messing around with hardware
Cedric Van Bockhaven @c3c
913 Followers 344 Following
Martin Sohn @martinsohndk
411 Followers 162 Following BloodHound Enterprise TAM @SpecterOps https://t.co/DSlhf0kax3
trickster0 @trickster012
3K Followers 270 Following In the land of the blind, the one-eyed man is king.
Tom Houiellebecq @xIWiiNGZIx
372 Followers 779 Following InfoSec Technical Team Lead & Cyber 🤡 - ♥️ to be forever n00bing & enjoy a good 🍻 *MyViewsAreMyOwn* @a41con Orga, #DC4131 @defconch 🇨🇭🏴
Craig S. Blackie @craigsblackie
314 Followers 489 Following Hacker, network admin, ale drinking geek and lover.
Roberto Rodriguez �... @Cyb3rWard0g
26K Followers 628 Following AI Security Researcher @nvidia | Prev: @Microsoft | Founder of the @OTR_Community
Aziz @hasdrub4l
73 Followers 324 Following I *try* to break things for a living ~~~ Tripod installer @defconparis
CCob🏴�... @_EthicalChaos_
9K Followers 437 Following Ceri Coburn: Hacker | R̷u̷n̷n̷e̷r̷ DIYer| Vizsla Fanboy and a Little Welsh Bull apparently 🏴 Author of poorly coded tools: https://t.co/P6tT2qQksC
Tony Gore @nullg0re
626 Followers 1K Following Security Researcher, US Marine Corps Veteran, Microsoft Most Valuable Researcher 2023 & 2024
Lukas Klein | @rantas... @RantaSec
43 Followers 168 Following
Hugow @hugow_vincent
913 Followers 975 Following Red Team and research @synacktiv @rustyphasm.bsky.social
French @nfFrenchie
4K Followers 5K Following InfoSec geek for Cloud/Clusters/Containers/things-starting-with-C ex: @BrexHQ & @Cruise. founder @ensignia_dev honk the planetTrends for United States
7.670 posts
65 B posts
14,8 B posts
54,5 B posts
83,4 B posts
26 B posts
34,8 B posts
8.391 posts
13,9 B posts
23,6 B posts
25,8 B posts
1.110 posts
217 B posts
2.368 posts
1.050 posts
4.175 posts
1.489 posts
You might like
Will Schroeder
@harmj0y
48K Followers
Elad Shamir
@elad_shamir
5K Followers
DirectoryRanger
@DirectoryRanger
35K Followers
Sean Metcalf
@PyroTek3
36K Followers
SpecterOps
@SpecterOps
39K Followers
Adam Chester 🏴�...
@_xpn_
36K Followers
Marcello
@byt3bl33d3r
30K Followers
🥝🏳️🌈 Be...
@gentilkiwi
62K Followers
Chetan Nayak (Brute R...
@NinjaParanoid
31K Followers
Lee Chagolla-Christen...
@tifkin_
14K Followers
Rasta Mouse
@_RastaMouse
46K Followers
Olaf Hartong
@olafhartong
17K Followers
MDSec
@MDSecLabs
15K Followers
Matt Hand
@matterpreter
10K Followers
S3cur3Th1sSh1t
@ShitSecure
26K Followers