Izy @IzySec
Learning to break, working to secure. Europe Joined July 2017-
Tweets472
-
Followers339
-
Following354
-
Likes1K
Check out GoLinHound: - Discovers Linux & SSH attack paths - Outputs OpenGraph JSON for BloodHound ingestion - Integrates with SharpHound and AzureHound data to unveil cross-technology attack paths github.com/RantaSec/golin…
Catch @IzySec's recent podcast discussing Rogue Remote Desktop Protocol: open.spotify.com/episode/5AGW25…
Signed .rdp files are being used to trick users. GTIG observed a novel #phishing campaign targeting European government and military organizations, and has attributed it to a suspected Russia-nexus #espionage actor tracked as UNC5837. Read the details: bit.ly/4jrDcFD
1) I didn't know .RDP config files could be signed 2) RDP RemoteApps are crazy 3) I always appreciate a Fuzzy Snuggly Duck cloud.google.com/blog/topics/th…
Neat blog on RDP tradecraft, includes examples, practical recommendations on hardening, detection ideas etc.
Having convertible detection content is great, no doubt. What I think is underrated is blueteam-focused tradecraft intel. Red teams share it all the time, we should too. A threat group recently showed creativity with a known technique. Here's how it worked cloud.google.com/blog/topics/th…
Having convertible detection content is great, no doubt. What I think is underrated is blueteam-focused tradecraft intel. Red teams share it all the time, we should too. A threat group recently showed creativity with a known technique. Here's how it worked cloud.google.com/blog/topics/th…
@ImposeCost For Azure trainings, I've heard good things about specterops.io/adversary-pers… xintra.org/training/cours… alteredsecurity.com I've not personally taken any myself. For AWS, I have taken and can recommend the course from the AWS IR team themsleves aws.amazon.com/blogs/security…
Some solid work done by the team! Give them a read :)
🌶️ Active Fortinet Zero-Day Exploitation ITW 🌶️ cloud.google.com/blog/topics/th… #zeroday #fortinet #inthewild
Windows audit policies, the events they enable and the relative volume of events they generate #ThreatHunting #DFIR
A sister team of mine is hiring. They do hard core detection engineering. You will be analyzing things you won't see elsewhere and writing a variety of content to detect it. Super technical role alongside some great folk.
I'm excited to announce that I'm hiring two Detection Engineers for the Mandiant Detection Engineering Team! Come build detections at a global scale for cutting edge threats on an amazing team. Apply here google.com/about/careers/… #DetectionEngineering #Mandiant #Detection
Wondering what telemetry an EDR collects? Wonder no more! @Kostastsale and @ateixei run an EDR Telemetry Project, covering all major EDRs: "The main goal of the EDR Telemetry project is to encourage EDR vendors to be more transparent about the telemetry they provide". Blog: detect.fyi/edr-telemetry-… Table: docs.google.com/spreadsheets/d… Github: github.com/tsale/EDR-Tele… #redteam #blueteam #telemetry
Small experiment today, inspired by @kaganisildak, using RCON protocol, as used by e.g. CS 1.6 as a C2 channel for the lulz
@ImposeCost I liked the Psychology of Money by Morgan Housel.
@_RastaMouse Your content doesn't need marketing, Daniel!
It's a bittersweet moment, but our series of "Attacking an EDR" has come to an end! Me and @Her0_IT hope that you had as much fun reading it as we had writing it. riccardoancarani.github.io/2023-11-07-att…
I've just released the next edition of the On Detection series. I investigate why detection rules based on Process Creation are often brittle or easily bypassed. I also provide a framework for discerning when it is appropriate and when it isn't. posts.specterops.io/on-detection-t…
Adhithya Suresh Kumar @amun_rha
686 Followers 1K Following Detection Engineer @SentinelOne | Reverse Engineer | Former Lead & CTF Player @teambi0s
PV @cybersec_pv
239 Followers 3K Following
Mike Wazowski @Wazowski2025
0 Followers 2 Following
er wang @QiwuSec
6 Followers 413 Following
Elio C. @ElioC2056
1 Followers 179 Following
Reena Pathak @RPat26
0 Followers 842 Following
Willie Fogg @WillieFog420
2 Followers 70 Following
Shpend Lutfiu, PhD @shpendlutfiu
11 Followers 267 Following
David -- 🇪🇺 �... @ddurvaux
593 Followers 721 Following Breaking stuff. Doing incident response somewhere in this galaxy. IT Security is a passion (all tweets are my own). -- Also on [email protected]
Przemek Skowron @evilrez
930 Followers 2K Following Move && Eat && Hunt && Repeat. My tweets are my own.
moto_sato @58_158_177_102
10K Followers 2K Following 企業のCSIRTの人兼企業のCTOの人。シンクホールは趣味。書き込む内容は所属に関係しているものもありますが、意見や見解は個人的なもの。意識低い低い系/User side Cyber Security Researcher & sinkholer
wamadi @idamawmrqz
4 Followers 67 Following
HPH @HeinrichsH
449 Followers 490 Following {"work": "leveraging full-spectrum cyber for @CrowdStrike", "interests": ["binary exploitation", "cryptography", "embedded hacking", "@EatSleepPwnRpt", "JSON"]}
Oussama Elfigha @EAnad0r
34 Followers 788 Following
timlake @timlake252160
1 Followers 2K Following
kko @kko14167177
0 Followers 103 Following
Defender Ciprian Davi... @CiprianDefender
40 Followers 3K Following
Bùi Huy Thăng @SKT_T1_Ghost
0 Followers 1 Following
Wild West IT @ItWildwest
20 Followers 348 Following You’ve heard of shadow IT? Well even worse is Wild West IT people shooting from the hip. I only tweet when I drink.
Joshua Anderson @_7unchb0x
2 Followers 42 Following
Intend Privacy @IntendPrivacy
209 Followers 647 Following Tinkerer, blogger, InfoSec Soldier and Adventurer - Opinions are mine.
Kleber Bernardo @kreebx
2K Followers 8K Following A young boy's strange, erotic journey from philosophy to programming | Data Science undergrad at UFMS (he/him) (pt/en)
erwang @erwang32086445
4 Followers 324 Following
比个心 @vbigthing
51 Followers 4K Following
POP @fitpunj
0 Followers 380 Following
GeekyPanda @geekypanda411
895 Followers 3K Following DFIR, Malware RE, All Views are personal! #cybersecurity #infosec #DFIR
43 56 @THIR_Sec
406 Followers 735 Following 🏹 @SentinelOne | @SANS_EDU #MSISE Alum | Former @TheDFIRReport Contributor. Expressed opinions are my own.
Dr. Anton Chuvakin @anton_chuvakin
42K Followers 9K Following Information security - #SIEM, #DFIR, #EDR formerly at Gartner! Now @GoogleCloud Office of the #CISO; host of @CloudSecPodcast https://t.co/VpKtfz8nXG
Rufus @rufusmbrown
1K Followers 310 Following @Mandiant / @GoogleCloud | Advanced Practices 🦅| @GeorgiaTech | opinions are my own
Steve YARA Synapse Mi... @stvemillertime
18K Followers 1K Following AI threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
chacha20 @chachatwenty
0 Followers 70 Following
Till @tillstuder
12 Followers 337 Following
ariel marcelli @ariel_marcelli
0 Followers 51 Following
nanjin002 @nanjin00272827
12 Followers 4K Following
Asaf Saadia @_setuid0
59 Followers 790 Following
Le Ngoc Long @ngoc2304
10 Followers 748 Following
Lexie Aytes @cybseclex
78 Followers 404 Following Threat Researcher @ Google/Mandiant | just here for the memes | opinions are my own
Nick Carr @ItsReallyNick
38K Followers 3K Following Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA
billy leonard @billyleonard
5K Followers 713 Following pogue life. sec @ A\, fmr @Google TAG, Global Head of Analysis of State Sponsored Hacking And Threats.
Billy @st424204
1K Followers 95 Following Security Researcher @starlabs_sg Pwn2Own Vancouver 2024,2023,2022,2021 Pwn2Own Austin 2023,2021 Pwn2Own Berlin 2025,2026
Ian Beer @i41nbeer
47K Followers 147 Following
Nick Carr @ItsReallyNick
38K Followers 3K Following Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA
Anton @Antonlovesdnb
6K Followers 4K Following Blue Team stuff | Trying to be a decent human being | @munkschool Grad | Hunt & Response @HuntressLabs
Rufus @rufusmbrown
1K Followers 310 Following @Mandiant / @GoogleCloud | Advanced Practices 🦅| @GeorgiaTech | opinions are my own
nickharbour @nickharbour
5K Followers 222 Following Reverse Engineer with Google Cloud's FLARE Team. Organizer of the Flare-On challenge.
Mark @_marklech_
4K Followers 375 Following Senior TI Analyst @ MSTIC. Ex Senior RE @ FLARE (Mandiant/Google).
Gabby Roncone 🇺�... @gabby_roncone
4K Followers 1K Following hunting russian apt cyber ops @Mandiant @GoogleCloud. views expressed here are mine, not my employer’s. she/her.
Matthew Dunwoody @matthewdunwoody
10K Followers 462 Following Director, Incident Response @Databricks. Former @Mandiant / @Google Intel leader, IR Consultant, Security Researcher, Technical Intel Analyst, Endpoint TPM.
Mandiant (part of Goo... @Mandiant
129K Followers 4K Following We’re determined to make organizations secure against cyber threats and confident in their readiness.
Steve YARA Synapse Mi... @stvemillertime
18K Followers 1K Following AI threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
visi stark @invisig0th
5K Followers 680 Following Founder @vtxproject Father of the #APT1 Report @mandiant / @fireeye Inventor of synapse, vivisect, UNCs, imphash, ... DEFCON CTF Champion, Founder of Kenshoto
Sin__ @mztropics
1K Followers 700 Following Binary reverse engineering/cybercrime investigations. Also interested in UAP/NHI.
Dan Kelly @int0x00
1K Followers 1K Following 🦉 Adversary Methods RAD, assembly coding, APT disintegrating, EANx40’ing cyber warrior. Sweating Cyber 24/7 on 群二st.
Jared Wilson @JWilsonSecurity
2K Followers 1K Following Mandiant Research and Discovery, Father, Husband, Trail Runner, Co-Founder CyberFriendsCircle
Ronnie Salomonsen bsk... @r0ns3n
1K Followers 3K Following Adversary Methods - Research & Discovery (RAD) Team @Mandiant - Now Part of @GoogleCloud. Former DFIR, Malware & Network Analyst. All tweets are my own.
Andy Moore @malwaresoup
1K Followers 277 Following Yet another cyber threat analyst. Standard "thoughts and opinions are my own" disclaimer
Sublime Security @sublime_sec
2K Followers 22 Following Sublime Security is the adaptive, AI-powered cloud email security platform that combines best-in-class effectiveness with unprecedented visibility and control.
Jason Atwell @JasonAtwell14
1K Followers 992 Following Technology and Warfare, Strategist, Army Veteran. Opinions (and bad jokes) my own.
ashley @iamshley_a
819 Followers 598 Following ughhhh back on X || don’t expect much from this account || @mandiant/@googlecloud
Van @Wanna_VanTa
4K Followers 391 Following Research & Discovery Lead @Mandiant @googlecloud Specialties: researching adversary tradecraft, hardstuck masters TFT, and losing sneaker raffles.
Dan Perez @MrDanPerez
5K Followers 1K Following Technical Lead, 🇨🇳 Mission @Google GTIG. Specializing in tracking and attribution of China-Nexus Threats, and making life difficult for them.
Andrew Thompson @ImposeCost
41K Followers 2K Following Posts are attributable to me—not my employer. Leadership, Security, and Intelligence. Former Infantry, HUMINT, Counterintelligence, and Cyberspace Operations.
h43z @h43z
5K Followers 398 Following Interested in the unexpected - js, web, security, linux, mind, religion, drugs, history, psychology, culture, freedom and trailrunning
Apoorv Gairola @ApoorvGairola
13 Followers 16 Following
Andy Burns @andyburns
737 Followers 2K Following Threat Detection @ Fortune 100, aspiring amateur, semi-pro beer drinker, cycling enthusiast
ACE Responder @ACEResponder
18K Followers 227 Following Practice threat hunting & detection engineering in a real SIEM with real attacks. Join us and become the best.
Kathryn Hedley @4enzikat0r
3K Followers 786 Following #DFIR & #DFIRFit geek, SANS Author/Instructor #FOR308, Instructor #FOR500. All opinions mine.
Alh4zr3d @Alh4zr3d
24K Followers 274 Following Legal Criminal | Twitch cult leader | InfosecPrep founder | Lovecraft scholar | Soros mercenary | Spiritual cargo shorts wearer | Cthulhu fhtagn
ςεяβεяμs - м�... @c3rb3ru5d3d53c
26K Followers 245 Following 💕 Malware Reverse Engineer & Malware Geneticist 💕 #Binlex Developer https://t.co/EKYUS9Itvd 👩💻 She/Her
Didier Stevens @DidierStevens
33K Followers 5K Following 5-to-9 security researcher, Microsoft MVP, ISC Handler. Mostly IT security. & programming. & (hardware) hacking. & maldocs PDF/DOC. Avatar: https://t.co/AtaPkdT5g3
Lee Chagolla-Christen... @tifkin_
14K Followers 826 Following I like making computers misbehave. Does stuff at https://t.co/YsrVyTjOY7. https://t.co/UsRIholZ3M
Zero-Point Security @_ZeroPointSec
14K Followers 6 Following
Charlie Clark @exploitph
5K Followers 1K Following
Binary Defense @Binary_Defense
14K Followers 336 Following We're determined to make the world a safer place through our-industry recognized managed security services. Founded by @HackingDave
Christophe Tafani-Der... @christophetd
6K Followers 1K Following 302 Location: https://t.co/tP3JTD3HQp
FourCore @fourcorelabs
165 Followers 18 Following Attackers dont wait. You need visibility before they hit. Build threat visibility with FourCore ATTACK.
Greg Linares (Laughin... @Laughing_Mantis
37K Followers 2K Following 20+ yrs in Infosec. Malware Influencer. I turn Malware into Art and Music. Art @MalwareArt. 4x Pwnie Nominee. 𝕍𝕏. GameDev. Autistic.
Sysinternals @Sysinternals
19K Followers 151 Following Created by Mark Russinovich and Bryce Cogswell and later acquired by Microsoft, Sysinternals utilities help you troubleshoot and manage your Windows systems.
[email protected]... @rpargman
4K Followers 5K Following Слава Україні! Most important job: being Dad; I also love to help people deny attackers the opportunity to break and steal all the things. Pronouns: He/him





















