Spencer McIntyre @zeroSteiner
Views are my own. github.com/zeroSteiner Cleveland, Ohio Joined March 2011-
Tweets650
-
Followers3K
-
Following920
-
Likes733
@curi0usJack Check out Last Night on Earth if you're into Horror B-Movie vibes flyingfrog.net/lastnightonear…
Found an unpatched RCE in Gogs 👀 Any authenticated user can get code execution on the server through argument injection into git rebase. Full @rapid7 writeup + @metasploit module available now! 🔗rapid7.com/blog/post/ve-a…
I appreciate everyone dropping linux privesc 0days in the current AI renaissance, but to really make it feel like the good ol days someone needs to drop a weaponized pre-auth SMB or RDP RCE. We haven't had a good Windows worm in AGES.
@_RastaMouse @metasploit The Block API then changed to use the Length field instead of MaximumLength so it wouldn't be tricked into using a planted value in memory. We'd occassionally get reports of what was fundamentally the same issue e.g. blog.nviso.eu/2021/09/02/ana… 2/2
FWIW, @metasploit made an update to how ror13 hashes are calculated for the first time in (I think?) over a decade to address some limitations in the block API we were running into.
Created a small .NET tool for ROR13 hashing that you can install to add a global command to cmd/pwsh. It's a lifesaver if you just need some quick hashes.
@_RastaMouse @metasploit The ROR13 calculation was switched to use an "IV" of 0 by default, and the module name hash is used as the IV when calculating the function name hash. Framework now randomizes the IV at assembly time so the ROR13 hashes aren't hard-coded anymore 1/2
Coming soon to a @metasploit near you 👀
Catch this episode of Hacktics and Telemetry on Youtube, featuring our very own @zeroSteiner talking about the Metasploit MCP! youtube.com/watch?v=A05dD5…
Active Directory Exploitation with Metasploit hackingarticles.in/active-directo…
This weeks wrap up is packed with new stuff including an MCP server, and new modules for relaying NTLM from HTTP to LDAP and a Copy Fail exploit with x64 and AARCH64 support rapid7.com/blog/post/pt-m…
The annual wrap-up for Metasploit Framework is out now, and it includes the entirety of stats for 2025. This wrap-up and its contents would not be possible without the participation and dedication of our contributors and researchers, and all of our thanks goes to them! Metasploit Framework wouldn't be the same without you, thank you. rapid7.com/blog/post/pt-m…
From Zero to Shell: Hunting Critical Vulnerabilities in AVideo chocapikk.com/posts/2025/avi…
New NTLM relay dropped for MSSQL. Should see some SCCM modules to use it next. @unsigned_sh0rt gave me all kinds of ideas.
This week's wrap-up has some pretty rad MSSQL updates and a module for React2shell. Get it here: rapid7.com/blog/post/pt-m…
Metasploit also has a merged exploit with check for react2shell. ⌨️ module: multi/http/react2shell_cve_2025_55182 📦 Dockerfile to test available in: Data\exploits\react2shell_unauth_rce_cve_2025_55102 github.com/rapid7/metaspl…
New Metasploit module for CVE-2025-54236 (SessionReaper) - Unauthenticated RCE in Magento github.com/rapid7/metaspl…
I've been hacking on a new Windows Named Pipe tool called PipeTap which helps analyse named pipe communications. Born out of necessity while doing some vulnerability research on a target, its been super useful in reversing it's fairly complex protocol. :)
Come join @rapid7! I’m hiring for a Senior Security Researcher to join our team. You'll get to work on n-day analysis, zero-day research, exploit development, and more - focusing on enterprise software and appliances. Fully remote in the UK, details here: careers.rapid7.com/jobs/senior-se…
Today @rapid7 is disclosing 8 new printer vulnerabilities affecting 742 models across 4 vendors. After 13 months of coordinated disclosure with Brother Industries, Ltd, we're detailing all issues including a critical auth bypass. Full details here: rapid7.com/blog/post/mult…
Our @metasploit auxiliary module for the new Brother auth bypass is available. The module will leak a serial number via HTTP/HTTPS/IPP (CVE-2024-51977), SNMP, or PJL, generate the devices default admin password (CVE-2024-51978) and then validate the creds: github.com/rapid7/metaspl…
chompie @chompie1337
89K Followers 1K Following hacker, exploit developer/weird machine mechanic head of X-Force Offensive Research (XOR) @IBM
Will Dormann is on Ma... @wdormann
27K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Dave Kennedy @HackingDave
231K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / mobile research @ ▓▓▓▓▓ / Team 501 / ex IBM Capability Lead & FireEye TORE / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Josh @passthehashbrwn
10K Followers 296 Following Adversarial Simulation at IBM, tweets are mine etc.
hacker.house @hackerfantastic
106K Followers 5K Following Co-Founder @MyHackerHouse 💾 | Cybersecurity & Web3 🌐 | Author of Hands-on Hacking (ISBN 9781119561453) 📖 | Offensive Lua 💻 | ✝️
rootsecdev @rootsecdev
27K Followers 1K Following Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
ϻг_ϻε @steventseeley
23K Followers 559 Following Artist disguised as a logician. Pwn2Own Winner. Spiritual Alchemy. An adept in the making.
Marcello @byt3bl33d3r
30K Followers 822 Following CyBeRsEcUrItY | Not afraid to put down with some THICC malware on disk | AI Research @PaloAltoNtwks | former purple team | Ex @spacex
Jeff McJunkin @jeffmcjunkin
12K Followers 4K Following Started in ops&blue, now I hack for a living. SANS author/instructor in Oregon. Founder: https://t.co/c36tmCXDpt. He/him. @[email protected]
Metasploit Project @metasploit
253K Followers 182 Following Official account of the Metasploit Project, part of the @rapid7 family. Mastodon: @[email protected] Slack: https://t.co/ZOLPDG2O2s
n00py @n00py1
14K Followers 967 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
Justin Bollinger @Bandrel
6K Followers 2K Following hacker, finder of EKUwu (CVE-2024-49019) https://t.co/XQuqk8n8Qy
Alexandre Borges @ale_sp_brazil
31K Followers 175 Following iOS, Chrome and Windows Security Researcher | Exploit Developer
wvu @wvuuuuuuuuuuuuu
6K Followers 2K Following Sentient one-liner grepping the Internet for signs of intelligence.
Stephen Sims @Steph3nSims
26K Followers 863 Following Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/4neOSsnCQ8
Amelia 🍑 @amelia_cuteqwch
1 Followers 488 Following quiet until you know me maybe shy maybe just focused
Balle @Balles3g
4 Followers 154 Following
enp7sp @pushpender5177
0 Followers 13 Following Open Source Security Engineer | SecDevOps | Metasploit Core Contributor @ Rapid7 (GSoC) | Active Directory & Protocol Exploitation | Building the Future of Offe
Mrtn @Mrtn9
1K Followers 1K Following
Jacob Wizman @jac0bw1
3 Followers 196 Following
John S @JohnS106494
4 Followers 261 Following
Phishing Radar @PointerRadar
147 Followers 3K Following Linux | Ethical Hacker | Security Enthusiast | Python | Bug Hunter | sushi lover | 🍣 👾 🤖 🇨🇴
Tomasz @Tomasz833415
198 Followers 4K Following
AJ Hammond @AJHammond
7 Followers 55 Following red team @praetorianlabs. head coach @umuesports. opinions my own
Dodge This Security @shotgunner101
9K Followers 5K Following Computer Security Professional. Tweets are my own. Rooster Teeth Archive Project: https://t.co/gawoj5ZZyG
Spiros Pitikaris 🏴 @cmpspiti
1K Followers 1K Following | Offensive Security & Digital Forensics Operator | 🇬🇧🇬🇷
SOCLabs @DetectionLabs
100 Followers 394 Following The world's first training platform for detection engineers, supporting multiple SIEM languages and using real logs to hone threat detection skills!
DoctorPrinz | d0cs1s @DoctorPrinz
6 Followers 364 Following Security Consultant, Ethical Hacker & Red Teamer
dexter @dexter79331247
1 Followers 2K Following
jaychouzzk @jaychouzzk
0 Followers 952 Following
keerthivasan @keerthivasanSK
51 Followers 483 Following Hacker | Developer Hacked Apple | Sony | Dell | ++ Cybersecurity Researcher
Grimmie @Gr1mmie
1K Followers 191 Following Sekuridy Resurshur. I'm just a potato meng. Speaker @defcon615, @ISC2CFL. Advanced Persistent Potato. Views != Employers
eth @KHL_ETHA
10 Followers 3K Following
vatsalya yadav @yadav_vats3599
2 Followers 62 Following
Frank M @5y5tem5
357 Followers 4K Following A generic sixth participant. The moral is obvious. You can't trust code…
Ronald @Roland91930930
24 Followers 2K Following
Paul @PaulSangleF
2K Followers 4K Following Founder at https://t.co/UUeydPyIis (YC X25) AI code reviews for complex codebases
sh0bb @sh0bb1878
2 Followers 490 Following
HKR PI @HKRPI1
18 Followers 2K Following
pwndumb @pwndumb
25 Followers 296 Following "Neo, sooner or later you're going to realize just as I did that there's a difference between knowing the path and walking the path." Morpheus ,Matrix 1999
Arnold Lolas @ArnoldLolas
0 Followers 137 Following
imkapadia @0xBlockHound
56 Followers 574 Following Web3 Security Researcher | Warden at Code4rena | Watson & Judge at Sherlock | Hawk at Codehawks
Legal Hacker @HackerLega50822
0 Followers 68 Following I'm a Nigerian student in university of calabar studying cyber security and Hacking.
Yunus Aydın @aydinnyunuss
1K Followers 1K Following
Cloner XZ @clonerxz8080
8 Followers 798 Following
scwang @scwang820
16 Followers 1K Following
vx-underground @vxunderground
440K Followers 363 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Justin Elze @HackingLZ
71K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
chompie @chompie1337
89K Followers 1K Following hacker, exploit developer/weird machine mechanic head of X-Force Offensive Research (XOR) @IBM
Nicolas Krassas @Dinosn
158K Followers 771 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKZLB Posting content that I find interesting.
Florian Roth ⚡️ @cyb3rops
221K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Will Dormann is on Ma... @wdormann
27K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Dave Kennedy @HackingDave
231K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
Adam Chester 🏴�... @_xpn_
39K Followers 528 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOlmau2 | Insta at https://t.co/PqR6CZQ48T
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / mobile research @ ▓▓▓▓▓ / Team 501 / ex IBM Capability Lead & FireEye TORE / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
John Hammond @_JohnHammond
322K Followers 3K Following Cybersecurity Researcher @HuntressLabs Just Hacking Training @JustHackingHQ w/ @ethicalhacker https://t.co/UtsNJiyQtS && https://t.co/narO3sz7y6
Grzegorz Tworek @0gtweet
38K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Binni Shah @binitamshah
141K Followers 164 Following Linux Evangelist, Malwares, Security enthusiast ,Investor,World Economy, Finance,Contrarian , Philanthropist , Reformist , Sigma female [email protected]
Josh @passthehashbrwn
10K Followers 296 Following Adversarial Simulation at IBM, tweets are mine etc.
cts🌸 @gf_256
67K Followers 990 Following founder and hacker @zellic_io @v12sec @pb_ctf yt https://t.co/nlNai6iQCn
Oliver Lyak @ly4k_
9K Followers 267 Following Yet another security researcher 🔦 Github: https://t.co/7WFOFz17KI
グラハムさん@AI... @Graham__san
141K Followers 2K Following AI Illustration DCS World Pixiv⇨https://t.co/Ce2IXGaIHB Support⇒https://t.co/Eo6p7tdaP0 ご依頼はこちらまで→[email protected]
KAM @polaris_mv700
5K Followers 3K Following 十数年ぶりにガンプラ作り始めたら楽しくて止まらないガンプラおじさん たまに米陸軍第75レンジャー連隊と米陸軍特殊部隊ファンの人
SGM Mike Vining @ Bla... @BlastingThrough
237K Followers 309 Following SGM Mike Vining, Delta Force, shares elite ops leadership lessons, mountaineering, & inspiring truths that combat moral injury. "Blasting Through" book, Aug '26
ARCdraws @ARC_draws
138K Followers 2K Following This is Arc~ I draw and animate. ✉️ ➩ [email protected] 中文/English/a little日本语/**未经允许,禁止转载**
Proton @ProtonPrivacy
365K Followers 479 Following Protect your privacy with one encrypted ecosystem: Mail, VPN, Drive, Pass, & more. Swiss & Open Source 🛟 @ProtonSupport | 🐾 Private AI @asklumo
isa @isainstars
7K Followers 462 Following debugger queen ⭐ forbes 30u30 ⭐ working on Neverway and my own engine! co-founder at @coldbloodinc WISHLIST NEVERWAY ❤️ https://t.co/6kpAkd14SD
Kotobukiya Official @Kotobukiya_EN
110K Followers 39 Following Follow us for the latest updates from Kotobukiya headquarters in Japan!
David Maynor @Dave_Maynor
14K Followers 6K Following No tree, it is said, can grow to heaven, unless it’s roots reach down to hell. Offensive Security, AI LLM Ops, hardware hacking
Satanic Hispanic @ZoMBeAsT666
6 Followers 94 Following Guitar player,love the gods of music,satanic Hispanic.
Steve Borosh @rvrsh3ll
1K Followers 734 Following The future is not set. There is no fate, but what we make for ourselves. - John Connor
UwU Underground @uwu_underground
17K Followers 285 Following 🐴Pwnie Award Winning & Nation State funded psyop featuring 6 AI Anime Waifus and a Pup™ singing about APTs, Grifters, & Snake Oil in InfoSec 🖤🩷💚💙💜🤍
Scott Snyder @Ssnyder1835
286K Followers 3K Following I write comics: ABSOLUTE BATMAN, DC K.O., White Boat, You Won't Feel a Thing, Nocterra, ByAThread, Barnstormers, Dudley, Canary, Duck&Cover, BookOfEvil, Dungeon
peach MoMoKo 桃桃�... @peachmomoko60
149K Followers 2K Following MARVELでコミックなどを描いてます。お仕事等のご質問はこちらにお願いします→[email protected] メールの対応はパートナーが担当しています。DMは基本的にお返事しません、宜しくお願いします。
MTG Secret Lair @MTGSecretLair
122K Followers 2 Following The official account for all things #MTGSecretLair. -xoxo, Secret Lair
Ohm-I (Oh My) @mcohmi
7K Followers 2K Following Nerdcore rapper (@npccollective) | Hacker (https://t.co/a9EOmRdG2a) | Senior Sec Consultant @bishopfox | PhD candidate @DakotaState | 🏳️🌈
TracketPacer @TracketPacer
67K Followers 406 Following 🚀 rockit network engineer | 👩🏼💻🛜professional wire gremlin | she/her (r u triggered?)
Tib3rius @0xTib3rius
73K Followers 659 Following Cybersecurity Content Creator | UwU-Anointed Wapp King | DEF CON Gameshow Host | Ex-Brit | https://t.co/04RRExvxXj (he/him) 🇺🇸 @TheRealC3rul34n is bae 🥰
Robel Campbell @RobelCampbell
602 Followers 165 Following Lead, Domain Adversarial Research at Halcyon AI
Disconnect3d @disconnect3d_pl
4K Followers 707 Following Security Engineer at @trailofbits. Pwndbg maintainer, justCatTheFish CTF team captain. Opinions are my own =)
Bryce @bbryce995
94 Followers 1K Following VMI 2017 | Literally a Professional Googler | Retweets are not marriage proposals
shenanigans-R-us @shenanigans_us
213 Followers 7 Following Masters of mischief 🤖 | Crafting chaos, one badge at a time! 🥷 | Proud members of #badgelife | Expect the unexpected and prepare for shenanigans! 💥 #DEFCON
exploits.club @exploitsclub
3K Followers 112 Following A VR, RE, and Exploit Dev weekly newsletter | Join the club Contact: [email protected]
Horizon3 Attack Team @Horizon3Attack
12K Followers 54 Following @Horizon3ai Attack Team | Security Research | Exploit Dev | TTPs
PagedOut @pagedout_zine
6K Followers 10 Following Paged Out! is a free magazine about programming, hacking, security hacking, retro computers, modern computers, electronics, demoscene, and other amazing topics.
Almond OffSec @AlmondOffSec
957 Followers 1 Following Offensive Security team at Almond - Follow us also on https://t.co/cIfn3rvLxC
SinSinology @SinSinology
13K Followers 741 Following Pwn2Own 20{22,23,24*2,25*3,26*2}, i look for 0-Days but i find N-Days & i chase oranges 🍊
faulty *ptrrr @0x_shaq
6K Followers 503 Following technologia!! 🫴🏼 creator of https://t.co/wSeiHuRjxx
nixCraft 🐧 @nixcraft
397K Followers 0 Following Love Linux/Unix, open source, and programming? Into Sysadmin & DevOps? Follow us! Boost your IT career with daily new tools, apps, and humor ⤵️
Octoberfest7 @Octoberfest73
9K Followers 190 Following Red Team | Offensive Tool Dev | 2x Course Author @ Zero-Point Security
Nate Piekos of Blambo... @blambot
16K Followers 855 Following 20+ years lettering for Marvel, DC, Dark Horse, and Image. Eisner nom. Award-winning design & typography. Author of The Essential Guide to Comic Book Lettering.















































