-
Tweets1K
-
Followers5K
-
Following1K
-
Likes1K
Charlie Clark retweeted
This release is probably going to be one of our biggest and most impactful! Kudos to the team @peterwintrsmith @modexpblog @s4ntiago_p @GigelV41464 @saab_sec 🙌
We're really bringing the 🔥 with our next Nighthawk release - Janus - nighthawkc2.io/janus/
1
23
114
25K
40
Charlie Clark retweeted
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…
@UrfinJuice9 each ticket requires a referral
A little example of cross domain S4U: exploit.ph/crossing-trust…
Charlie Clark retweeted
Happy to finally share a new blog with @exploitph on our work revisiting the Kerberos Diamond Ticket. ✅ /opsec for a more genuine flow ✅ /ldap to populate the PAC 🆕 Forge a diamond service ticket using an ST We finally gave it a proper cut 💎 huntress.com/blog/recutting…
@sekurlsa_pw @al3x_n3ff the same technique also allowed me to bypass authentication silos: msrc.microsoft.com/update-guide/v…
@sekurlsa_pw @al3x_n3ff this technique makes several attacks possible, one I wrote about at the same time is kerberoasting from a mitm position without creds: exploit.ph/all-ur-as-belo…
@al3x_n3ff yeah, I did that 3 years ago: exploit.ph/all-ur-as-belo…
Charlie Clark retweeted
Have you ever wondered if there was a way to deploy a "Remote EDR"? Today I'm excited to share research I've been working on for the past couple months. This dives into DCOM Interfaces that enable remote ETW trace sessions without dropping an agent to disk. Includes a detailed write-up: jonny-johnson.medium.com/no-agent-no-pr… And a new GitHub project "JonMon-Lite": github.com/jonny-jhnson/J…
Charlie Clark retweeted
My #SOCON2025 talk is now live for those interested in credential guard research. youtu.be/9U_7u849yQQ?fe…
@_RastaMouse @_EthicalChaos_ @__invictus_ @4ndr3w6S the reason I think the TDO holds both is because when you sync the TDO, you get both keys
@_RastaMouse @_EthicalChaos_ @__invictus_ @4ndr3w6S I think the TDO holds both, as I said I think it's due to how the server lookup is coded, it was easier to have a trust account for requesting tickets rather than trying to code it differently or something, but I'd need to be familiar with the code to be sure
@_RastaMouse @4ndr3w6S @SteveSyfuhs I assume it's something to do with how AD does the server lookup though
@_RastaMouse @4ndr3w6S idk why exactly, ig you'd have to ask MS, perhaps the way AD works under the hood it requires an actual account to create a ST
@_RastaMouse @4ndr3w6S so you request a referral to krbtgt/domain2, it uses the account cred for the DOMAIN2$ INTERDOMAIN_TRUST_ACCOUNT as the service key for the referral
@_RastaMouse @4ndr3w6S I assume you mean the INTERDOMAIN_TRUST_ACCOUNT, in which case it's used to request a referral to the foreign domain
@_abs0lute fwiw, I've not noticed a speed increase for AES encrypted tickets, only RC4
fwiw, you can speed up cracking RC4 kerberoast tickets by requesting the ticket from the AS without a PAC
@_abs0lute I'm not sure about with john and certainly the more resources you have, the larger increase you'll notice, but it seems to be due to the enc-part being around 1000 bytes smaller (at around 100-200 bytes without a PAC), it doesn't make a huge difference but it's definitely faster
@TheCovertCorvus I mentioned this in my blog post: semperis.com/blog/new-attac…
@TheCovertCorvus no, you can request any non-krbtgt ticket from the AS without a PAC without any changes required
Justin Elze @HackingLZ
71K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Charlie Bromberg « ... @_nwodtuhs
16K Followers 661 Following Trying to hack the way we hack things 🏴☠️
Florian Roth ⚡️ @cyb3rops
221K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Oliver Lyak @ly4k_
9K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Grzegorz Tworek @0gtweet
38K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Adam Chester 🏴�... @_xpn_
39K Followers 543 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOlmau2 | Insta at https://t.co/PqR6CZQ48T
sn🥶vvcr💥sh @snovvcrash
12K Followers 495 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Dave Kennedy @HackingDave
231K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
n00py @n00py1
14K Followers 967 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
mgeeky | Mariusz Bana... @mariuszbit
15K Followers 960 Following 🔴 Offensive Security Developer @ Outflank, Red Team operator, ex-AV dev, ex- malware researcher 🫖 Green tea lover
mpgn @mpgn_x64
18K Followers 236 Following Flibustier du net ̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿ Podcast Hack'n Speak @hacknspeak / https://t.co/GyACSFg9mw
an0n @an0n_r0
14K Followers 732 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Josh @passthehashbrwn
10K Followers 297 Following Adversarial Simulation at IBM, tweets are mine etc.
Dirk-jan @_dirkjan
30K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer. Red Team @MDSecLabs
Vincent Yiu @vysecurity
32K Followers 348 Following Director, Red Team / Offensive Security. Help organizations safeguard their businesses from the bad guys.
PL @planvin
0 Followers 6 Following
rykers @beardedsec
58 Followers 2K Following
ColdWarKiid @coldwarkiid
42 Followers 821 Following Infosec US Army 19k LA Baseball | Miami Football
Hacker Stickers @HackerStick3rs
3K Followers 7K Following we're just here to spread neat hacking and cybersecurity related stickers. need high quality vinyl stickers made? DM us.
...and that was how w... @HowWeLostTheWar
321 Followers 2K Following Behind every wooden horse is a woodshop
Geekcrue @geekcrue
206 Followers 709 Following Incident Response & Forensics Professional. Supporter of all things Auburn University. #WAREAGLE
Roy Donk @holden_maddick
2 Followers 96 Following
Saja_foadT @foad_hame
2 Followers 25 Following Bir medya aktivisti, Gazze Şeridi'ndeki yoksul ailelere insani yardım alanında çalışıyorum. " Media_Activist"
Ghost Byte @PickettTon18807
8 Followers 1K Following
jonafk555 @jonafk555_
4 Followers 376 Following Cybersecurity player / Web security / Penetest / OSINT
maya ✨ @mayacqld
7 Followers 330 Following 18 🌺 spam acc got new of... and im looking for a content buddy ✝︎
trias @tr1as3c
0 Followers 89 Following
Abdeslem A @h4nz0x7
0 Followers 155 Following
Unknown @Unknowno313
16 Followers 1K Following
Yahya MA @YMoularad
2 Followers 300 Following
Fares @alenezi_F_B52
362 Followers 688 Following
twis @Twis65640Twis
1 Followers 523 Following
Yuu @sumaka0322
0 Followers 966 Following
Brian Billings @BillingsNetSPI
132 Followers 360 Following Director of Major Accounts for @NetSPI Surrounding myself with leaders, #Bitcoin 🚀, #CyberSecurity #NetSPI #Pentesting Views are my own.
Darius Moldovan @T3jv1l
531 Followers 551 Following Usually at keyboard !!🇷🇴 CTF Organizer at @DefCampRO and @cyberedu_ro Team
AsifAmin @AsifMAmin
5 Followers 307 Following
Richard B @radioactivedir
9 Followers 113 Following A nerd who does things, sometimes. Always learning, never an expert. Deleted old account during the eXodus.
xan @xanruth
0 Followers 114 Following
papx zobo @PapxZobo72735
2 Followers 428 Following
bl4ck4rch @bl4ckarch
164 Followers 422 Following Pentester at @orangecyberdef | CTF enthusiast | @hackthebox MVP 2025
Peyman Zinati @Scar3cr0vv_
207 Followers 303 Following
Hashi @unknownman772
11 Followers 598 Following
Nicocollins jr @Nicocollin15070
0 Followers 57 Following
Michael elizarov @Michaelelizaro2
6 Followers 398 Following
eventos.seguridad @eventos_seguro
3 Followers 130 Following
zsclwd @zsclwd
3 Followers 350 Following
zrxrqzzz @zrxrqzzz
1 Followers 58 Following
Aman Kumar @AmancoolSam
184 Followers 2K Following Security Researchers - CRTO || CRTP || OSCP || CEH
INVOXES @invoxes1337
343 Followers 124 Following
roshanii Shrestha @roshanii53497
0 Followers 58 Following
nemo @107cwk
51 Followers 2K Following Trying to build a very good list of infosec researchers to follow. I swear I'm probably not a bot.
Justin Elze @HackingLZ
71K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Charlie Bromberg « ... @_nwodtuhs
16K Followers 661 Following Trying to hack the way we hack things 🏴☠️
Florian Hansemann @CyberWarship
88K Followers 46 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
Florian Roth ⚡️ @cyb3rops
221K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Oliver Lyak @ly4k_
9K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
Grzegorz Tworek @0gtweet
38K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Adam Chester 🏴�... @_xpn_
39K Followers 543 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOlmau2 | Insta at https://t.co/PqR6CZQ48T
Dave Kennedy @HackingDave
231K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
ippsec @ippsec
123K Followers 366 Following
mpgn @mpgn_x64
18K Followers 236 Following Flibustier du net ̿ ̿̿'̿'\̵͇̿̿\=(•̪●)=/̵͇̿̿/'̿̿ ̿ ̿ ̿ Podcast Hack'n Speak @hacknspeak / https://t.co/GyACSFg9mw
Mike Felch (Stay Read... @ustayready
17K Followers 2K Following Offensive @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | Fighter for truth | K1HAQ
an0n @an0n_r0
14K Followers 732 Following CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
Dirk-jan @_dirkjan
30K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
Dr. Nestori Syynimaa @DrAzureAD
21K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
DirectoryRanger @DirectoryRanger
37K Followers 102 Following This account assembles and disseminates information related to Active Directory and Windows security.
SEKTOR7 Institute @SEKTOR7net
17K Followers 349 Following Homo Aptus. Vincit qui se vincit - Publilius Syrus. Consulting, Training, Technology, Cyber domain, and more... @x33fcon founder.
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer. Red Team @MDSecLabs
Pliny the Liberator �... @elder_plinius
213K Followers 1K Following ⊰•-•⦑ latent space steward ❦ prompt incanter 𓃹 hacker of matrices ⊞ breaker of markov chains ☣︎ ai danger researcher ⚔︎ bt6 ⚕︎ architect-healer ⦒•-•⊱
Sinaei @Intel80x86
9K Followers 400 Following Windows Internals enthusiast, Interested in hardware design & low-level programming. An active developer of @HyperDbg debugger. https://t.co/TUALkTusHt
Daax @daaximus
12K Followers 407 Following reverse engineering • secure processor design • system emulation • µarch bugs @the_secret_club
sixtyvividtails @sixtyvividtails
4K Followers 401 Following Currently working as an independent GUID merchant. Fully licensed. I acquire, produce, and sell high-quality GUIDs.
Gary Stevenson @garyseconomics
185K Followers 303 Following Inequality Economist. Former Trader. Other Economists make predictions, but my ones are actually right. Explaining Economics on YouTube - garyseconomics
Dlive @D1iv3
2K Followers 1K Following Security Researcher. 2022 MSRC MVR. Windows Active Directory Security / Cloud Security / Web Security. Tweets are my own.
X-C3LL @TheXC3LL
5K Followers 632 Following Just a biologist that loves to break cyber-stuff. Ka0labs / @AdeptsOf0xcc / ID-10-Ts member. 🦉
Yarden Shafir @yarden_shafir
26K Followers 319 Following A circus artist with a visual studio license
Soroush Dalili @irsdl
20K Followers 940 Following Hacker (ethical), web appsec specialist, trainer, tools builder & apps breaker 🕸️https://t.co/YipuTcYnWc🥷 🍏A dad-joke maker🍐
Stephen Fewer @stephenfewer
10K Followers 258 Following Senior Principal Security Researcher @rapid7. Specializing in software vulnerabilities and exploitation.
VictorV @vv474172261
3K Followers 170 Following Binary Sec😉VMware Escape at TFC 2018/21/23. Hyper-V Escape. Top3 of MSRC 23Q3/Q4/24Q1/Q3/Q4/Annual/25Q1/Annual. Watchlist for security news.
Megan @mega_spl0it
539 Followers 273 Following Purple Teamer | Probably a SIEM log | Send Memes | Putting the Tater in Administater | Security Spud @TrustedSec
Lee McWhorter - Last ... @tleemcjr
938 Followers 1K Following IT & Cyber Security Expert Generalist, Speaker/Author/Educator, CTO @Covered6llc, Chief Geek McWhorter Technologies, CompTIA Instructor & Board Member, Texan!
Higinio “w0rmer” ... @0x686967
7K Followers 4K Following Father ×3 | Full-Spectrum Operator (Offense/Defense) | Web & Network Intrusions + Fortifications | @w0rmer.bsky.social | HW Killer | Stack Ghost
🇦🇺Kylie Ochoa �... @MissAnonFatale
5K Followers 3K Following I have “the most famous breasts in FBI Cybercrime / Anonymous / Hacking history” 🤣 Mum of 2 boys | Single, not married | Darknet Diaries Ep. 63
Scott Nusbaum @_snus
448 Followers 147 Following
Jeff Foley @jeff_foley
6K Followers 901 Following vice chair of the @owasp project committee | @owaspamass project leader | mastodon: https://t.co/5tzmNUcL6R
Altered Security @AlteredSecurity
9K Followers 2K Following Global leader in hands-on learning for enterprise and cloud security education. Join 50000+ infosec professionals from 130+ countries
Olaf Hartong @olafhartong
17K Followers 980 Following @FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model
hasherezade @hasherezade
91K Followers 957 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
Matt Hand @matterpreter
10K Followers 196 Following Building @originhq | Author, Evading EDR @nostarch
Stephen Sims @Steph3nSims
26K Followers 861 Following Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/4neOSsnCQ8
Stephen Woodford | Ra... @RationalityRule
22K Followers 144 Following We are not even a pawn in the cosmic game at play... and that's okay!
Gregory Hartley @1greghartley
13K Followers 574 Following Author, former army interrogator, and resistance to interrogation instructor applying the skills of an interrogator to daily life for TV, Radio, and Print.
⭕️ Chase Hughes @NCIUniversity
52K Followers 2K Following 🌐 NCI University | Empowering Success through Mastery, Insight, and Connection - Founded by Chase Hughes and Applied Behavior Research
Machine Learning Mast... @TeachTheMachine
75K Followers 35 Following Making Developers Awesome At Machine Learning
Marc Rogers @marcwrogers
16K Followers 1K Following Ramblings of Mad Englishman: Hacker @ BBC Real Hustle & Mr Robot. Head of Sec @ DEFCON. Founder @ CTI-League, Ransomware Taskforce, (He/Him).
cje @caseyjohnellis
29K Followers 5K Following human | troublemaker & troubleshooter | founder @bugcrowd @disclose_io, advisor | pioneer of #bugbounty as-a-service | opinions CC0 1.0 | #hacktheplanet
Dafydd Stuttard @DafyddStuttard
7K Followers 77 Following Founder and Chief Swig at @PortSwigger. Creator of @Burp_Suite and @WebSecAcademy. Author of The Web Application Hacker's Handbook.
Abacus.AI @abacusai
100K Followers 0 Following The world’s first AI super assistant for professionals and enterprises - access to all the AI models and a very powerful general agent on ChatLLM
Lex Fridman @lexfridman
5.0M Followers 687 Following Host of Lex Fridman Podcast. Interested in robots and humans.
Will Dormann is on Ma... @wdormann
27K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Labman @Amarjit_Labu
2K Followers 2K Following Lover of breaking things | Cybersec researcher with a wide taste in music genres!! https://t.co/AOHvviQE9r ||| chr°ᶰ1k |||
Merill Fernando @merill
20K Followers 4K Following Ex-Microsoft PM | Tweets my own Built → https://t.co/QbUp63ffXf • https://t.co/8W7yvQi3jb • https://t.co/NFLDqDIY8h • https://t.co/tSWrIw8Ajh 📰 Newsletter→ https://t.co/tPzAEl0Zuq & https://t.co/894nfObWuU 🎙️ Podcast→ https://t.co/TBlNKTzn8t
Giorgio @cloned_tweets
182 Followers 533 Following AI safety and security research @Microsoft. Evil numerical optimization enthusiast.
Yuki Chen @guhe120
10K Followers 280 Following 古河, Indepent security researcher, Bug bounty, ACG Otaku, Pwn2Own 15/16/17, PwnFest16,TianfuCup 18/19/20, 5 times MSRC MVR yearly Top 1. Got two pwnie awards.
James Fridman @fjamie013
2.1M Followers 1 Following Do not submit any personal photos that you do not want to be made public. Terms and conditions apply. https://t.co/WWtgLUgpub
Dmitry Vostokov 🇮�... @DumpAnalysis
8K Followers 6K Following Diagnostician. Author of Diagnomicon. Gang of One. Software Surgeon. Machine Learning and AI for Software Diagnostics and Observability. Generative Debugging.You might like
Will Schroeder
@harmj0y
49K Followers
S3cur3Th1sSh1t
@ShitSecure
28K Followers
mpgn
@mpgn_x64
18K Followers
Matt Hand
@matterpreter
10K Followers
Charlie Bromberg « ...
@_nwodtuhs
16K Followers
Lee Chagolla-Christen...
@tifkin_
14K Followers
Bad Sector Labs
@badsectorlabs
9K Followers
Pixis
@HackAndDo
8K Followers
LuemmelSec
@theluemmel
8K Followers
an0n
@an0n_r0
14K Followers
Chetan Nayak (Brute R...
@NinjaParanoid
32K Followers
spotheplanet
@spotheplanet
11K Followers
Ryan Cobb
@cobbr_io
12K Followers
klez
@KlezVirus
9K Followers
mgeeky | Mariusz Bana...
@mariuszbit
15K Followers