Jonas Vestberg @bugch3ck
Privilege Escalation Engineer Principal Consultant @ Reversec (formerly WithSecure Consulting) @bugch3ck.bsky.social Joined August 2011-
Tweets6K
-
Followers2K
-
Following355
-
Likes4K
Jonas Vestberg retweeted
Dropped a follow up blog for the talk I did at fwd:cloudsec earlier in the year. Hopefully this makes it easier for people to follow at their own pace about the SharePoint pre-authentication "feature"/issue and orgs can decide to turn it off or not labs.reversec.com/posts/2025/09/…
1
9
18
1K
4
Jonas Vestberg retweeted
AdaptixC2 v0.8 is out! github.com/Adaptix-Framew… * AxScript: new events and functions * Added Targets Manager * Updated tunnels Full update details: adaptix-framework.gitbook.io/adaptix-framew…
Jonas Vestberg retweeted
#secureai is our new, two track conference in #stockholm #sweden on September 23-24 on the topics of #itsecurity and #aisecurity. See you there!
RTO2 is a great course by @_ZeroPointSec (@_RastaMouse). Even with the exam done, I have a ton of stuff I want to look into more.
The rest of the internet: Challenge accepted 😆
The rest of the internet: Challenge accepted 😆
Jonas Vestberg retweeted
I was today years old when I learnt that you can run ELF using ld-linux. Useful when the executable bit is not set (and you can't change it).
Jonas Vestberg retweeted
A tool to transform Chromium browsers into a C2 Implant github.com/praetorian-inc…
Jonas Vestberg retweeted
Speaking at @defcon was as fun as always! My new tool called RPC-Racer is now available. It masquerades as a legitimate RPC server to force a protected process to authenticate against an arbitrary server github.com/SafeBreach-Lab…
Jonas Vestberg retweeted
I remember that I had to do some research online on how to make exploits for vulnerabilities over MS-RPC. With this blog, I hope to fill the gap on the lacking information available online on how to make these yourself. incendium.rocks/posts/Exploit-…
Jonas Vestberg retweeted
hashcat v7.0.0 released! After nearly 3 years of development and over 900,000 lines of code changed, this is easily the largest release we have ever had. Detailed writeup is available here: hashcat.net/forum/thread-1…
NetNTLMv2: +223 percent (Intel) 😍
Jonas Vestberg retweeted
Jonas Vestberg retweeted
New TTP dropped! Yesterday Microsoft announced a new feature coming in January, 2026. Microsoft Intune's Unattended Remote Help for Windows: remotely access devices over the cloud without requiring end user involvement by signing in with credentials. Yay!
Jonas Vestberg retweeted
[BLOG] In this post, I demonstrate my QoL improvements for working with the TCG codebase. This includes vscode with intellisense support, and producing debug builds for use in WinDbg. rastamouse.me/debugging-the-…
[BLOG] In this post, I demonstrate my QoL improvements for working with the TCG codebase. This includes vscode with intellisense support, and producing debug builds for use in WinDbg. rastamouse.me/debugging-the-…
Jonas Vestberg retweeted
Blog for ToolShell Disclaimer: The content of this blog is provided for educational and informational purposes only. blog.viettelcybersecurity.com/sharepoint-too… #SharePoint #ToolShell
Jonas Vestberg retweeted
Had some time and decided to take a shot at Fabian’s RAITrigger project. After a look into the RPC internals, I put together a super lightweight C# version (no NtApiDotNet), plus a C++ and BOF version. Enjoy! github.com/klezVirus/RAIW…
Jonas Vestberg retweeted
Wrote a BOF that extracts access tokens from .tbres files by decrypting DPAPI blobs in the current user context, this tool can be used as an alternate to office_tokens BOF github.com/grayhatkiller/…
Jonas Vestberg retweeted
Just saw this post in the last entra news issue. It's so cool! Very creative and present some new concepts (at least new to me). It's about using one drive write permissions to inject to the ps profile and get some PRTs 😃 labs.reversec.com/posts/2025/07/…
Jonas Vestberg retweeted
We have reproduced "ToolShell", the unauthenticated exploit chain for CVE-2025-49706 + CVE-2025-49704 used by @_l0gg to pop SharePoint at #Pwn2Own Berlin 2025, it's really just one request! Kudos to @mwulftange
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
SwiftOnSecurity @SwiftOnSecurity
405K Followers 9K Following computer security person. former helpdesk.
an0n @an0n_r0
13K Followers 726 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Will Dormann is on Ma... @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
sn🥶vvcr💥sh @snovvcrash
12K Followers 488 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
n00py @n00py1
13K Followers 963 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
🥝🏳️🌈 Be... @gentilkiwi
62K Followers 286 Following A kiwi coding mimikatz & kekeo github: https://t.co/eS3LVgU6i0 Head of security services @banquedefrance Tweets are my own and not the views of my employer
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
mgeeky | Mariusz Bana... @mariuszbit
14K Followers 812 Following 🔴 Operator, Initial Access afficionado, Researcher, ex-AV engine developer, ex-Malware analyst 🦋 @mgeeky.bsky.social 🫖 green tea lover
Dave Kennedy @HackingDave
223K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows | Interested in Security, Debugging, and Windows Internals.
x86matthew @x86matthew
21K Followers 189 Following C / asm / system emulation / reverse engineering. @the_secret_club
Swissky @pentest_swissky
20K Followers 2K Following RedTeam | Pentest Author of PayloadsAllTheThings & SSRFmap https://t.co/w1ZLRqoafG
hackerfantastic.x @hackerfantastic
104K Followers 5K Following Co-Founder @myhackerhouse & https://t.co/ouNFRET3hI. Cybersecurity & blockchain expert. Author of Hands-on Hacking (ISBN 9781119561453). Offensive Lua. #Web3
Marcia @marcia_hirsch51
321 Followers 3K Following
Chris Isaias @_call_gate
108 Followers 2K Following Penetration Testing & Reverse Engineering. . . Phd(c), Msc (RHL), ESDC fellow, IEEE snr, FIRST liaison, CISSP, CRTO, PNPT, CRTP
வழிப்போ... @vazhipokkan_0x
233 Followers 1K Following
Ekenas @ek3nas
0 Followers 33 Following
ICheer_No0M @icheernoom
580 Followers 3K Following The Internet is an ocean of ones and zeroes. | Hacker at @McAidenResearch
Fallou Seck @loufa_0
104 Followers 973 Following PT1 (Tryhackme) | CRTA | PJPT | CNSP | cybersecurity enthousiast
L0rd$ud0 @L0rd5ud0
388 Followers 578 Following Cybersecurity Researcher | CTF player @p3rf3ctr00t | part time Nerd
Amalia Radoi @AmaliaRado56600
4 Followers 359 Following
Ironhawk461 @ironhawk4633034
2 Followers 95 Following
Roberto_Sanz 🇨🇱... @Sanz_robe
330 Followers 5K Following
Gabriel Landau @GabrielLandau
4K Followers 707 Following Tech Lead @ Elastic Security. Thoughts are my own. Also @[email protected] & @gabriellandau.bsky.social
Uriel Kosayev @MalFuzzer
5K Followers 434 Following Author of MAoS & Antivirus Bypass Techniques | Cybersecurity Researcher | Keynote Speaker | Co-Founder @TrainSec Academy
tron swanson @a_h_a_b_
471 Followers 2K Following
Erhele @Erhele5864317
18 Followers 946 Following
Bala Chander @Balachander_PS
10 Followers 109 Following - Technical Officer to Director (ALFA&KGT) | Passionate Swing in the wild
Pascal @Pascal_0x90
514 Followers 1K Following Memes | Coffee | I apparently use Emacs now | CTF with Shellphish | Malware | All posts and thoughts are probably from Stack Overflow | Tick 196 enthusiast
Adamant.ax @adamant_ax
1 Followers 74 Following
Red @Dankolai
140 Followers 1K Following I am on all levels including physical a Cisco Phone | @_DC818_ | I like computers and the internet.
t0xch4 @t0xch4_
3 Followers 663 Following
// @_stubit
1 Followers 155 Following
Lenny @lywang90
41 Followers 704 Following
ChrDre @ChrDre
12 Followers 644 Following
Connor Johnson @CJ_Fortra
39 Followers 195 Following Lead Account Executive - Fortra's Offensive Security | @fortraofficial - Representing Core Impact, Cobalt Strike, Outflank Security Tooling (OST).
Filouh @Filouh2927
26 Followers 1K Following
arip petits @AripPetits
5 Followers 1K Following
kd @kd_sharma2k18
4 Followers 126 Following
Leonora Cruickshank @LeonoraC48248
0 Followers 165 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/Gxs1aTzgNy
Hossam @0xHossam
1K Followers 1K Following I love doing hacky stuff | red team operator @CyShieldCompany | adversary simulations newbie | interested in malware & windows security research
Oliv Ton @olivtoon
2 Followers 219 Following
0x2e3635 @XLPMSFT65
134 Followers 4K Following Dad | Husband | Gen X | Msft Windows AD Support | Azure Administrator | Programmer | Cybersecurity | 🇪🇸
bakhshiyev @bakhshiyevg
17 Followers 451 Following
SAI MANISH @Manish04199809
24 Followers 251 Following Cloud Security Engineer, and an aspiring filmmaker. Seeking to improve myself and work with the greatest to be among the greatest. 🐧🐥
Pausau @Pausau62487
32 Followers 2K Following
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
SwiftOnSecurity @SwiftOnSecurity
405K Followers 9K Following computer security person. former helpdesk.
mpgn @mpgn_x64
18K Followers 230 Following Flibustier du net ̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿ Podcast Hack'n Speak @hacknspeak / https://t.co/GyACSFg9mw
Charlie Bromberg « ... @_nwodtuhs
15K Followers 653 Following Trying to hack the way we hack things 🏴☠️
an0n @an0n_r0
13K Followers 726 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Will Dormann is on Ma... @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Adam Chester 🏴�... @_xpn_
36K Followers 499 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
sn🥶vvcr💥sh @snovvcrash
12K Followers 488 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
n00py @n00py1
13K Followers 963 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
Dirk-jan @_dirkjan
28K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
🥝🏳️🌈 Be... @gentilkiwi
62K Followers 286 Following A kiwi coding mimikatz & kekeo github: https://t.co/eS3LVgU6i0 Head of security services @banquedefrance Tweets are my own and not the views of my employer
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
mgeeky | Mariusz Bana... @mariuszbit
14K Followers 812 Following 🔴 Operator, Initial Access afficionado, Researcher, ex-AV engine developer, ex-Malware analyst 🦋 @mgeeky.bsky.social 🫖 green tea lover
Gabriel Landau @GabrielLandau
4K Followers 707 Following Tech Lead @ Elastic Security. Thoughts are my own. Also @[email protected] & @gabriellandau.bsky.social
Richard Johnson @richinseattle
18K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
Shellter @shellterproject
5K Followers 2 Following AV Evasion Artware || Shellter v7.2 - Executable SHA256: ea07a52eca82b6383c7aa224652e55e0d1701f0779def736977ecadff819049c || Shellter Elite || Dev: @kyREcon
Uriel Kosayev @MalFuzzer
5K Followers 434 Following Author of MAoS & Antivirus Bypass Techniques | Cybersecurity Researcher | Keynote Speaker | Co-Founder @TrainSec Academy
Clément Notin @cnotin
6K Followers 975 Following 😈 Security research (#ActiveDirectory #EntraID) & pentest 🎉 #CTF @tipi_hack 👨💼 Works @TenableSecurity, opinions my own 🪂 https://t.co/4HRwJQ6PUm
Connor Johnson @CJ_Fortra
39 Followers 195 Following Lead Account Executive - Fortra's Offensive Security | @fortraofficial - Representing Core Impact, Cobalt Strike, Outflank Security Tooling (OST).
SinSinology @SinSinology
13K Followers 674 Following Pwn2Own 20{22,23,24,24.5,25,25.5}, i look for 0-Days but i find N-Days & i chase oranges 🍊
MDSec @MDSecLabs
15K Followers 0 Following Consultancy and Training from a trusted supplier of offensive security. Red Team and Adversary Simulation by ActiveBreach team | https://t.co/fqpbJ9WDXD | https://t.co/UvOhGA4Zou
ATTL4S @DaniLJ94
3K Followers 649 Following I like spending time understanding things | FSAS @NCCGroupInfosec
Marc Smeets @MarcOverIP
5K Followers 435 Following Does a thing or two with red teaming @OutflankNL | part time race and drift car instructor
Matt Rife @mattrife
643K Followers 1K Following Stand Up Comedian/Actor/Person. NEW NETFLIX SPECIAL OUT NOW! Insta: MattRife. TOUR DATES👇🏼
Ryan Reynolds @VancityReynolds
21.3M Followers 2K Following owner: @aviationgin - @MintMobile - @maximumeffort - @Wrexham_AFC
Calle Svensson @ DEFC... @ZetaTwo
7K Followers 711 Following Security Engineer @ XTX. MSc in eng. physics & CompSci, dev & gamer. ❤️ music & long distance running. Wanna do a PhD sometime. Same U/N on all other sites
Nikhil Mittal @nikhil_mitt
20K Followers 439 Following Hacker, Infosec Researcher, Military Affairs & History, PowerShell, AD and Azure pwner, Creator of Nishang and others :) Founder @alteredsecurity
NetSPI @NetSPI
4K Followers 541 Following The Proactive Security Solution | Securing the most trusted brands on Earth #PenetrationTesting #proactivesecurity
Jim Sykora @JimSycurity
2K Followers 2K Following I enjoy security, technology, learning, books, & the great outdoors. Trying to be human & kind. Opinions = mine. He/Him/Hän
frycos @frycos
4K Followers 518 Following Private account! Red teamer @codewhitesec. @[email protected] @frycos.bsky.social
William Burgess @joehowwolf
2K Followers 4K Following Ex-theoretical physicist, currently terrible hacker and wannabe security researcher. Views are, regrettably, my own. Likes = bookmarks
Andrew @4ndr3w6S
3K Followers 2K Following Detection Engineering @HuntressLabs | Prev. Practice Lead, TAC (Purple Team) @TrustedSec | @SpursOfficial Super Fan - COYS!
Robert Malmgren @mitt_nya_nym
2K Followers 3K Following IT sec guy. Geek. Run ROMAB, sysctl, omnisiens companies and CS3STHLM (new 4SICS) and secheads conferenses.
Cobalt Strike @_CobaltStrike
5K Followers 32 Following Official account for Cobalt Strike. Benchmark red teaming tool known for its flexibility and powerful user community. Follow for new releases and other updates.
Zero-Point Security @_ZeroPointSec
13K Followers 6 Following
FX of Phenoelit @41414141
18K Followers 519 Following Hacker, bearer of the 2017 Pwnie Lifetime Achievement Award, Experiment 626 type Otherwise applicable: I can neither confirm nor deny.
Marcello @byt3bl33d3r
30K Followers 559 Following CyBeRsEcUrItY | Not afraid to put down with some THICC malware on disk | securing and breaking AI @PaloAltoNtwks | Ex @spacex
Travis Goodspeed @travisgoodspeed
26K Followers 4K Following Merchant of Dead Trees and Licensed Proselytizer of the Gospel of the Weird Machines with Pwnage, PoC, and Secular Rock.
Chetan Nayak (Brute R... @NinjaParanoid
31K Followers 0 Following Founder Dark Vortex/Brute Ratel | Former RedTeam @CrowdStrike @Mandiant @niiconsulting
lcamtuf @lcamtuf
38K Followers 498 Following Substack: https://t.co/yFvmNisGW3 Homepage: https://t.co/iFAXZxCO5H
Joe Vest @joevest
8K Followers 891 Following Red Teamer丨Author of Red Team Development and Operations https://t.co/LTiTgnFKJq 丨Don't let perfect be the enemy of good
Cn33liz @Cneelis
13K Followers 598 Following Red teamer @ Outflank. Passionate about networking and cybersecurity | father of two superheroes.
spencer @techspence
12K Followers 2K Following 🛡️Empowering defenders & dismantling threats | Ethical Threat | pentester @securit360 | host @cyberthreatpov | SWAG https://t.co/AFJtZQcti7
NULL @NUL0x4C
9K Followers 393 Following Windows Malware Researcher | co-founder of https://t.co/1YRk2CEjaO
Greg Darwin @gregdarwin
2K Followers 0 Following No longer using Twitter. Gone looking for blue skies.
LuemmelSec @theluemmel
8K Followers 552 Following I speak BloodHound. Husband, Father, IT-Guy, Security-Noob Blog: https://t.co/PXB35KEqs6 GitHub: https://t.co/Unp9jZOpBn
Josh @passthehashbrwn
10K Followers 332 Following Adversarial Simulation at IBM, tweets are mine etc.
Jason Lang @curi0usJack
16K Followers 200 Following @TrustedSec Red Team lead | Hi-Fidelity trolling | Privacy Enthusiast | Putting the "no" in nano | Avatar: https://t.co/3XHmKR8nCkTrends for United States
85,9 B posts
3.406 posts
24,4 B posts
66,7 B posts
22,1 B posts
4.029 posts
6.489 posts
9.823 posts
16,6 B posts
1.557 posts
90,1 B posts
40 B posts
66,3 B posts
2.180 posts
56 B posts
45,4 B posts
11,5 B posts
You might like
LuemmelSec
@theluemmel
8K Followers
Charlie Clark
@exploitph
5K Followers
Bad Sector Labs
@badsectorlabs
8K Followers
Filip Dragovic
@filip_dragovic
7K Followers
Outflank
@OutflankNL
7K Followers
an0n
@an0n_r0
13K Followers
Andrea P
@decoder_it
8K Followers
Will Dormann is on Ma...
@wdormann
26K Followers
Josh
@passthehashbrwn
10K Followers
Pixis
@HackAndDo
8K Followers
Mayfly
@M4yFly
7K Followers
🥝🏳️🌈 Be...
@gentilkiwi
62K Followers
SEKTOR7 Institute
@SEKTOR7net
15K Followers
mgeeky | Mariusz Bana...
@mariuszbit
14K Followers
SkelSec
@SkelSec
12K Followers