eric ([email protected]) @invoke_eric
Cybercrime Threat Intelligence | Posts are not my employer's github.com/invoke-eric cyberspace Joined January 2021-
Tweets49
-
Followers223
-
Following63
-
Likes41
Great collaboration between CrowdStrike Services and CrowdStrike Intelligence @realparisi
Great collaboration between CrowdStrike Services and CrowdStrike Intelligence @realparisi
0
21
51
0
13
A #jupyter notebook for triaging HTML files github.com/invoke-eric/ju… perhaps useful for anyone in #threatintelligence investigating phishing campaigns
a day in the life of cyber threat intelligence analysts #cyberbakeoff
Interesting #LOTS (Living Off Trusted Sites) that seems perfect for threat actors bashupload.com: "Files are stored for 3 days and can be downloaded only once." - add that one to your threat hunting leads
helgeklein.com/blog/active-se… IMO a good explanation of the #LOLBIN runonce.exe /AlternateShellStartup (lolbas-project.github.io/lolbas/Binarie…)
gnomidea[.]xyz #cobaltstrike - FYI @Namecheap
Hello #ThreatIntelligence community, here is a #jupyter notebook to triage infrastructure using the @virustotal API github.com/invoke-eric/ju…
quick #dailyyara: xml.res file referencing external content (not necessarily malicious) rule r{ strings: $ = /Relationship Id="[a-zA-Z0-9]{3,6}" Type="http[s]?:\/\/[^"]{4,200}" Target="http[s]?:\/\/[^"]{4,80}" TargetMode="External"/ condition: all of them }
OneDrive URLs have cid values unique to each user cs.cornell.edu/~shmat/shmat_u…; this can be useful for #threathunting purposes, as some adversaries reuse the same cid across multiple campaigns.
Not all @censysio HTTP header fields are indexed, so if you try to search for these field names, you will get an error. However, you can still search the values using services.http.response.headers.unknown.value. This usually works.
Hello dear #ThreatIntelligence community, here are a couple basic #jupyter notebooks for triaging infrastructure using @censysio or @PassiveTotal APIs github.com/invoke-eric/ju… with the power of Pandas
Here is a @PassiveTotal python CLI client (passivetotal.readthedocs.io/en/latest/gett…) jq one-liner for “just give me all the resolutions” pt-client pdns --query YOUR_DOMAIN_OR_IP_HERE | jq -r '.results[] | select(.recordType == "A") | {resolve} | join("")'
#dailyyara tip I got from @larsborn - if your YARA rule is not for binaries (e.g. if it is for scripts), add a printability check under the condition, e.g.: and for all i in (1..100) : (uint8(i) != 0x0)
what is it like to work in #ThreatIntelligence you ask? cc @JershMagersh
if you are not using stedolan.github.io/jq/, you don't know what you are missing
crowdstrike.com/blog/prophet-s… Great collaboration between #crowdstrike intelligence and services
Handy tip-of-the-day from #iterm2
eric ([email protected]) retweeted
I don't do this often but these are special times: we're looking for several people to join our team at CrowdStrike Intelligence, reach out if you enjoy a good challenge!
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
ςεяβεяμs - м�... @c3rb3ru5d3d53c
25K Followers 243 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/NoM1TXq00P
☠️🐻Andy Piazza... @klrgrz
6K Followers 3K Following Christian. Killer Grizz, Threat Intel & Thrunter. Hack things w/ @bsides_nova. @DEFCON Contests Dept Lead & Black Badge DC32. GSE #344. (VIEWS ARE MY OWN).
Steve YARA Synapse Mi... @stvemillertime
17K Followers 1K Following threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
Silas Cutler (p1nk) @silascutler
13K Followers 2K Following You may know me from your logs Research @Censys Advisor @IST_org & #DEVSEC Built @Only_Scans, @mal_share, #KeyDrop
CD-R0M @CD_R0M_
1K Followers 1K Following IR @Mandiant | Interested in #DFIR and #ThreatIntel | Tweets attributable to me and not my employer
Moose @LitMoose
38K Followers 5K Following DFIR | Violinist | Former medical/vet tech | I work for everyone and no one. Infosec retellings obfuscated. Salty and tired. Also Litmoose on BlueSky
Lars @larsborn
454 Followers 80 Following 🐘 https://t.co/lIjSr7UBO2 Malware Analyst, Reverse Engineer, Software Developer, Mathematician, Teacher, Podcaster, send cat pics
Mariam Yehia @pit0u0
17 Followers 253 Following
intelc @turmericpidgeon
0 Followers 54 Following
Maddie Stewart @madzincyber
111 Followers 68 Following intelligence team @CrowdStrike // views are my own
headmuzik @QUANTUMINSERT
1 Followers 2K Following
notWimbledon @NotWimbledon
12 Followers 364 Following Researcher - cat lover, all the opinions are my own
. @0x75f_
422 Followers 5K Following
Cyber | Dragons Commu... @DragonCyberHQ
92 Followers 188 Following
Zach Edwards @thezedwards
7K Followers 8K Following privacy & data supply chain research / Senior Threat Analyst @SilentPush / politico / #build🔥🕸 ρᔕ𝐞ỮĎ𝔬Ňʸ๓Øᵘ丂 / [email protected]
Fred HK @fr3dhk
3K Followers 264 Following /* Security & Malware Research | Developer for https://t.co/LwUotFZWKL | Poking holes in everything & writing about it | Read here: https://t.co/pw6Fny0k27 */
great is as great doe... @didi_92i
482 Followers 5K Following ‘If the treasures of Persia and Rome were opened for you, what kind of people will you be? Perhaps you will be something else.’
NPA💻TechLife @NpaTechlife
17 Followers 126 Following I am a former TV lover who has now progressed into the digital world as a digital project manager at Digital Project Masters.
Brendon Feeley ☣ @brendonfeeley
739 Followers 1K Following Senior Intelligence Analyst @CrowdStrike and a published poet. My tweets are my own.
Jose Miguel Esparza @EternalToDo
4K Followers 1K Following Security Researcher | Threat Intelligence @CrowdStrike | @peepdf author | @ProjectHoneynet member | Tweets are my own | #malware #threatintel #reversing
Tyler Butler @tbutler0x90
413 Followers 1K Following @GeorgetownSFS studying the intersection of cyber security and statecraft | Independent vulnerability researcher
parkour @parkoursec
11 Followers 1K Following
tracedoor @tracedoor
73 Followers 2K Following Stay safe from cyber threats with our cybersecurity blog. Get the latest updates on data protection, online privacy, and digital security.
Melissa D. @meldeorio
70 Followers 720 Following
intelotter @intelotter
51 Followers 2K Following
Trent @tliffick
247 Followers 709 Following Security Analyst | Blue Team | Windows Engineer | Father | Lover of coffee and whiskey | Wishing we wouldn’t be a$$holes to one another | Opinions are my own
Clicks Buttons @lampshaderoot
199 Followers 2K Following this pikachu sets the defcon level for the team. all tweets are my own.
Br*an Collins @SecurityCollins
456 Followers 4K Following ☁️ security, general technology fan • opinions = mine
thea @theacorinne_
0 Followers 272 Following
patricia gomez @patrici51281122
47 Followers 1K Following
Scott Lynch @packetengineer
2K Followers 5K Following Certified @SANSDefense Instructor | SECOPS/CERT Manager | Defcon BTV | Navy Vet | Sailor | Tweets Are My Own
MA7C @ma7c_de
189 Followers 2K Following CyberSec education is the most powerful weapon / SecOps & TI - @[email protected] // #ONE-CYBER-SECURITY
jen nicastro @jwrube7
2 Followers 269 Following Cyber Security Gov Officials & Agencies Tech Professionals & Reporters Politics CyberSecurity Tech News History
Aaron Rosenmund @ARosenmund
1K Followers 2K Following RED&BLUE Researcher/Educator | CyberOps ANG | Certs for Fun | Cyber Speaker | Utilitarian | Adopted Stark | Gluten Free-ish
DomainSprain @Twizfest
38 Followers 249 Following
Rubén Revuelta Briz @rubn_RB
156 Followers 654 Following DFIR | Threat Hunting | Malware Reversing Cibersecurity enthusiastic.
Oliver Bauer @ocbauer
6 Followers 328 Following
Brooks @Brooks59198204
0 Followers 73 Following
IntKeeper @intkeeper
12 Followers 1K Following
Translatør @RTranslat
38 Followers 1K Following
Prof. David Lariviere @ProfLariviere
53 Followers 834 Following Professor David Lariviere is a Clinical Professor at the University of Illinois at Urbana-Champaign focused on high frequency and algo trading.
shshp @shshp4
0 Followers 5K Following
Jeff Daniels @nullSend
147 Followers 509 Following Threat Hunting, Incident Response, and all things Cloud Security @Microsoft | Opinions are my own
MΞTΛΞXPL0ЯΞ @Meta_Explore
280 Followers 1K Following Security Researcher,Reverse Engineer and Programmer - Tweets are my own
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
💻 Sherrod DeGrippo... @sherrod_im
36K Followers 7K Following Weird security voyeur. Vibe merchant. CISO of your 🩷 Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast. I like crime actors.
ςεяβεяμs - м�... @c3rb3ru5d3d53c
25K Followers 243 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/NoM1TXq00P
Steve YARA Synapse Mi... @stvemillertime
17K Followers 1K Following threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
Silas Cutler (p1nk) @silascutler
13K Followers 2K Following You may know me from your logs Research @Censys Advisor @IST_org & #DEVSEC Built @Only_Scans, @mal_share, #KeyDrop
Moose @LitMoose
38K Followers 5K Following DFIR | Violinist | Former medical/vet tech | I work for everyone and no one. Infosec retellings obfuscated. Salty and tired. Also Litmoose on BlueSky
Lars @larsborn
454 Followers 80 Following 🐘 https://t.co/lIjSr7UBO2 Malware Analyst, Reverse Engineer, Software Developer, Mathematician, Teacher, Podcaster, send cat pics
Jose Miguel Esparza @EternalToDo
4K Followers 1K Following Security Researcher | Threat Intelligence @CrowdStrike | @peepdf author | @ProjectHoneynet member | Tweets are my own | #malware #threatintel #reversing
Thomas Roccia 🤘 @fr0gger_
31K Followers 2K Following AI Security x Threat Intel · Sr. Threat Researcher @Microsoft · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @McAfee_Labs · Views mine 😈
Lloyd Davies @LloydLabs
3K Followers 398 Following
Censys @censysio
10K Followers 1K Following Censys is the source for real-time Internet intelligence and actionable threat insights for governments, F500 companies, and leading threat intel providers
RiskIQ Community @PassiveTotal
4K Followers 5 Following Providing freemium #ThreatHunting capabilities in order to surface threats faster and reduce risk. Built on top of @RiskIQ massive data collection.
OrdoPaintus @OrdoPaintus
8 Followers 108 Following A strange mix of cyber, cats, IPSC and wargaming. All opinions/thoughts are my own.
Christian S @c_stautz
16 Followers 236 Following
Philippe Lagadec @decalage2
5K Followers 1K Following Author of oletools, olefile, ViperMonkey, ExeFilter, Balbuzard. #DFIR, #malware analysis, maldocs, file formats, #Python. @[email protected]
Mark Schloesser @repmovsb
3K Followers 541 Following aka rep, Security Research, @CuckooSandbox dev., 0ldEur0pe / ESPR CTF Team
Tony Lambert @ForensicITGuy
6K Followers 1K Following Recovering sysadmin that now chases adversaries instead of uptime. Sr Malware Analyst @redcanary
ExecuteMalware @executemalware
27K Followers 185 Following #malware hunter & analyst. Opinions are my own.
Jared Wilson @JWilsonSecurity
2K Followers 1K Following Mandiant Research and Discovery, Father, Husband, Trail Runner, Co-Founder CyberFriendsCircle
ɹɐɯᴉ Sɥɐɐʇɥ @ramishaath
437 Followers 2K Following Windowz Cleaner, Malware Zoo Keeper, Cookie Monster, RAT killer, Bug Exterminator, B(r)each Hunter, DoubleF1clickeR, ❤️T(HAI) food, founder 971sec || BHMEA.971
Adam @malworms
292 Followers 62 Following IDA pro enthusiast, malware reverser, addicted to Rocket League. @PwC_uk Threat Intelligence. All views my own.
Nick Carr @ItsReallyNick
38K Followers 3K Following Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA
Kyle Ehmke @kyleehmke
5K Followers 312 Following Threat intel researcher focused on infrastructure hunting. Views are my own and not my employer's. Others: @[email protected] @kyleehmke.bsky.social
Sebastian Walla @SebastianWalla
205 Followers 609 Following Did a Cybersecurity Bachelor and Master in Computer Science with a focus on Security. Deputy Manager - Cloud Threat Intelligence Opinion/Thoughts are my own.
Bex @cyberlabrador
90 Followers 154 Following Clustering Spider intel for @CrowdStrike. Dog aficionado 🐕 Thoughts/opinions are my own.
BeijingJoe @FDjoes
529 Followers 396 Following
The North Korean Comp... @dprkcert
3K Followers 469 Following Defend Tomorrow, Secure Today! Official Computer Emergency Response Team (CERT) for the Democratic People's Republic of Korea #NorthSide #NorthKoreaBestKorea
apodlosky @apodlosky
30 Followers 324 Following
Defense Charts @DefenseCharts
40K Followers 1 Following 📈🤷♂️📊 dedicated to the presentational aesthetics of the defense-industrial complex // editor: @timhwang
Thomas @tsquaredcyber
109 Followers 573 Following
Andreas Sfakianakis /... @asfakian
5K Followers 3K Following Tweets about Cyber Threat Intelligence | SANS #FOR578 Instructor | Speaker My tweets=my views. RTs ≠ endorsement. https://t.co/6zRhe2JRUj
[email protected]... @rpargman
4K Followers 5K Following Слава Україні! Most important job: being Dad; I also love to help people deny attackers the opportunity to break and steal all the things. Pronouns: He/him
Aaron Stephens @x04steve
3K Followers 524 Following
Van @Wanna_VanTa
4K Followers 393 Following Research & Discovery Lead @Mandiant @googlecloud Specialties: researching adversary tradecraft, hardstuck masters TFT, and losing sneaker raffles.
Nicole Hoffman @threathuntergrl
9K Followers 4K Following Friendly Neighborhood Intel Analyst | Children’s Book Author | Lego | Hufflepuff
Lenny Zeltser @lennyzeltser
50K Followers 2K Following Advances cybersecurity. Grows tech businesses. Fights malware. // CISO at @AxoniusInc. Author and Faculty Fellow at @SANSInstitute. Creator of @REMnux.
Alex Ionescu @aionescu
47K Followers 2K Following Chief Technical Innovation Officer @crowdstrike. Windows Internals author and trainer. He/Him. RTs are not endorsements, opinions are my own.
Karl @KarlScheuerman
248 Followers 368 Following Disciple of Jesus. Family man. Manager @CrowdStrike. Officer in the @WANationalGuard. My thoughts are my own. Go 'hawks!
Paul Burbage @hexlax
3K Followers 965 Following Co-Founder @MalBeacon | Board Member @BSidesCHS. Tweets are mine & should be dismissed as bourbon-fueled ramblings.
UNPACME @unpacme
4K Followers 2 Following An automated malware unpacking service from OpenAnalysis Inc.
Dan Perez @MrDanPerez
4K Followers 1K Following 🇨🇳Mission TL @Google | #Malware Naming Wizard | #Attribution Connoisseur | All tweets are my own. #ThreatIntel #APT
Didier Stevens @DidierStevens
33K Followers 5K Following 5-to-9 security researcher, Microsoft MVP, ISC Handler. Mostly IT security. & programming. & (hardware) hacking. & maldocs PDF/DOC. Avatar: https://t.co/AtaPkdT5g3Trends for United States
185 B posts
185 B posts
62,8 B posts
92,1 B posts
92,1 B posts
13,9 B posts
1,61 Mn posts
8.582 posts
11,5 B posts
17,2 B posts
526 B posts
6.900 posts
5.778 posts
19,3 B posts
5.673 posts
1.694 posts
255 B posts
3.134 posts
2.903 posts
1.285 posts
You might like
nick
@3dRailForensics
2K Followers
bk (Ben Koehl)
@bkMSFT
3K Followers
Greg Lesnewich
@greglesnewich
4K Followers
Adrien B
@Int2e_
2K Followers
Tyler McLellan
@tylabs
3K Followers
French
@notareverser
899 Followers
The Vertex Project
@vtxproject
3K Followers
tlansec
@tlansec
3K Followers
Mark Parsons
@markpars0ns
2K Followers
Ariel Jungheit
@ArielJT
1K Followers
Nicko
@Disrupt_Degrade
721 Followers
Aaron Stephens
@x04steve
3K Followers
Wes Drone
@wesdrone
2K Followers
CD-R0M
@CD_R0M_
1K Followers
Chris Harrod
@thechrisharrod
1K Followers