Andy Robbins @_wald0
Co-founder of SpecterOps. Co-creator of BloodHound. https://t.co/rub1i3Fs9g wald0.com Seattle, WA Joined March 2011-
Tweets5K
-
Followers36K
-
Following2K
-
Likes5K
My SCCM BloodHound OpenGraph collector, ConfigManBearPig, is finally ready to share! It can enumerate all of the relay TAKEOVERs and a few CRED and ELEVATE techniques from Misconfiguration Manager with just a domain account. Let me know what you find! specterops.io/blog/2026/01/1…
Stack spoofing isn’t dead. Hear from @KlezVirus at #BHEU on how modern detection still breaks, and unveils the first CET-compliant stack spoofing framework. Learn more ➡️ ghst.ly/4izmuou
See you all next week...excited to present with @breakfix at #BHEU! 💣
SCOM monitors critical systems, but insecure defaults make it a powerful attack vector. At #BHEU, @unsigned_sh0rt & @breakfix show how to abuse SCOM for credential theft, lateral movement, and domain escalation, plus how to defend it. ghst.ly/4aoggph
SCOM monitors critical systems, but insecure defaults make it a powerful attack vector. At #BHEU, @unsigned_sh0rt & @breakfix show how to abuse SCOM for credential theft, lateral movement, and domain escalation, plus how to defend it. ghst.ly/4aoggph
Just in time for the holidays, I wanted to share something that a lot of people have asked for: youtube.com/playlist?list=… Short videos about Mythic development and customizations. This is just the start - I'll release a survey soon that'll get feedback for the next batch :)
Credential Guard was supposed to end credential dumping. It didn't. @bytewreck just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️ ghst.ly/4qtl2rm
In this post @_wald0 introduces PingOneHound, a BloodHound OpenGraph extension that allows users to visualize, audit, and remediate attack paths in their PingOne environment. The blog post also serves as an introduction to the PingOne architecture. specterops.io/blog/2025/10/2…
BloodHound isn't just for Active Directory anymore. 🤯 @SadProcessor dives into the BloodHound OpenGraph functionality & demonstrates the new PowerShell cmdlets added to the BloodHound Operator module to work with the OpenGraph feature. ghst.ly/4peTTrB
ICYMI: BloodHound OpenGraph, introduced with BloodHound v8.0, allows you to map attack paths across your entire tech stack. @JustinKohler10 & @_wald0 recently joined @_JohnHammond to discuss the new feature and share a demo. Watch the conversation 👉 ghst.ly/4fNZLDM
🚨 New #BloodHound shirt alert 🚨 ✅ - Unisex and ladies sizes available ✅ - Cool design :) ✅ - ALL profits go to charity: Hope for HIE, which supports families suffering the effects of hypoxic ischemic encephalopathy Get your shirt here: ghst.ly/bh8-tshirt
We are back with our BloodHound t-shirt fundraiser! 🙌 Grab your BloodHound 8.0 shirt today. All funds raised will go directly to @HopeforHIE, the global voice for families affected by Hypoxic Ischemic Encephalopathy. 👕: ghst.ly/bh8-tshirt
Check out my new blog on nested app authentication and brokered authentication.
Why should Microsoft's Nested App Authentication (NAA) should be on your security team's radar? @Icemoonhsv breaks down NAA and shows how attackers can pivot between Azure resources using brokered authentication. ghst.ly/45h2Zw3
Dear fellow pentesters & red teamers, How often do you run into a vCenter in your client’s environment? 🖥️ I just built one for vCenter - meet vCenterHound 🐾😉 This is just the beginning… more collectors and surprises are on the way. #Pentesting #RedTeam #BloodHound #vCenter
This post about MSSQLHound, a PowerShell collector that adds 7 new nodes and 37 new edges to BloodHound, details my experience and lessons learned designing and implementing the tool using OpenGraph and provides examples of how to research and discover MSSQL attack paths.
MSSQLHound leverages BloodHound's OpenGraph to visualize MSSQL attack paths with 7 new nodes & 37 new edges, all without touching the SharpHound & BloodHound codebases. @_Mayyhem unpacks this new feature in his blog post. 👇 ghst.ly/4leRFFn
MSSQL support just landed in BloodHound! You can now map out how attackers might use SQL servers to move laterally. This is incredibly useful in hybrid and legacy heavy environments. Let us know what you find. Learn more ➡️ ghst.ly/MSSQLHound
MSSQLHound leverages BloodHound's OpenGraph to visualize MSSQL attack paths with 7 new nodes & 37 new edges, all without touching the SharpHound & BloodHound codebases. @_Mayyhem unpacks this new feature in his blog post. 👇 ghst.ly/4leRFFn
More on BH OpenGraph: Ran into some issues when attempting to map objects collected with partial info back to existing BH objects. Built out a small tool that allows for connecting objects in a more flexible manner: github.com/G0ldenGunSec/O…
In this blog post I explain the fundamental building blocks, vocabulary, and principles of attack graph design for BloodHound: specterops.io/blog/2025/08/0…
Entra Connect sync accounts can be exploited to hijack device userCertificate properties, enabling device impersonation and conditional access bypass. @hotnops explores cross-domain compromise tradecraft within the same tenant. Read more ⤵️ ghst.ly/3ISMGN9
Florian Roth ⚡️ @cyb3rops
221K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Dave Kennedy @HackingDave
231K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
Florian Hansemann @CyberWarship
88K Followers 46 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
Justin Elze @HackingLZ
71K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
mRr3b00t @UK_Daniel_Card
123K Followers 8K Following Department of Cyber WAR. Member of the Counter Spider Collective. Wielder of AI to defend in Cyber Space. Ralph Vibe Specialist. VibeOps Operator!
ippsec @ippsec
123K Followers 365 Following
Adam Chester 🏴�... @_xpn_
38K Followers 538 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOlmau2 | Insta at https://t.co/PqR6CZQ48T
Grzegorz Tworek @0gtweet
38K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
DebugPrivilege @DebugPrivilege
41K Followers 2K Following Not active anymore on X. Problem solver with a passion for troubleshooting complex issues.
DirectoryRanger @DirectoryRanger
37K Followers 102 Following This account assembles and disseminates information related to Active Directory and Windows security.
Mike Felch (Stay Read... @ustayready
17K Followers 2K Following Offensive @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | Fighter for truth | K1HAQ
Charlie Bromberg « ... @_nwodtuhs
16K Followers 660 Following Trying to hack the way we hack things 🏴☠️
Dr. Nestori Syynimaa @DrAzureAD
21K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
Oliver Lyak @ly4k_
9K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Vincent Yiu @vysecurity
32K Followers 345 Following Director, Red Team / Offensive Security. Help organizations safeguard their businesses from the bad guys.
Dirk-jan @_dirkjan
30K Followers 205 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
rootsecdev @rootsecdev
27K Followers 1K Following Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
Franci Šacer @francisacer1
350 Followers 396 Following 🇸🇮 Technology Enthusiast | OSCP aka @[email protected]
theo @0xtheooo
2 Followers 85 Following
AYS @amreeesh_ays
0 Followers 55 Following Cybersecurity tools and templates for developers, analysts, and pentesters.
Retrievy @retrievy
0 Followers 23 Following Unify your cyber defenses. Advanced CSPM, ISPM & SCM for enterprise cloud and on-prem infrastructure. See the unseen, secure the core.
Manuel Marongiu @0nlyManuel
1 Followers 10 Following 🇮🇹 Security researcher • Red Team • CTF player Turning coffee into exploits
Mr. Obs @Masked_Whisper
15 Followers 438 Following
Momus @MomusKhaos
50 Followers 54 Following
SEMIN @SEMIN278618
0 Followers 23 Following
Noah Sioson @NoahSioson
8 Followers 58 Following
Christopher Morgan @Christophemc06
7 Followers 50 Following
0xAnvil @Evan_0xAnvil
0 Followers 16 Following
zese @ZexueZhao
0 Followers 5 Following
ClearAudit @saasguardscans
0 Followers 14 Following Website Security & ADA Compliance Audits OWASP • WCAG • GDPR • SOC2 I find vulnerabilities before hackers do. DM for audit → https://t.co/cQ5H9HV6Vt
Kylian Mbappe @turtle0943218
2 Followers 83 Following
Manish Jha @offsecManish
1 Followers 33 Following
Athina Thomas @ArtistYay
7 Followers 54 Following Second option? fuck no but I'm tryna figure all this shit out just like you too https://t.co/YAlJ61x0Zr
River Milky @Rushmilky
0 Followers 73 Following
Prasad @mesiva5
8 Followers 691 Following
who1am @nowindows9
5 Followers 210 Following
trias @tr1as3c
0 Followers 89 Following
Robin Prak @deselektah
319 Followers 1K Following Fractiemedewerker @spgroningen dreams about a sharing society that aims for the stars * have a passion for groove & soul * soundcloud: https://t.co/jDS1Llp0OS
Garikapati Sai kiran @Garikapati69851
2 Followers 30 Following
cepasystems @cephasystems
0 Followers 41 Following 20 years breaking and fixing IT infrastructure. Now packaging what I learned into playbooks you can actually use at 2am during an incident.
Seneca @Sec_Seneca
0 Followers 7 Following
Alberto Alonso @_albertoam3
8 Followers 88 Following
NJC @Najica21
1 Followers 65 Following
n0dlez @n0dlezz
0 Followers 65 Following
Fares @alenezi_F_B52
362 Followers 659 Following
Kret @Kret819248
0 Followers 32 Following
x40 @twocosmicballs
17 Followers 34 Following
Sayed Zaid @ZaidSayed0
0 Followers 44 Following
Dang Hung @hungdv80
61 Followers 2K Following
badgoy @Aejzldbdkfbe
3 Followers 144 Following
Domero @profdomero
21 Followers 88 Following
twis @Twis65640Twis
2 Followers 523 Following
0xbastard @b45142d
89 Followers 704 Following
_CuS_ @Oberon0224
6 Followers 554 Following
Dave Kennedy @HackingDave
231K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
Florian Hansemann @CyberWarship
88K Followers 46 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
Justin Elze @HackingLZ
71K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Adam Chester 🏴�... @_xpn_
38K Followers 538 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOlmau2 | Insta at https://t.co/PqR6CZQ48T
DebugPrivilege @DebugPrivilege
41K Followers 2K Following Not active anymore on X. Problem solver with a passion for troubleshooting complex issues.
DirectoryRanger @DirectoryRanger
37K Followers 102 Following This account assembles and disseminates information related to Active Directory and Windows security.
Mike Felch (Stay Read... @ustayready
17K Followers 2K Following Offensive @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | Fighter for truth | K1HAQ
Charlie Bromberg « ... @_nwodtuhs
16K Followers 660 Following Trying to hack the way we hack things 🏴☠️
Dr. Nestori Syynimaa @DrAzureAD
21K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
Oliver Lyak @ly4k_
9K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Vincent Yiu @vysecurity
32K Followers 345 Following Director, Red Team / Offensive Security. Help organizations safeguard their businesses from the bad guys.
Dirk-jan @_dirkjan
30K Followers 205 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
rootsecdev @rootsecdev
27K Followers 1K Following Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
mpgn @mpgn_x64
18K Followers 236 Following Flibustier du net ̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿ Podcast Hack'n Speak @hacknspeak / https://t.co/GyACSFg9mw
Stephan Berger @malmoeb
29K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Matt Zorich @reprise_99
15K Followers 2K Following @Microsoft Security | https://t.co/HWozKuixTi | Tweets are my own | 🇦🇺
Josh @passthehashbrwn
10K Followers 296 Following Adversarial Simulation at IBM, tweets are mine etc.
sn🥶vvcr💥sh @snovvcrash
12K Followers 494 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
MOR DAVID @m0rd4vid
312 Followers 462 Following Cyber Security Expert & Red Teamer with 5+ Years of Experience.
Dave Cossa @G0ldenGunSec
2K Followers 267 Following Adversary Simulation @xforce/ Frequent reader of the first page of Google results / Occasional reader of the second page of Google results
Toffy @toffyrak
243 Followers 227 Following
Yehuda Smirnov @yudasm_
778 Followers 568 Following Security Researcher @Microsoft, opinions are my own.
Hai vaknin @VakninHai
1K Followers 213 Following Security Researcher EAT-Sleep-Hack-Repeat https://t.co/oEFfl40EMN
Brett Hawkins @h4wkst3r
3K Followers 504 Following Leader | Red Team | Conference Speaker | Security Researcher | Tool Developer | current @armadinsecurity | prev @xforce @mandiant @chase
Bia! Ⓥ @BiaSciLab
10K Followers 658 Following I'm Bia! Super into Hacking, Election Security and teaching STEAM! 🦄 cDc member 🐄 Founder, CEO https://t.co/qiMa7wraK6 https://t.co/FWs4dKV3Ys
Alexander Sou @sou_predictable
28 Followers 15 Following
Lukas Beran @lukasberancz
2K Followers 244 Following Senior Security Researcher (DART) @Microsoft. Opinions are my own. #MSIncidentResponse #DART #Microsoft365 #EntraID #DefenderXDR #Sentinel
Daniel Bradley @DanielatOCN
2K Followers 267 Following Microsoft MVP, blogger and I write a little PowerShell
Christian Bortone @xybytes
190 Followers 108 Following
Sahan @SriLankanMonkey
509 Followers 665 Following Views are my own and do not represent my employer or other entities. Pediatric CISO, volunteer assistant rowing coach * He/Him * @TribeOfHackers Blue Team
Eric Woodruff | MVP |... @ericonidentity
2K Followers 731 Following Chief Identity Architect @SemperisTech. Microsoft Security MVP, Entra nerd. Part-time hiker, full-time dad and partner. Opinions expressed are from my cat.
Kamala Harris @KamalaHarris
21.0M Followers 701 Following Always fighting for the people. Wife, Momala, Auntie. She/her. 107 Days available now.
Martin Haller @martinhaller_IT
425 Followers 90 Following • Cybersecurity Expert • Blue Teamer • Public Speaker • Blogger • CEO at PATRON-IT • OSCP, MCSE, CHFI, ECSA, CCNP •📩[email protected]
SNOWcon @SNOWcon_2025
23 Followers 2 Following Hacker Winter Camp. A Cybersecurity Conference with a heavy Ski/Snowboard social aspect. Each year a new destination.
Rogier Dijkman | Micr... @DijkmanRogier
804 Followers 651 Following Cloud Security Researcher | Developer | Author | SecureHats | Marathoner | #PowerShell, #ARM, #GitHub #DevOps #CLI #Security, #KQL Enthusiast
CommanderApaul is on ... @CommanderApaul
891 Followers 417 Following IAM Engineer, AD/GPO SME. ❤️ Powershell. LEGO, cycling, homelab, etc. Periodic rants about bipolar teenager. Sorry.
sapir federovsky @sapirxfed
5K Followers 196 Following Doing things @wiz_io And then doing more things at home | Failed research blog: https://t.co/j2HT1Tpscs | Trying to be more chill🧘♀️
Zach Stein @synzack21
711 Followers 411 Following Red Teamer | Penetration Tester | AD Nerd | Adversary Simulation @SpecterOps
Steve Borosh @rvrsh3ll
1K Followers 731 Following The future is not set. There is no fate, but what we make for ourselves. - John Connor
Casey Knerr @casey_knerr
448 Followers 6 Following
werner herzog @izzycamina
407 Followers 270 Following MAKING 𒁂 MUSIC 𒁂𒂝𒀱𒁂articulating 𒁂 your longing 𒁂 through pop music
Carl Stalhood @cstalhood
11K Followers 242 Following NetScaler. Citrix. Omnissa Tech Insider. Azure Virtual Desktop. Principal Consultant at CDW.
Harm Veenstra 🚀 | ... @HarmVeenstra
2K Followers 4K Following 2 x Microsoft MVP | #PowerShell Evangelist | Living apart together with @Eve_023 | Consultant @We_Are_InSpark | Innovate to Accelerate
erm4 @er1cm4
3 Followers 75 Following
Keanu Nys @RedByte1337
1K Followers 80 Following Offensive Security Lead @ Spotit. Creator of GraphSpy
Cory Wolff @cwolff411
7K Followers 241 Following Director, Offensive Security @ risk3sixty | Director of Training @RedTeamVillage_ | Technologist | Builder and breaker of all the things. Tweets are my own.
clearbluejar @clearbluejar
2K Followers 441 Following Security Researcher | Founder @clearseclabs | Author of #ghidriff | Agentic #PatchDiffing | Stuck in a loop: Build • Reverse • Learn • Share
Jean-Michel Besnard @jmbesnard_maz
446 Followers 544 Following Partner - Cybersecurity Audit & Advisory - Grant Thornton France https://t.co/gQmAQTHcLe
Ashish Gupta @ashishrocks
216 Followers 548 Following VP, Cloud Security Operations, Information security. https://t.co/n5VhvhYfdu
Mike @MySnozzberries
525 Followers 2K Following I Build-Break-Repeat, AWS, Azure, MS, Cisco, InfoSec https://t.co/eN8iK5IMuL
Kay Daskalakis @KayDaskalakis
100 Followers 268 Following 🛡️ Visually helping to spread the message #DefenceInDepth starts with #Identity @SpecterOps - Tweets, satire and harmless opinions are my own.
Mohit Gupta @_Skybound
160 Followers 62 Following Principal Security Consultant @ Reversec focusing on all things AWS, CI/CD and Kubernetes More active on Slack than here (links at bottom of personal website)
drak3hft7 @drak3hft7
3K Followers 307 Following Bug Hunter & Penetration Tester | Synack Red Team Member | Top 10 Yeswehack
David O'Brien (he/him... @david_obrien
6K Followers 2K Following Founder of @ARGOS_Cloud , Azure, Entra ID & M365 cloud security assessments for consultants and security professionals. MS Azure MVP (2013-2023), pilot, dad.
Jean Marsault @iansus
1K Followers 369 Following Red-Team & DFIR @WavestoneFR YoloSw4g CTF Opinions are my own
Elke Stangl (elkement... @elkement
1K Followers 979 Following Physicist, engineer (cyber security, energy). I am creating physics-inspired art wth pencils or with code.
Lukas Klein | @rantas... @RantaSec
60 Followers 168 Following
Matt Creel @Tw1sm
1K Followers 253 Following Adversary Simulation @ SpecterOps | OSCP | CRTO | https://t.co/LfiIqD4M4l
Forrest Kasler @FKasler
553 Followers 397 Following Climber, Penetration Tester, Code Junkie, Malware Enthusiast @specterops
Edznux @Edznux
113 Followers 464 Following
nodauf @nodauf
534 Followers 577 Following Offensive security enthusiast | Interested in malware dev, AD, Windows, ...You might like
