Denis Werner @NOBBD
Interested in IT security, CTFs, penetration testing, adversarial simulation and digital forensics. Once created https://t.co/JfBzrBNxu5 and wrote poems for @ENOFLAG linkedin.com/in/denis-werner Joined July 2013-
Tweets627
-
Followers3K
-
Following179
-
Likes576
@disclosedh1 It's not about the money itself, I just think it is absurd to charge 0,2$ per API request.. wtf
@YoeriVegt @disclosedh1 I thought about that but I also kinda like that you can just click the link to get to the corresponding report. Maybe remove the link for reports that are limited visibility and keep for the rest. I will think about it
@fede_k @ChupitGood @moyix @Xbow "Several earlier write-ups cover this ground in detail and are well worth reading, including #### ()." - don't leave us hanging like that 🥲
We are working it, sharing what we know as of now - gist.github.com/joe-desimone/3…
@npmjs @GHSecurityLab there is an active supply chain attack on [email protected] which pulls in a malicious package published today - [email protected] - someone took over a maintainer account for Axios
@The_Cyber_News This isn't a new attack and was covered in SpecterOps research back in 2017 "An ACE Up the Sleeve" and something that we have had in SANS SEC565 for years.
My thoughts are yes, red teaming has got significantly harder over the last few years. The knock on effect is: 1) engagements need more time, 2) teams who don't invest heavily in R&D (either in-house or outsourced) will be left behind, 3) there's less things shared publicly as a consequence, 4) lots of teams have tried to compensate by assuming breach, which as a result has led to less innovation in the IA space However, I disagree that IA is anywhere near dead even targeting the top 1%. The vast majority of our engagements have a large IA component and we're still successful in >75% of cases. Yes the points mentioned are a pita - AWL is a great control, but there's equally a plethora of file formats that support scripting; get creative - Yes MOTW restricts some things - but there's a variety of ways around it if you're creative (and I'm not talking about ISOs 🙄)
@npmjs @GHSecurityLab there is an active supply chain attack on [email protected] which pulls in a malicious package published today - [email protected] - someone took over a maintainer account for Axios
The blog with how to use the rainbow tables for Net-NTLMv1 is finally live! cloud.google.com/blog/topics/th… My slides from presenting at BRCC are still available if you're curious about how crazy of a three year journey it was to get them created. content.burningrivercybercon.com/talks/nic-losb…
@vysecurity @sekurlsa_pw Should be around 8TB. Query speed heavily depends on the disk speed and GPU or CPU Power. Should be less than a day worst case even on moderately powerful systems. There should be a Google cloud link somewhere around as an alternative download
@domchell All I know is that the bread was suspiciously soft and squishy. Plus, most of my classmates didn't like the taste so you could really stack up on them in the bus
@domchell as I see you are a man of culinary culture - do you happen to have any acquaintances that could provide a credible recipe for this staple of my childhood days visiting the UK as a pupil? (Photo stolen from the internet, I couldn't be trusted with a camera back then)
@domchell @rad9800 @__mez0__ @rvrsh3ll @ClarksonsFarm1 @MichaelJRanaldo I am gonna steal your recipe and photo for my Cyber Security Influencer Cookbook. Watch out! PS: The abbreviation is CSIC (like "seasick" but hopefully not)..
Today I have a more serious topic than usual, please consider reposting for reach: My wife and I are urgently looking for a specialist in neuropediatrics or a similar field for our autistic child with a diagnosed, but not further specified, movement disorder [1/3]
Thank you so much to @x33fcon and its organizers for an awesome experience! @tifkin_ and I had a blast talking about the new Nemesis 2.0 rewrite (code live at github.com/SpecterOps/Nem… !) and hope to be back next year #x33fcon
Interesting conversation about the inter-realm referral process in active directory trusts
@exploitph @_EthicalChaos_ @__invictus_ @4ndr3w6S Correction, the NTLM hashes do match. I forgot trusts still use RC$ by default and I was looking at the AES keys.
@Blurbdust Great work! Looking forward to the blog post and to trying it out
@BlackLotusLabs This blog is the first in a two-part series detailing these findings and providing insights into Secret Blizzard's TTPs. Get mitigation, detection, & hunting guidance along with indicators of compromise to stay informed and to protect your organization: msft.it/6017oE6pl
This hack is brilliant, APT28 hopping into a target environment over wifi by compromising neighbouring companies and finding a dual-homed host within range. volexity.com/blog/2024/11/2… And yet... they got caught doing this!
Hey folks! The 2024 SANS Holiday Hack Challenge Act I has begun! Login here: sans.org/holidayhack. Once you get through orientation, you'll get your badge. Then do the first couple challenges (or skip them) & click on your badge for Act I, thusly:
Ben Sadeghipour @NahamSec
248K Followers 1K Following Cofounder @hackinghub_io | Advisor @CaidoIO. I hack companies and make content about it. #NahamCon organizer. ex @hacker0x01🇮🇷
bugcrowd @Bugcrowd
200K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
JS0N Haddix @Jhaddix
176K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec
Julien | MrTuxracer �... @MrTuxracer
39K Followers 441 Following Founder of @rcesecurity | #BugBounty | @Hacker0x01 MVH && H1-Elite | $1,5+ Mio in Bounties | Mobile Hacker | @[email protected]
shubs @infosec_au
59K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
publiclyDisclosed @disclosedh1
68K Followers 2 Following This is an unofficial HackerOne public disclosure watcher who keeps you up to date about the recently disclosed bugs. By @NOBBD
HackerOne @Hacker0x01
338K Followers 3K Following HackerOne makes security continuous. We unite AI and human insight through a unified platform to expose risk and eliminate it.
Md Ismail Šojal �... @0x0SojalSec
46K Followers 5K Following Cyber_Security_Re-searcher || Ai Re-searcher || AI-Sec|| Malware Analysis II iOS || Pwn || 0SINT || Project AI-StrikeSec || 0ldAccounts Suspended @0xSojalSec ||
Tuan Anh Nguyen⚡️... @haxor31337
16K Followers 2K Following 30 y/o Bug Bounty Hunter and Red Team Lead at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
SecurityTrails, A Rec... @securitytrails
13K Followers 1K Following Security Trails was acquired by Recorded Future. To see what's new, visit @RecordedFuture.
Geekboy @emgeekboy
26K Followers 472 Following Hacker, Co-Founder @pdiscoveryio, Ex-Security Analyst / BugBounty @Hacker0x01
Justin Gardner @Rhynorater
37K Followers 2K Following Christian | Full-time Bug Bounty Hunter | Host of @ctbbpodcast | Advisor @CaidoIO | 4x LHE MVH | 🗣️ English, 日本語 | ♥️ @mariahchan_ ♥️
Patrik Grobshäuser @ITSecurityguard
32K Followers 301 Following Security Research @ Assetnote https://t.co/RmFwv6ItrQ https://t.co/VCPfgTLLBN https://t.co/qylqwXgc9I https://t.co/uwZdquCB7l
SpaceX @emuskcares
0 Followers 42 Following
Parsa Nikfar - Codesc... @onthegrine
46 Followers 543 Following Penetration Tester at @RavinAcademy & Part-time hunter.
Yash Korat @yashkorat2709
411 Followers 229 Following Entrepreneur, securing the world from #cybercrime, Infosec @bugstrikeltd, Helping to secure Tech-giants companies.
oscrates @oscraters
4 Followers 275 Following
隔野 @gy14199205
4 Followers 168 Following
F. @WeixiuT
3 Followers 75 Following
Dan @Dz3p0L1237
64 Followers 437 Following IT Tech Support Spc. InfoSec Student, Computer OS, Hardware, and all technology enthusiast.
Pujitha Gangireddy @PujithareddyG
0 Followers 58 Following
Activa Vita @ActivaVita90286
69 Followers 6K Following
cks @suwarnaraj1
161 Followers 661 Following
madlycurios @madlycurios
341 Followers 5K Following Love to learn more about current trends and my opinion is just that. Let's help each other become greater.
The Red Hand @RedHandReturns
63 Followers 884 Following #OSINT / Independent Research. Meme Enthusiast.
Mars @marss2050
2 Followers 2K Following
Danisordo @kimuratakuya0
0 Followers 1K Following
savina @suvisasavinacsv
0 Followers 12 Following
1776-Cerberus @1776Cerberus
94 Followers 2K Following
Malik Alanzi @MalikAlanz45967
5 Followers 395 Following
Adams Big @lifestylebig2
59 Followers 796 Following Lifestyle💎, Crypto Expert, Dad, Financial Advisor 💼
Rifat @Rifatsarwad92
20 Followers 136 Following
Ronak Prajapat @1mron88
0 Followers 180 Following Full Stack Developer | Web App Pentester | UI&UX Designer
dou hackdou @evilwebshell
0 Followers 58 Following
Hey Barbie @Fixxxy369
0 Followers 10 Following
Adil Ali @AdilAli63417
3 Followers 96 Following IT Graduate | Ethical Hacking & Bug Bounty Expert | Helping People Stay Safe Online | Advocate for Cybersecurity Awareness | Passionate Securing Digital system
Pradeep @toooolong
11 Followers 600 Following
Prossibȓ̴́̊͂̏�... @prossibr
0 Followers 23 Following
Ivan Kaitazoff @IKaitazoff
23 Followers 391 Following
Kp @Kp5354_
110 Followers 710 Following
KumaraGurubaran @mr_kumaran19
14 Followers 271 Following
Betül Büyükalim @betulbuyukalim
3 Followers 310 Following
سید محمد رض�... @mhzabet
2 Followers 84 Following Full stack web developer | Bug bounty | Researching 🔍
Dr @d0ct0rtr4c3
0 Followers 101 Following
Whiz @wh0snt
0 Followers 21 Following
shaqis99 @DestroyerL83039
2 Followers 66 Following
RedDev Sec @redghosthive
280 Followers 5K Following FSW 🌐| Exploring Cloud ☁️ & Cybersecurity | Future DevSecOps Pro 🚀 | Bug Bounty Hunter on the side hustle 🐞 | Building skills, breaking barriers.
Ben Sadeghipour @NahamSec
248K Followers 1K Following Cofounder @hackinghub_io | Advisor @CaidoIO. I hack companies and make content about it. #NahamCon organizer. ex @hacker0x01🇮🇷
bugcrowd @Bugcrowd
200K Followers 6K Following The leading provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world...Unleash Ingenuity™
JS0N Haddix @Jhaddix
176K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec
Julien | MrTuxracer �... @MrTuxracer
39K Followers 441 Following Founder of @rcesecurity | #BugBounty | @Hacker0x01 MVH && H1-Elite | $1,5+ Mio in Bounties | Mobile Hacker | @[email protected]
shubs @infosec_au
59K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
vx-underground @vxunderground
440K Followers 363 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
publiclyDisclosed @disclosedh1
68K Followers 2 Following This is an unofficial HackerOne public disclosure watcher who keeps you up to date about the recently disclosed bugs. By @NOBBD
HackerOne @Hacker0x01
338K Followers 3K Following HackerOne makes security continuous. We unite AI and human insight through a unified platform to expose risk and eliminate it.
Jobert Abma @jobertabma
43K Followers 705 Following I tweet about security and my experience as a hacker. Co-founder of HackerOne (@Hacker0x01).
Youssef Sammouda (sam... @samm0uda
41K Followers 590 Following Security Researcher/Hacker 1st in Meta bug bounty program for 6 years Opinions are my own and not my employer's.
Patrik Grobshäuser @ITSecurityguard
32K Followers 301 Following Security Research @ Assetnote https://t.co/RmFwv6ItrQ https://t.co/VCPfgTLLBN https://t.co/qylqwXgc9I https://t.co/uwZdquCB7l
chompie @chompie1337
89K Followers 1K Following hacker, exploit developer/weird machine mechanic head of X-Force Offensive Research (XOR) @IBM
Dave Aitel @daveaitel
29K Followers 2K Following Cyber Security Researcher | Policy Analyst | Technical Team Member at OpenAI | @[email protected]
NOELREPORTS 🇪🇺 ... @NOELreports
527K Followers 399 Following Media platform covering global conflict zones. Focus on the Russian-Ukrainian war. If you'd like to support our voluntary work: https://t.co/PmM2wwDA1Y.
Oleg Dolya @watawatabou
17K Followers 574 Following Procgen enthusiast: cities, dungeons, tarot, castles... antlers!... and other fascinating stuff. Many years ago I made Pixel Dungeon.
David - Nostalgic Rea... @nostalgicrealms
11K Followers 4K Following Making the very traditional RPG, Lair of the Leviathan https://t.co/9DmaakaUmd
📔 Michael Grafnett... @MGrafnetter
3K Followers 134 Following Principal Security Researcher @SpecterOps, Microsoft MVP Identity & Access
Jazzy @ret2jazzy
5K Followers 1K Following solving problems @zellic_io @v12sec and challenges @pb_ctf
Nic Losby @Blurbdust
806 Followers 967 Following Red Teamer | He/Him | Obligatory opinions don't reflect employer | Occasional terrible developer of tools | PGP: 826087AF5C6653F0BAACA1C5E4CE747DEA558A13
Marc Smeets @MarcOverIP
5K Followers 517 Following Does a thing or two with red teaming @OutflankNL | part time race and drift car instructor
Cerbersec @cerbersec
4K Followers 217 Following I make things to break things | Red Team @MDSecLabs | Opinions are my own
OtterHacker @OtterHacker
8K Followers 78 Following Professional redteamer and malware development enthusiast ! I will share some tips and experiences. Look at my work here : https://t.co/cxLBvW7pcI
Germán Fernández @1ZRR4H
38K Followers 463 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher at https://t.co/rDrSxZStZD | @CuratedIntel Member | 🥷🧠🇨🇱
/ˈziːf-kɒn/ @x33fcon
7K Followers 1 Following When Red meets Blue... The very first security conference for Purple Teams on the planet
evilmainframe® @evilmainframe
883 Followers 6 Following This is not your typical training. Founded and delivered by @bigendiansmalls & @mainframed767
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / mobile research @ ▓▓▓▓▓ / Team 501 / ex IBM Capability Lead & FireEye TORE / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Horizon3 Attack Team @Horizon3Attack
12K Followers 54 Following @Horizon3ai Attack Team | Security Research | Exploit Dev | TTPs
DirectoryRanger @DirectoryRanger
37K Followers 103 Following This account assembles and disseminates information related to Active Directory and Windows security.
Jean @Jean_Maes_1994
12K Followers 1K Following @sansoffensive Certified instructor/SEC565 author/SEC699 co author https://t.co/cp5DerI3g4
Bellingcat @bellingcat
719K Followers 74 Following Support our charity https://t.co/XMTKIEDiTB Buy our book: https://t.co/2JiuWFfTpO Follow us: https://t.co/LPUEQI8TdZ
n00py @n00py1
14K Followers 968 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
Dirk-jan @_dirkjan
30K Followers 207 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
Yuki Chen @guhe120
10K Followers 280 Following 古河, Indepent security researcher, Bug bounty, ACG Otaku, Pwn2Own 15/16/17, PwnFest16,TianfuCup 18/19/20, 5 times MSRC MVR yearly Top 1. Got two pwnie awards.
Mastering Burp Suite ... @MasteringBurp
16K Followers 0 Following Tips and tricks for Burp Suite Pro Managed by @Agarri_FR | Not affiliated with @Portswigger More free resources at https://t.co/MWqXmV66lr
Charlie Bromberg « ... @_nwodtuhs
16K Followers 663 Following Trying to hack the way we hack things 🏴☠️
x86matthew @x86matthew
23K Followers 207 Following system emulation / reverse-engineering / binary analysis. @the_secret_club
Oliver Lyak @ly4k_
9K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
DebugPrivilege @DebugPrivilege
41K Followers 2K Following Not active anymore on X. Problem solver with a passion for troubleshooting complex issues.
Cas van Cooten @chvancooten
10K Followers 670 Following @Offensys Co-Founder || Benevolently malicious offensive security enthusiast || OffSec Developer & Malware Linguist
James Forshaw @tiraniddo
49K Followers 336 Following Security researcher in Google Project Zero. Author of Attacking Network Protocols. Tweets are my own etc. Mastodon: @[email protected]
Steve Syfuhs @SteveSyfuhs
16K Followers 2K Following Windows and Authentication at Microsoft. Developer. Mostly dog pictures. Might actually be two dogs in a trench coat. 🇺🇸 / 🇨🇦 @syfuhs.net on blue sky
Elad Shamir @elad_shamir
5K Followers 27 Following
Charlie Clark @exploitph
5K Followers 1K Following
Infosec Memes @InfosecMemes_
4K Followers 390 Following Information security memes for penetration testing teams. ■ IG: infosecmemes ■
Lee Chagolla-Christen... @tifkin_
14K Followers 827 Following I like making computers misbehave. Does stuff at https://t.co/YsrVyTjOY7. https://t.co/UsRIholZ3M
jmw327 @jmw327
134K Followers 761 Following





































