-
Tweets318
-
Followers107
-
Following880
-
Likes669
š Secure Bits š” New LAPS Features ā ššæš² š¬š¼š šØšš¶š»š“ š§šµš²šŗ? You probably know about the newer Windows LAPS (now in GPO > System\LAPS), but are you really taking advantage of all its capabilities? šŖšµš®šāš "š»š²š" š¶š» ššš£š¦? ā Password Backup for DSRMā¦
some cool #Elastic detections added by @_w0rk3r to identify potential kerberos SPN Spoofing via the CredMarshalTargetInfo primitive (abused in CVE-2025-33073 and also in other Kerberos reflection attacks): synacktiv.com/publications/nā¦ github.com/elastic/detectā¦ github.com/elastic/detectā¦
Finally made it happen! Public Custom Maester Test Collection is now available. Check out my blog post for more info, and hope you will contribute as well! #powershell #Maester #Security clatent.com/2025/01/if-maeā¦
How to use JA4H to find new C2 servers! [WebScout blog] blog.webscout.io/dissecting-ja4ā¦
What types of deception tech should I use? Hereās some examples I have come across that I really liked. Please, other folks, chime in here with what youāve seen and liked tooā¦ - Honey file called password.doc on a shared drive - Honey file called test.txt in an IT adminsā¦
Hunt for suspicious scheduled task creation and execution in MDE. DeviceProcessEvents | where ProcessCommandLine contains "schtasks.exe" and ProcessCommandLine contains "/create" | join kind=inner ( DeviceFileEvents | where FileName endswith ".exe" or FileName endswithā¦
Excited to announce the š launch of the š„ LOLESXi project. It provides valuable insights into adversarial techniques targeting VMWARE ESXi. lolesxi-project.github.io/LOLESXi/ #threatresearch #lolesxi #dfir
I almost never share company stuff on here, but the one and only @dougsbaker will be giving a free Masterclass on Conditional Access next week that I think many will find helpful :) I get to learn a lot from Doug and now you can too :p Register here: patriotconsulting.eventbuilder.com/event/85402
My talk at the FIRSTCON24 is online Unveiling Active Directory Secrets: Uncommon Tricks for Enhanced Security Slides: raw.githubusercontent.com/vletoux/conferā¦ Videos: youtube.com/watch?v=UE7c8Iā¦
If you have VMware ESXi and Active Directory in your environment, take 5 minutes now & create a group in each AD domain called "ESX Admins". Make sure that the "ESX Admins" group is in a top-level administrative OU that only your AD admins manage. #QuickFix
If you have VMware ESXi and Active Directory in your environment, take 5 minutes now & create a group in each AD domain called "ESX Admins". Make sure that the "ESX Admins" group is in a top-level administrative OU that only your AD admins manage. #QuickFix
š„ New release It's been a while since the last major update to the Microsoft Extractor Suite. We are excited to announce the release of version 2.0. Update via PowerShell ā” Update-Module -Name Microsoft-Extractor-Suite Or download š github.com/invictus-ir/Miā¦ This updateā¦
Need to find out who has highly privileged OAuth API access to your Microsoft 365 tenant? I just published a new cmdlet that will generate a detailed report down to individual permission scopes. All the details in this YouTube video youtube.com/watch?v=vO0m5yā¦
Sketch of interpretation of Midnight Blizzard's attack flow based on @MsftSecIntel's blogpost (had to make a few assumptions, noted in grey). Big h/t to @cnotin and @EricaZelic for their analysis of this incident (links in thread) and to @LSecResearch for valuable input.
Sketch of interpretation of Midnight Blizzard's attack flow based on @MsftSecIntel's blogpost (had to make a few assumptions, noted in grey). Big h/t to @cnotin and @EricaZelic for their analysis of this incident (links in thread) and to @LSecResearch for valuable input. https://t.co/iwmVnCyxEL
šBehind the Scenes: The Daily Grind of ThreatĀ Hunter I turned a Twitter thread into a blog post on the topic of threat hunting. This is a real-world example of how I approach threat hunting step-by-step šµļøāāļø #ThreatHunting š Blogpost here: kostas-ts.medium.com/behind-the-sceā¦
Very interesting responses from folks. The common sentiment was that this is at least sus and needs further investigation. A lot of folks also went straight to describing it as malicious. šÆHere is some more info and the steps I took to investigate this: 1ļøā£Retrievingā¦
Very interesting responses from folks. The common sentiment was that this is at least sus and needs further investigation. A lot of folks also went straight to describing it as malicious. šÆHere is some more info and the steps I took to investigate this: 1ļøā£Retrievingā¦ https://t.co/tz2FelcA3R
News flash! Your built in EDR rules aren't enough and worst of all you can't even update or understand what they detect. Some might say. I use validation method so I know what they're detecting. You're only confirming a subset of certain implementation of ttps. So check again.ā¦
EVERY WHISPER FINDS ITS ECHO
This was a great write-up by @samkscholten on Callback Phishing, an annoying attack that users face daily. See how @sublime_sec uses Sender Analysis, Natural Language Understanding, and Logo Detection to detect these scams. sublime.security/blog/callback-ā¦
My #SANS #DFIR Summit '23 talk "Hunting C2 Beaconing at Scale in the Modern Age" is now available on YouTube! #ThreatHunting youtube.com/watch?v=UsDqAQā¦
A good reminder that any launch of an executable or script from C:\Users\Public\ should be investigated thoroughly. mandiant.com/resources/blogā¦ #CyberSecurity
Dre @andre_rivera14
158 Followers 403 Following
Alora Boadicea @AloraBoadicea
81 Followers 652 Following
nurse becky @ChadHoule463689
349 Followers 4K Following I just here to have fun. want a strong man good dick whoās going to give me a nice sex! I have been horny for long
Luna šŗšø @Lunallinnev
310 Followers 1K Following An ordinary woman who loves life, sports, beaches, travel, cars, has a cute parrot, and supports Trump MAGA! šŗšø
E L On @elonmusk_3378
151 Followers 6K Following CEO SpaceX, Tesla Autos Founder The Boring Company Mr X, Neuralink All
Maryhamilton @Maryhamilton500
46 Followers 3K Following
Eric Capuano - Bsky: ... @eric_capuano
11K Followers 3K Following Co-Founder @recon_infosec | SANS DFIR Instructor | IANS Faculty | https://t.co/yUXCSu2Yso | ā¬” ā¤ @shortxstack
Linda Joeyš @LindaJoey121436
51 Followers 1K Following Iām looking for a good and loyal man who is well respected and responsible for a serious relationship š
Arne u1land @EmilyCampb85945
57 Followers 664 Following š³š“ Management Consultant | Quality investing & The power of Compounding | Book š Invested a decade + | to finish first,you must finish first
Retethi @retethi25270
14 Followers 856 Following Follow me, maybe it's the beginning of our fate, we can talk
Bits, Bytes, and Bour... @DecryptedTech
1K Followers 526 Following A Technology Journalist and cybersecurity professional. I have a mission to remove the marketing-speak from the information people receive in their news.
nzyme - Network Defen... @nzyme_defense
2K Followers 773 Following nzyme - Network Defense System, free and open EVERY WHISPER FINDS ITS ECHO
Bobby Filar @filar
2K Followers 974 Following dad. security machine learning @sublime_sec fmr:@elastic, @endgameinc Wizards/Timberwolves/LFC
Rich Walchuck @Mokuso
119 Followers 398 Following
Whitney Champion šŖ... @shortxstack
30K Followers 11K Following security architect / cofounder @Recon_InfoSec / cofounder @DDI_training / ā„ļøā„ā„ == @eric_capuano, nerdery, rainbows, sweatpants | she/her š¤šæššš«¶
Christopher Wright @Christo74471134
1 Followers 2 Following
Andy Grolnick @AndyGrolnick
226 Followers 209 Following CEO @graylog2, Colorado-based, sports fan, musical theater enthusiast, #Dukebasketball, #Nuggets
Dan Torrey @danotorrey
2K Followers 3K Following Dad, runner, builder, aviation, 3D Printing, Houstonian. Security software Engineer @graylog2 Check me out on YouTube! https://t.co/QwGB6zIPEh
Graylog @graylog2
9K Followers 2K Following š Trusted Threat Detection & Incident Response solutions. Experience the difference with our unmatched capabilities. #SIEM #APISecurity #LogManagement
Jim Nitterauer šŗļæ½... @JNitterauer
9K Followers 9K Following Husband, Dad, Director of Information Security @graylog2. InfoSec enthusiast. CISSP, CISM, Speaker. Ethical Hacker. @BSidesLV Staff @ITENWired Guitarist
Jason Miller @MillerJmiller
1K Followers 1K Following CEO, Founder of @BitLyft | Tech Entrepreneur | Investor #cybersecurity #devops #cloud
NAMITA SAHOOš„° @Siddhar93258267
129 Followers 598 Following
Christopher Luft @tekgrunt
229 Followers 216 Following
cktk9 @cktk91
8 Followers 34 Following
jordan drysdale @Rev10D
663 Followers 506 Following
Adam Mashinchi @Adam_Mashinchi
1K Followers 1K Following Product Person @redcanary. Involved with: #AtomicRedTeam, @c2_matrix, @WWHackinFest, and the #PoweredByBlockchain stickers. (@[email protected])
PowerShell Chicago Co... @PWSHChicago
365 Followers 585 Following PowerShell Conference in Chicago 2020
Atomic Threat Coverag... @atc_project
2K Followers 1K Following Actionable analytics designed to combat threats
Data Connect Technolo... @dataconnectt
380 Followers 2K Following Singaporeās leading Information and Communication Technology Provider, providing excellent services & full-fledge ICT solutions since 2003
Silentshot @silentshot
8K Followers 597 Following Sec guy / NSFW content does show up / Gamer / CISO with attitude / Researcher / Social Engineering / Technologist / hopefully good friend.
Megantron (@megan@inf... @megan_roddie
6K Followers 4K Following Detection Engineer. Co-Author, SANS FOR509. Author, Practical Detection Engineering. @HackersHealth CFO. Ammy Muay Thai fighter/coach. #ActuallyAutistic.
Eric Foster @performify
2K Followers 1K Following CEO @TENEXai - backed by @a16z, leveraging advanced artificial intelligence and human expertise to transform enterprise security, first with our next-gen MDR.
Matt Alderman @maldermania
3K Followers 5K Following Chief Product Officer, CyberSaint Host, Business Security Weekly
PageinSec @pageinsec
451 Followers 1K Following Geek, researcher, teacher. Sec+, eJPT. Statements, etc are my own. Follow/like != endorsement IANAL, don't do illegal stuff, etc.
analogm @analogm1
304 Followers 2K Following
BSidesKC @_BSidesKC
2K Followers 2K Following When: April 25-26, 2025 / Where: KCKCC, 7250 State Ave, Kansas City, KS 66112 / What: Good times, networking, & security
King Moon Razor @kingm00nrazor
36 Followers 590 Following #Cybersecurity & #CyberEspionage is my passion. Opinions are my own and not that of my employer.
Brian Ingersoll @Bingersoll77
96 Followers 344 Following
Revolutionary @revo
216 Followers 2K Following #LOVE ʬO #įŖĘįÆĘ Oį ʬāĘ #įįʬʬĘįGĘįŖGĘ #įOį°įįʬĘį #ʬĘįāįOįŖOGĘ³ #įĘįįįĘĘ¬Ę³ #ĘįFOįĘį. į©įŖįŖ #OįĘONIONs į©įĘ į°Ę³ #OįÆį
Shawn Scott @SMS88
495 Followers 4K Following Father and husband, security and technology leader, German Shepherd lover, Chicago Bears fanatic. Opinions expressed here are my own.
Joshua Shay @JoshuaShay4
25 Followers 710 Following I'm just a deep down to earth guy who loves art in its rarest forms
Python Developer @Python_Dv
147K Followers 1K Following A place for all things related to the #python #programming #coding #webdeveloper #webdevelopment #pythonprogramming #ai #ml #machinelearning #datascience ...
Benjamin Bennett Alex... @RealBenjizo
33K Followers 406 Following Analyst | Learn Python & SQL | Author | LinkedIn 200k | Newsletter 350k subs | Open for Collabos | Join my Python course: https://t.co/lODsV3cyGW
Maester.dev @maester365
168 Followers 1 Following Maester your Microsoft 365 test automation framework.
Secure Annex @secureannex
147 Followers 5 Following Discover what is hiding in your software extensions
Placing the Suspect B... @PSBK4n6
828 Followers 23 Following It's about working #DFIR cases for attribution. āļø
Stroz Friedberg DFIR @StrozDFIR
324 Followers 8 Following Stroz Friedberg, a LevelBlue company, delivers intelligence-driven digital risk management with expert-led services designed for adaptive resilience.
Doug @dougsbaker
637 Followers 333 Following Microsoft Security & Compliance enthusiast š» Helping people navigate M365š” Youtuber š„ Tweeting tips and tricks š¬ Making the digital world a safer place
spencer @techspence
12K Followers 2K Following š”ļøEmpowering defenders & dismantling threats | Ethical Threat | pentester @securit360 | host @cyberthreatpov | SWAG https://t.co/AFJtZQcti7
PersistenceSniper @PersistSniper
194 Followers 4 Following One Powershell tool to (un)persist them all! Made with ā¤ļø by @last0x00 and @dottor_morte
Eric Capuano - Bsky: ... @eric_capuano
11K Followers 3K Following Co-Founder @recon_infosec | SANS DFIR Instructor | IANS Faculty | https://t.co/yUXCSu2Yso | ā¬” ā¤ @shortxstack
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
KQLCafe @KqlCafe
1K Followers 2 Following A Community to make the world a better place with KQL | Learn, share and practice the KQL language | #kql #threathunting #security
ACE Responder @ACEResponder
17K Followers 225 Following Practice threat hunting & detection engineering in a real SIEM with real attacks. Join us and become the best.
Joe Stocker @ITguySoCal
8K Followers 1K Following Christian Family Man, CEO of Patriot Consulting (Microsoft Security Partner) Author of "Securing Microsoft 365" Microsoft MVP (Security) (2020-present)
Matt Zorich @reprise_99
14K Followers 2K Following @Microsoft Security | https://t.co/HWozKuixTi | Tweets are my own
Invictus Incident Res... @InvictusIR
2K Followers 30 Following Helping organizations respond to cyber incidents in the cloud | š 24/7 support https://t.co/zfF62gimvm | š Academy https://t.co/GH0u8tmjXJ
Merill Fernando @merill
19K Followers 4K Following Product Manager @microsoft | Tweets my own Built ā https://t.co/ujxKqxXjf2 ā¢ https://t.co/QbUp63ffXf ā¢ Graph XRay ā¢ https://t.co/tSWrIw8Ajh š° Newsletterā https://t.co/tPzAEl0Zuq šļø Podcastā https://t.co/TBlNKTzn8t
ClƩment Notin @cnotin
6K Followers 975 Following š Security research (#ActiveDirectory #EntraID) & pentest š #CTF @tipi_hack šØāš¼ Works @TenableSecurity, opinions my own šŖ https://t.co/4HRwJQ6PUm
Jim Sykora @JimSycurity
2K Followers 2K Following I enjoy security, technology, learning, books, & the great outdoors. Trying to be human & kind. Opinions = mine. He/Him/HƤn
Thomas Roccia š¤ @fr0gger_
31K Followers 2K Following AI Security x Threat Intel Ā· Sr. Threat Researcher @Microsoft Ā· Creator of #Unprotect & #NOVA Ā· Malware Warlock Ā· Python š§” Ā· Prev @McAfee_Labs Ā· Views mine š
InfoSecProf @_John_Doyle
2K Followers 936 Following Cyber threat intelligence | Mandiant | SANS FOR578 instructor | Member of @curatedintelligence | Arcane Trickster | Ex-CIA | Posts represent my personal views
100daysofpython @100daysofpython
586 Followers 0 Following
Blue Team Labs Online @BlueLabsOnline
9K Followers 7 Following A gamified scenario-based platform for security professionals to develop and showcase practical skills. Powered by @secblueteam
CyberDefendersĀ®ā¢ @CyberDefenders
20K Followers 2 Following CyberDefendersā¢ is a training platform for #SOC analysts to learn, validate & advance #BlueTeam/#DFIR skills. Join community @https://cyberdefenders.org/discord
Windows Forensic Envi... @WindowsFE
5K Followers 5 Following Forensically boot evidence machines with a Windows Forensics Operating System! Now boots into ARM devices. #DFIR
Eric Zimmerman @EricRZimmerman
19K Followers 892 Following KAPE, EZTools, forensics, X-Ways. Certified SANS instructor. FFL Please consider supporting me: https://t.co/pIjxED3CMx
š °š ³š ¼ @securityfreax
4K Followers 697 Following "Any sufficiently advanced incompetence is indistinguishable from malice" - Grey's Law Cyberchef @ CSIRT
Chetan Nayak (Brute R... @NinjaParanoid
31K Followers 0 Following Founder Dark Vortex/Brute Ratel | Former RedTeam @CrowdStrike @Mandiant @niiconsulting
OpenUBA @OpenUBA
152 Followers 5 Following A robust, and flexible open source UEBA framework used for Security Analytics. Developed by Data Scientists & Security Analysts from the cyber security industry
Bits, Bytes, and Bour... @DecryptedTech
1K Followers 526 Following A Technology Journalist and cybersecurity professional. I have a mission to remove the marketing-speak from the information people receive in their news.
DEATHCon @DEATHCon2025
1K Followers 44 Following Online conference 8-9 November 2025 for Detection Engineering and Threat Hunting https://t.co/TpkIGjaqpx
Protexity @Protexity
347 Followers 262 Following We help organizations strengthen their cybersecurity posture and eliminate blind spots.
Blu Raven @BluRavenSec
379 Followers 11 Following š Elevate your security analysis skills! Learn #ThreatHunting, #DetectionEngineering and #DFIR using #KQL at https://t.co/EM8t7Xamei
Tom Wechsler - Micros... @tomvideo2brain
3K Followers 243 Following I have been working in IT since 2000 and have been an independent Cloud (Azure) Solution Architect / Cyber Security Analyst and Trainer since 2007
TropChaud @IntelScott
1K Followers 591 Following Reluctant security & intelligence practitioner and tool developer. Mainly Tweets about aggregating and visualizing cyber threat & OSINT datasets
Ali Hadi | B!n@ry @binaryz0ne
33K Followers 565 Following DFIR and Adversary Simulation | DFIR @ ProtonMail
Zero Networks @ZeroNetworks
620 Followers 34 Following Zero enables organizations to apply zero trust controls to who can access their network, what they can access, and how they connect.
Miriam Wiesner @MiriamXyra
4K Followers 764 Following Security Research PM at @Microsoft, Passionate about #hacking, #security and #powershell, tweets are my own | @[email protected]
Pavel Yosifovich @zodiacon
14K Followers 916 Following Windows Internals expert, author, and trainer. Teaching system programming & debugging at TrainSec. Check out my books & courses! š #WindowsInternalsĀ #TrainSec
CVE @CVEnew
56K Followers 3 Following Official account maintained by the CVEā¢ Program to notify the community of new CVE IDs. Posts contain abbreviated details. Full CVE Records on https://t.co/ALn4YvUtom
Hugo Barona @HmsBarona
6K Followers 5K Following āļø #Cloud Solutions Architect š @Microsoft #MCT & #Azure #MVP š¤Public Speaker & @pluralsight Author āļø @CloudLunchLearn | Be Kind to Every Kind ā®ļø
DFIR Alert @DFIRalert
248 Followers 22 Following All the latest cybersecurity #DFIR #ThreatHunting #MalwareAnalysis #Detection rules from the #DFIR lab at @binalyze
Sophos Support @SophosSupport
13K Followers 21 Following #SophosSupport provides you with the latest in Sophos news, product updates, and published self-service content.š¬ Available Mon-Fri to assist you.
Sophos X-Ops @SophosXOps
73K Followers 323 Following A task force composed of our SophosLabs, SecOps, and SophosAI teams working together towards one goal: protecting our customers.
Blue Team Con @BlueTeamCon
11K Followers 6 Following Blue Team Con is an annual cybersecurity conference built for defenders, inclusive of anyone interested in safeguarding organizations. | 4-7 September 2025Trends for United States
You might like
