Antonio Cocomazzi @splinter_code
offensive security - windows internals | BlueSky: https://t.co/ytvJCoaF2c | Mastodon: https://t.co/hNIHa6L14d splintercod3.blogspot.com Italy Joined August 2016-
Tweets2K
-
Followers9K
-
Following327
-
Likes3K
Another Monday. Another week of… endless emails, annoying meetings, and oh look, a three-headed monkey behind you! Now that we have your attention, we can unveil the agenda for #RomHack2025 romhack.io/romhack-confer… #infosec #securityconference
I just published a blog post where I try to explain and demystify Kerberos relay attacks. I hope it’s a good and comprehensive starting point for anyone looking to learn more about this topic. ➡️decoder.cloud/2025/04/24/fro…
Microsoft has discovered post-compromise exploitation of CVE 2025-29824, a zero-day elevation of privilege vulnerability in Windows Common Log File System (CLFS), against a small number of targets. msft.it/6019qIVV9
NTLM relay is still a major threat and is now even easier to abuse. We just added new NTLM relay edges to BloodHound to help defenders fix and attackers think in graphs. Read my detailed post - the most comprehensive guide on NTLM relay & the new edges: ghst.ly/4lv3E31
We (me + @2igosha) have discovered a new Google Chrome 0-day that is being used in targeted attacks to deliver sophisticated spyware 🔥🔥🔥. It was just fixed as CVE-2025-2783 and we are revealing the first details about it and “Operation ForumTroll” securelist.com/operation-foru…
Check out our new blog post!
new #elastic defend rules out : - PPL bypass via ComDotNetExploit - Execution via Windows-Run (trending delivery method ITW) github.com/elastic/protec…
Hey, we should really switch from NTLM to something like Kerberos, yet another good reason, right? cc @ShitSecure @splinter_code 😂🤣
KrbRelayEx-RPC tool is out! 🎉 Intercepts ISystemActivator requests, extracts Kerberos AP-REQ & dynamic port bindings and relays the AP-REQ to access SMB shares or HTTP ADCS, all fully transparent to the victim ;) github.com/decoder-it/Krb…
Great work! few detection points: - registry change "HKLM\\SOFTWARE\\Classes\\CLSID\\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\\TreatAs\\" - WaaSMedicSvc loading CLR (result of .NET execution in the context) - Impersonation as Trusted Installer.
Great work! few detection points: - registry change "HKLM\\SOFTWARE\\Classes\\CLSID\\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\\TreatAs\\" - WaaSMedicSvc loading CLR (result of .NET execution in the context) - Impersonation as Trusted Installer. https://t.co/Vbj9ReLWVt
Another simple standalone tool for creating machine accounts with custom password in Windows AD github.com/decoder-it/New…
Skiing with @cybersaiyanIT sticker is priceless 😀
@splinter_code This tweet was mentioned in the BlackBasta Leak bestflowers.json ( timestamp: 2023-10-23 16:17:02 )
🚀 #RomHack 2025 #callforpapers is OPEN! Are you a #cybersecurity pro with a passion for sharing knowledge? This is your chance to take the stage at #RomHack2025 📩 Apply now: cfp.romhack.io/romhack-2025/c… #InfoSec #hackercommunity
Multi-Platform FINALDRAFT malware targeting government orgs. Outlook drafts for C2. We published a deep dive on the malware and another on the campaign. Great research by the team! elastic.co/security-labs/… elastic.co/security-labs/…
Notes from the Field: My journey in trying to change Windows password in the most complex way, purely for fun, very little profit, but definitely a fun challenge! More details here ➡️decoder.cloud/2025/02/11/cha…
NTLM Relaying with DCOM cross-session activation over an external OXID resolver. This variant has the advantage over regular RemotePotato0 that all connections are established from victim to attacker and none in opposite direction. Credits go to @MrAle_98.
@splinter_code Are you sure they fixed? 🤨 This is the latest w11 insider canary ....
Two new posts from @tiraniddo today: googleprojectzero.blogspot.com/2025/01/window… on reviving a memory trapping primitive from his 2021 post. googleprojectzero.blogspot.com/2025/01/window… where he shares a bug class and demonstrates how you can get a COM object trapped in a more privileged process. Happy Reading! 📚
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
mgeeky | Mariusz Bana... @mariuszbit
14K Followers 812 Following 🔴 Operator, Initial Access afficionado, Researcher, ex-AV engine developer, ex-Malware analyst 🦋 @mgeeky.bsky.social 🫖 green tea lover
sn🥶vvcr💥sh @snovvcrash
12K Followers 488 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Andrea P @decoder_it
8K Followers 290 Following Security Consultant @semperistech . Independent Security Researcher. Cyclist & Scubadiver. MSRC MVR 2022. "So di non sapere"
an0n @an0n_r0
13K Followers 725 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Josh @passthehashbrwn
10K Followers 332 Following Adversarial Simulation at IBM, tweets are mine etc.
Charlie Bromberg « ... @_nwodtuhs
15K Followers 653 Following Trying to hack the way we hack things 🏴☠️
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
Will Dormann is on Ma... @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Yarden Shafir @yarden_shafir
24K Followers 309 Following A circus artist with a visual studio license
klez @KlezVirus
8K Followers 706 Following Independent Cyber Security Researcher - Opinions are my own
n00py @n00py1
13K Followers 963 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
RalphM @RalphM45318523
4 Followers 534 Following
Andrea K. Ranieri @dr4ndrei
16 Followers 71 Following 19 | maldev - windows internals | computer science student @univaq
Hannibal Barca @Hanniofbarca
0 Followers 76 Following
Cypher sage @CypherSage1
0 Followers 45 Following
Sambam4mba @he31707900
8 Followers 929 Following Bor3d hacker of iot devices, security researcher? Security Breacher!
The Rawi @Th3_Rawi
9 Followers 48 Following
mike tyson @miketyson843596
0 Followers 54 Following
AleConti @AleConti23
3 Followers 57 Following
Rahul @Rahul83711624
24 Followers 470 Following
Quark In The Shell @QuarkInTheShell
1 Followers 258 Following 🔍 DFIR | Cyber News | Threat Research 🛡️ The Horrors Persist, But So Do I.
SquareZer0 @__squarezero__
131 Followers 1K Following @protos3c team member | CTF player | Pentester
fittesi @fitteso
1 Followers 527 Following
Casey @_subTee
25 Followers 400 Following I like to read . Founder , Researcher @malwarialabs 🦟⚡️ -=-WIN-=-
TerminalZombie @TZombie23640
1 Followers 201 Following
Dogfish @ferretking
6 Followers 163 Following
Gaurav @MrKryp70n
442 Followers 187 Following OSCP | SYNACK Red Team 🚩 | Security Researcher | Cybersecurity Trainer
T @wteycmoeo
0 Followers 148 Following
Saad Saeed @saadsaeed1019
36 Followers 2K Following Security researcher in progress | Exploring adversaries & defenses | Aspiring Purple Teamer | Building skills, breaking barriers.
sad @sec0x25
79 Followers 3K Following
loiute buio @LoiuteB4155
6 Followers 413 Following
Jin Hee Lee @JinHeeLee395483
1 Followers 46 Following
Happier1736 @enigmaGlow
2 Followers 2K Following
nsjcoir @nsjcoir
0 Followers 12 Following
Florin @florin47394
2 Followers 202 Following
golddonkey_ @golddonkey2
1 Followers 204 Following
aqas @Aqas__
5 Followers 292 Following
jocker @DavidSpid12189
1 Followers 949 Following
Mjs Babaei @BabaeiMjs61151
0 Followers 29 Following
sxcxcd @kingscx01
7 Followers 247 Following
Hacking Exploitation @HExploitat1103
13 Followers 645 Following Cyber Security analyst, pentester,C/C++developer, learning malware development.
Calmic @c4lmic
212 Followers 1K Following cool, calm, & collected security enthusiast, engineer, hacker, recovering-entrepreneur, wild brewer. [email protected] #infosec #SecKC
sergio_173 @malek_taus_
4 Followers 299 Following
Abdullah Asif @Abdulla36287154
15 Followers 394 Following
Hero#731 @DoctorWonder115
27 Followers 451 Following
Norbert @NB1r0
59 Followers 3K Following
ϞϞ(๑⚈ ․̫ ⚈... @NeoPikachu_1
17 Followers 1K Following
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Oliver Lyak @ly4k_
9K Followers 265 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
sn🥶vvcr💥sh @snovvcrash
12K Followers 488 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Andrea P @decoder_it
8K Followers 290 Following Security Consultant @semperistech . Independent Security Researcher. Cyclist & Scubadiver. MSRC MVR 2022. "So di non sapere"
an0n @an0n_r0
13K Followers 725 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Josh @passthehashbrwn
10K Followers 332 Following Adversarial Simulation at IBM, tweets are mine etc.
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
Will Dormann is on Ma... @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Yarden Shafir @yarden_shafir
24K Followers 309 Following A circus artist with a visual studio license
x86matthew @x86matthew
21K Followers 189 Following C / asm / system emulation / reverse engineering. @the_secret_club
klez @KlezVirus
8K Followers 706 Following Independent Cyber Security Researcher - Opinions are my own
Dirk-jan @_dirkjan
28K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
Marcello @byt3bl33d3r
30K Followers 560 Following CyBeRsEcUrItY | Not afraid to put down with some THICC malware on disk | securing and breaking AI @PaloAltoNtwks | Ex @spacex
Ács Dávid @acsdavid97
36 Followers 389 Following Computer Science student, interested in all things Red & Blue team.
Koby Kahane @kobyk
120 Followers 253 Following
Josh Stroschein | The... @jstrosch
12K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 😱 1M+ views on YT | 🎙️ Host of Behind the Binary podcast 👇
Luigi Martire @luigi_martire94
741 Followers 556 Following Malware Analyst, Threat Researcher, Cyber Security Addicted. Opinions are my own.
Polymarket @Polymarket
634K Followers 5K Following Trade politics, news, culture, sports & tech. Discord: https://t.co/tzKrbDf7dZ Tag @AskPolymarket to get live odds.
Clement Rouault @hakril
1K Followers 532 Following Python (ab)user / Security / Windows internals / @ExaTrack
mr.d0x @mrd0x
44K Followers 296 Following Security researcher | Co-founder https://t.co/QxBlzp9A8w | https://t.co/zqMXQRZjQN | https://t.co/Fq7WSqTBva | https://t.co/eKezFcO6nd
Johnathan Norman @spoofyroot
5K Followers 335 Following Security research and engineering lead at @microsoft. on mastodon: https://t.co/YfJkktByFv and @spoofy.bsky.social not posting here anymore.
SinSinology @SinSinology
13K Followers 674 Following Pwn2Own 20{22,23,24,24.5,25,25.5}, i look for 0-Days but i find N-Days & i chase oranges 🍊
Raffaele Sabato @syrion89
575 Followers 645 Following macOS Detection Engineer at @SentinelOne. Offensive Security, Malware, Reverse Engineering and Apple Security. Opinions are my own. @syrion89.bsky.social
Justin Ibarra @br0k3ns0und
2K Followers 917 Following Tech Lead, security intel @elastic @elasticseclabs via @endgameinc | security research | detection engineering | bench press: 455lbs & 📈 | I like my own tweets
Nick Powers @zyn3rgy
2K Followers 225 Following Adversary Simulation @SpecterOps | Previously @Rapid7 & @Protiviti
sixtyvividtails @sixtyvividtails
3K Followers 393 Following Currently working as an independent GUID merchant. Fully licensed. I acquire, produce, and sell high-quality GUIDs.
Panos Gkatziroulis �... @netbiosX
25K Followers 812 Following Red/Purple Teamer | Blogger | Ex-Director @pentestlabltd | Mod @ https://t.co/1nzjl9KpSH | https://t.co/mIM1GA1mN4
Vaclav Kotyk @vaclavkotyk
199 Followers 1K Following 🕵🏼♂️🌐Tech communities & Cyber talent sourcing by day 👨🏼💻Returning to my geek roots by night 📚🏌🏼♂️🏞️🥃☕📈🎮🎲 In my free time | Opinions are my own
Alice Climent @AliceCliment
3K Followers 283 Following Malware and EDR stuff @harfanglab 🤓 || PTC || Sister of @h313n_0f_t0r & @lauriewired || https://t.co/fqvyNQ57ET
crazy hugsy @_hugsy_
4K Followers 945 Following Offsec dev addict, exploit dev, OS internal CTF with @thegooniesctf, @ctf_blahcat GitHub: https://t.co/EWFTQ8DAjd Discord: https://t.co/eFc159qbNg
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Dennis @DennisF
6K Followers 1K Following ΣΧ, co-founder of @DecipherSec. New novel BE GONE available NOW: https://t.co/bVFJcL9PdF. Worst-selling author. Friend of hackers. @duosec forever.
Securityblog @Securityblog
12K Followers 14K Following There are 10 types of people in the world. Those who understand binary, and those who don't. All opinions and views are my own. #BsidesDub organizer
Bruce Dang @brucedang
4K Followers 1K Following Chief Gardener at Veramine. Previously at Microsoft. author of Practical Reverse Engineering.
🤷♂️ @floesen_
2K Followers 98 Following
Brent Murphy @brent_murphy
846 Followers 693 Following detection engineering @sentinelone | former @todylsecurity @elastic @endgameinc | oscp | cissp | news @blueteamsec1
Satoshi Tanda @standa_t
8K Followers 395 Following Software security engineer and trainer https://t.co/tenaquooTc
Worawit Wang @sleepya_
2K Followers 39 Following
Michele Campa @s1ckb017
1K Followers 457 Following VR at @XI_Research - my opinions are my own and do not represent the views of my employer
eversinc33 🤍🔪�... @eversinc33
6K Followers 1K Following computers be computin | https://t.co/Eiur8iOJQ4
Security BSides Pragu... @bsidesprg
495 Followers 219 Following Annual community-driven information security conference | Buy us a coffee: https://t.co/WEiVNk2Gtv | Tickets on sale: https://t.co/IOXbbkoKCg
Boris Larin @oct0xor
18K Followers 655 Following Former console hacker (PS3/PS4). Hunting in the wild 0-days at Kaspersky GReAT. All tweets are my own.
Cedric Van Bockhaven @c3c
913 Followers 344 Following
Alon Leviev @alon_leviev
1K Followers 182 Following Vulnerability Researcher at Microsoft | Researcher, Speaker, BJJ Black Belt, Former BJJ World and Euro Champion
Tim McGuffin @NotMedic
6K Followers 2K Following Back to Red Teaming. Risk Hunter. DEFCON Staff & CFP Board. MS in DF. Fmr Fire/EMS. Red and Blue. Builder. Morally Flexible. https://t.co/zakkIXeyHu @ bluesky
System Informer @SystemInformer
683 Followers 1 Following A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions
Vulnlab @vulnlab_eu
6K Followers 1K Following Labs & Training by @xct_de | https://t.co/3vRSpRWwJb | You are welcome to join the community @ https://t.co/8tvZ0UZ5ZL
Jared Atkinson @jaredcatkinson
10K Followers 2K Following | CTO @specterops | Host @dcpthepodcast | Ex PowerShell MVP | USAF Vet | FC Bayern Supporter | Language Learner 🇳🇴 🇮🇹 🇧🇷 |
Geiseric @Geiseric4
906 Followers 155 Following AD/Azure Enthusiast | eCPPTv2 | CRTP | CRTO | CRTE | CRTM | CARTP https://t.co/yYy84cNFPw
Trends for United States
You might like
