Rain @pRain1337
Basel, Switzerland Joined February 2012-
Tweets57
-
Followers51
-
Following564
-
Likes2K
Have you ever thought about submitting a workshop for a #cybersecurity conference, but weren't sure if your idea was "good enough?" On June 10 noon EST, get inspired by an awesome panel of women who have taught and want to encourage you to go for it! Reg: womenscyberjutsu.org/event/youvegot…
This is it folks! This is the last weekend to submit a DEATHCon workshop CFP proposal if you want to get in the first round of acceptance! We've got a lot of great submissions already but there's room for yours too! deathcon.io Click on CFP. Conf can pay for travel!
Do you want to teach a workshop on Detection Engineering or Threat Hunting? The Call for Workshops is live now through June, for DEATHCon on 13-14 November 2026. We can even pay for your travel if you want to attend a site and need assistance! deathcon.io/cfp.html
@Cyb3rMonk To be honest I can't really answer that, most of the times I've used it in trainings it was a small amount of participants (<25 users). According to some online blogs, a single worker should be able to handle "a few hundred participants". infosec.zeyu2001.com/2022/hosting-a…
@Cyb3rMonk If you are talking about one CTFd instance, then you can separate the CTFs using categories, but everyone can see all the categories (so it's not isolated). The Invictus IR Cloud Labs use this approach. For full separation you could host multiple CTFd dockers on the same server.
@midnight_comms @rcegann Well there's some good reasons with built-in functions which can help in detections or the exposure graph tables. Also Microsoft says atleast there is no limit on NRT rules in Defender unlike Sentinel. learn.microsoft.com/en-us/defender…
Two weeks ago, one of our chad engineers cooked so we released our IOMMU Restriction Enforcement, which marked the end of 2PC DMA attacks using IOMMU. This is where the device itself is contained in its own memory region and cannot read outside of it. No matter what you do, tampering with that would defeat the purpose of the 2PC "security" benefit. The biggest P2C devs, including devices like HPTT that cost $4500, have all either given up or are coping on theories of how they can get around it or try to resort to finding niche stupid things that gets them detected/banned lmao. It is a relatively simple area to cover, not a particularly problematic surface area. I have collected their tears for your enjoyment imgur.com/a/iommu-judgem… and here is a video a 2PC DMA cheat dev has posted youtube.com/watch?v=IprU_G… This marks the end of 2PC DMA ATTACKS 2016-2025
Slides of my #BHUSA talk Shade BIOS has been uploaded! blackhat.com/us-25/briefing… Github link is below github.com/FFRI/ShadeBIOS… Thank very much for attending my presentation! I’m sorry I wasn’t able to talk to many of you, as I was feeling unwell throughout the #BlackHatEvents
@rcegann That's one of the end goals at some point, also for promoting / showing the repo it's easier to see based on the metadata where work should be done / what's already covered.
Kids who are reverse engineering virtualized anticheat for the past 3 years enter the infosec workforce after graduation & realize they are 100x more experienced than their peers We have thousands of success stories, but you'll never hear 'em because they are doers not talkers
Hypervisors for Memory Introspection and Reverse Engineering by @memn0ps secret.club/2025/06/02/hyp…
Our talk at #BHUSA @BlackHatEvents Briefings has been accepted! This is a presentation on an initiative to make the BIOS usable even after the OS has booted, enabling malbehavior to occur solely within the BIOS, independent of the OS. blackhat.com/us-25/briefing…
Integrity check bool function strikes again. (Intel TXT hash integrity check bypass via TBoot patching): github.com/3itch/checkm8
My recent talk on Windows Ransomware Detection is now up on YouTube. We explore the various aspects, detection vectors in products such as malicious vss usage/canary files/etc. and issues. We explore evasion and discuss a gaping hole in all products. youtu.be/5t67BFcC-MQ
I created a hypervisor-based emulator for Windows x64 binaries. This project uses Windows Hypervisor Platform to build a virtualized user-mode environment, allowing syscalls and memory accesses to be logged or intercepted. elastic.co/security-labs/… Project: github.com/x86matthew/Win…
I spent the last month reverse engineering Call of Duty's anti-cheat! Blog post here: ssno.cc/posts/reversin…
@vxunderground @1336_0ff_by_0ne Lumma Stealer? More like Heart Stealer
@vxunderground @Malcoreio Can't wait to look at Malware!!
TomU | I'm still here... @c_APT_ure
8K Followers 6K Following #InfoSec professional, husband & father of two (in random order). #BlueTeam #DFIR #APT #CTI #RedTeaming #BSidesZH (RT/Likes ≠ endorsement) 👀➡️#MalwareChallenge
BreakGlass Intelligen... @BreakGlassIntel
781 Followers 46 Following we hunt malware, crack C2 infrastructure, and publish everything. 225+ technical deep dives and counting. https://t.co/lRhyVe5RO8
Carina Eikaas @carinaeikaas
400 Followers 203 Following VP Data & AI at Pistachio. Making AI do cybersecurity things.
kasper @kasper_rt
484 Followers 283 Following cofounder - embroidery. i (prefer to) yell at silicon to do cyber security stuff
SOCLabs @DetectionLabs
100 Followers 393 Following The world's first training platform for detection engineers, supporting multiple SIEM languages and using real logs to hone threat detection skills!
Nick Peterson 🇺�... @nickeverdox
3K Followers 291 Following @RiotGames - anticheat team. Opinions expressed are obviously my own. https://t.co/foRcgwMV3U
rax @rax98579195
11 Followers 302 Following Life is like a marathon. There is a starting point everywhere after falling. Life is like a marathon. You may still fall after standing up.
Florian A. @ExeqZ
220 Followers 688 Following just a cat wearing jeans. interested in infosec and gaming. #AdminRightsAreNotHumanRights - Sami part time professional infosec shit poster
MachineHunter @InfPCTechStack
413 Followers 220 Following Security Researcher, UEFI, Kernel, Hypervisor, SMM (RT is mainly for me to read them later...)
Sosmit @SosmitdHC_I
16 Followers 418 Following
Tanner @wbmmfq
1K Followers 562 Following Senior Security Operations Analyst @HuntressLabs | @[email protected] | Views my own, obv.
Lucas Magoni @racetocloud
19 Followers 82 Following 🚀 Senior Endpoint Engineer @baseVISION AG Visit my blog at https://t.co/ClXsKv7OuU
ept_violation @ept_violation
18 Followers 168 Following
dayik @dayik_
351 Followers 223 Following
Asukiko @asukiko_f
39 Followers 1K Following Seek and destroy threats | I will find your malware and take down it | DM for Study together | I do not use Twitter so much | him, his | @Intelis_ABIN Agent/SEC
BestOfVT @BestOfVTmwah
4 Followers 6 Following
dinero @dinqr0
587 Followers 617 Following game security @ somewhere.. | prev: co-founder @BackEngineerLab | interests in software protection, drm, anticheat, compilers, game security
︎ @0xocdsec
4K Followers 8K Following ︎ 🏴☠️ 🇪🇺 💚 🇺🇦 | computers & features | 💚 🏴☠️ party | 603,628 km² https://t.co/F5dgX7AEoL
Shautey @ShauteyuLud7f
8 Followers 1K Following
Slethat @Slethat__B
0 Followers 142 Following
Nancy @AForeman67968
29 Followers 965 Following
Zichuan Li @Ri7erLi
238 Followers 409 Following CS PhD student @siebelschool, @WHU_1893 @IUBloomington alumni, AI Security | System Security | Software Security
Susan Downey @downey_sus3918
22 Followers 456 Following
kaiu @og_ikypw
144 Followers 916 Following Trigger Warning ⚠️ $XMR #Birdpay 88A4CqKn8zEYxhQmbTD7PtUC74Rii7QKQBZY2ZM4AHoLMRBzKGkJQZvGknSwTAqXn8byQMxPmG3gW1RLj35qKnE48HS2Vt1
Seeda @Seeda1429976
22 Followers 501 Following
alek @evianriver
29 Followers 46 Following
shehab el deen @shehab_el_deen
13 Followers 303 Following
cobra d'interpol @g403expert
113 Followers 1K Following Y'a mon se-bla gravé dans quelques fourgons cellulaires
Alex Matrosov @matrosov
20K Followers 2K Following Security REsearch @Anthropicai · Breaking & Fixing AI Failure Modes | Founder @binarly_io · @SBOM_Tools · @REhints | Author “Rootkits & Bootkits" (https://t.co/1wd2dfYHY6)
🤷♂️ @floesen_
2K Followers 99 Following
Marcel Kirchhoff @WasserEsser
62 Followers 752 Following
fj @FLAAPJACKS
14 Followers 87 Following
Thinkst Canary @ThinkstCanary
13K Followers 11K Following Most companies only realise they are breached when informed by a 3rd party. This is a stupid problem! Thinkst Canary. Know. When it Matters.
DIATEAM @diateam_labs
966 Followers 1K Following A Cy4gate company specializing in Hybrid #CyberRange with innovative features. Check our #infosec training, cyber crisis exercises and our advanced services!
Crowdfense @crowdfense
3K Followers 1K Following Crowdfense is the world-leading research hub and acquisition platform for zero-day exploits and vulnerability research. We offer the highest bounties
Daniel Maslowski aka ... @OrangeCMS
2K Followers 4K Following cpuvangelist \o/ #app & #web #developer | #engineering #software, #firmware, #platforms, #systems & #interfaces
Akandesh @Akandesh
909 Followers 313 Following Don't stop imagining. The day that you do is the day that you die.
Ulf Frisk @UlfFrisk
8K Followers 997 Following IT-Security Minion | https://t.co/N1gIUL5rKc | https://t.co/XbBOnQPYoK | DMA | PCILeech | MemProcFS
Minh-Triet Pham Tran @MinhTrietPT
2K Followers 5K Following APT Hunting, Threat Hunting, Incident Response, Forensics Analysis, Red Team/Internal System Penetration Testing as a Service
404NotFound @HttpsError404
0 Followers 1K Following
Syler @SylerClayton
1K Followers 4K Following @sylerthecreator.bsky.social ^(?:Software|Hardware)(?: Exploit)? Development$
Cyllex @CyllexFramework
17 Followers 61 Following Advanced APT Emulation Framework. Crafted with passion, for security teams driven by the same. https://t.co/ySAsmekBHO
Nightmare Eclipse @ChaoticEclipse0
13K Followers 577 Following
BreakGlass Intelligen... @BreakGlassIntel
781 Followers 46 Following we hunt malware, crack C2 infrastructure, and publish everything. 225+ technical deep dives and counting. https://t.co/lRhyVe5RO8
Miixxedup @Miixxedup
402 Followers 540 Following CTI at @Mandiant | Analyst at @TheDFIRReport | Security Intelligence, Automation and Innovation | Sourdough baker noob but a connoisseur anyway.
Pierre @pigerlin
750 Followers 137 Following Analyst @TheDFIRReport | Passionate about all things DFIR 🇳🇱
_Ray @_RayRT
613 Followers 894 Following Senior Adversarial Engineer Member of EVILCORP\Domain Fathers https://t.co/SIwC7MLXmP https://t.co/WeF9QBYGcQ
BallisKit @BallisKit
3K Followers 33 Following BallisKit provides tooling and services to professional Pentesters & Red Teams. We develop MacroPack, ShellcodePack, and DarwinOps. #redteam #infosec
Jake Reynolds @jreynoldsdev
267 Followers 352 Following engineering @ coalition, prev co-founder @wirespeed_ (acq. by coalition). thoughts are my own.
Threat Hunting Labs @ThruntingLabs
2K Followers 1 Following Train on raw telemetry from actual breaches. Investigate malware and reconstruct the kill chain from process creation to exfiltration and beyond.
kasper @kasper_rt
484 Followers 283 Following cofounder - embroidery. i (prefer to) yell at silicon to do cyber security stuff
Carina Eikaas @carinaeikaas
400 Followers 203 Following VP Data & AI at Pistachio. Making AI do cybersecurity things.
Luke Acha @luke92881
491 Followers 349 Following Incident Response and Malware Detection enthusiast.
Erarnitox @Erarnitox
653 Followers 583 Following passionate hacker/developer primarily working with C++ 🔴 YouTube: https://t.co/KXOO1gga9n 👾 Discord: https://t.co/3x3iwi4i79
Andrew @4ndr3w6S
3K Followers 3K Following Detection Engineering @HuntressLabs | Prev. Practice Lead, TAC (Purple Team) @TrustedSec | @SpursOfficial Super Fan - COYS!
SOCLabs @DetectionLabs
100 Followers 393 Following The world's first training platform for detection engineers, supporting multiple SIEM languages and using real logs to hone threat detection skills!
Connected @LucyIsZombie
991 Followers 311 Following I think about thinking about thinking about thinking and now I'm obsessed. - More More More https://t.co/NRtnzHYahD
Gootloader @Gootloader
1K Followers 370 Following Security researcher dedicated to pissing off the Gootloader Threat Actor.
Aurélien Chalot @Defte_
4K Followers 486 Following Hacker, sysadmin and security researcher @OrangeCyberdef 💻 Calisthenic enthousiast 💪 and wannabe philosopher https://t.co/SqDDhIGGGh 📖 🔥 Hide&Sec 🔥
Malcat dev @malcat4ever
3K Followers 131 Following https://t.co/jeuFqKrpaH, a hexadecimal editor / disassembler / decompiler for #malware analysis, #DFIR and #SOC.
Andrey Konovalov @andreyknvl
7K Followers 862 Following Security engineer at https://t.co/027VXUlgOx. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at https://t.co/D5MrxmYimS.
Squiblydoo @SquiblydooBlog
5K Followers 98 Following Creator of Debloat and https://t.co/tIYqmw6pxt Support: https://t.co/l9kCPRoD2y Join the Debloat/CertGraveyard discord: https://t.co/ZcWIqa6ZA9
Mauricio Velazco @mvelazco
5K Followers 2K Following Security Research @Microsoft || Purple Team || Noob
Kyle Avery @kyleavery
4K Followers 596 Following
Rem @sudo_Rem
830 Followers 343 Following Staff Tactical Response Analyst @HuntressLabs | @SANS_EDU Alumni | Python Security Researcher
EncapsulateJay @EncapsulateJ
192 Followers 458 Following SOC Analyst @HuntressLabs Volunteer @TheDFIRReport
Karsten Hahn @struppigel
26K Followers 781 Following MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️
vs1m @Vsimpro
289 Followers 246 Following # 𝙩𝙧𝙖𝙫𝙚𝙡 𝙩𝙝𝙚 𝙬𝙤𝙧𝙡𝙙; 𝙝𝙖𝙘𝙠 𝙩𝙝𝙚 𝙥𝙡𝙖𝙣𝙚𝙩; cyber cowboy All opinions and alike are only mine pp: Andrei Ozdoba Banner: https://t.co/XNSjncfnzQ
Keanu Nys @RedByte1337
1K Followers 81 Following Offensive Security Lead @ Spotit. Creator of GraphSpy
BSides Pyongyang @BSidesPyongyang
1K Followers 706 Following 🇰🇵 #BSidesPyongyang2026 : Nov 18 2026 (Missile Industry Day) @ Lazarus HQ Pyongyang & Live Stream | 31st anniversary 🎂 https://t.co/gb9sDPJC8X
Lena 🏳️🌈�... @LambdaMamba
5K Followers 532 Following Creator of https://t.co/kdXvRaVEEf | Founder of @MalwareVillage | (Un)Natural Scientist | 🇬🇧 with wife ❤️
St0pp3r @_st0pp3r_
261 Followers 266 Following Detection Engineering · Threat Hunting · Incident Response
Nasreddine Benchercha... @nas_bench
12K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
rcegan @rcegann
651 Followers 765 Following senior security engineer/threat detection lead @ mssp. Hack the planet.
𝙁 𝙀 𝙇 𝙄 �... @felixm_pw
1K Followers 488 Following Lead Developer at https://t.co/lX5jH9MbhI (@ct_tool)
ACE Responder @ACEResponder
18K Followers 227 Following Practice threat hunting & detection engineering in a real SIEM with real attacks. Join us and become the best.
Vatnik Suppen auf Deu... @vatniksoup_de
3K Followers 2K Following Die offiziellen Vatnik Suppen von @P_Kallioniemi auf Deutsch ! Dieses Konto läuft mit 💃🏼 Power. 🇩🇪🇦🇹🇨🇭🇺🇦 (at)https://t.co/Xw7qRTj7oT
sapir federovsky @sapirxfed
5K Followers 197 Following Doing things @wiz_io And then doing more things at home | Failed research blog: https://t.co/j2HT1Tpscs | Trying to be more chill🧘♀️You might like
