-
Tweets86
-
Followers233
-
Following112
-
Likes389
Long-awaited parallel (threaded) queries arrive in MSTICPy! 🏃♀️🏃♀️🏃♀️ Split big queries into separately executing chunks or across multiple workspaces and clusters.
MSTICPy 2.6.0 released - Parallel queries for multiple instances of MS Sentinel workspaces and Kusto clusters - Parallel split queries (large time-range queries divided by smaller time periods) - Velociraptor data provider for querying exported data sets github.com/microsoft/msti…
🚨Small update for TokenTacticsV2 ▫️Two new device platforms ▫️Linux, since it's now supported by Conditional Access ▫️OS/2, because it's not 😁 github.com/f-bader/TokenT…
@svrooij @janbakker_ @DrAzureAD MS indicated that they would release conditional access policies that restrict the issuance of family refresh tokens. I don’t believe that ever came into fruition.
@janbakker_ @DrAzureAD @svrooij Yep! That is the most recent public list that I’ve published.
Official confirmation from Microsoft that there is no supported way to rotate nor change DPAPI backup keys! Compromised keys? ➡️ Burn the domain and rebuild a new one 💥
MSTICPy 2.6.0 released - Parallel queries for multiple instances of MS Sentinel workspaces and Kusto clusters - Parallel split queries (large time-range queries divided by smaller time periods) - Velociraptor data provider for querying exported data sets github.com/microsoft/msti…
I know a lot of excellent people are looking for jobs right now. We have several openings at @redcanary, including my peer, Senior Director of Detection Engineering, and a Threat Hunter on a team I lead. I hope you'll consider applying or sharing. redcanary.com/job-openings/
Small update to roadtx, with thanks to @Flangvik for the idea: you can now do the interactive authentication with a "borrowed" ESTSAUTHPERSISTENT cookie from a browser, to get tokens or have an authenticated browser session.
New blog is out! OneDrive to Enum Them All trustedsec.com/blog/onedrive-… Major updates: • database storage • logging of previous runs • easily append digits or strings to usernames • stale job detection • skip tried usernames Special thanks to @DrAzureAD and @thetechr0mancer!
@DrAzureAD brings some valid points. MemberLevel user can read CA Policies. This has not always been understood, since the GUI and MS Graph requires roles for this, but not Azure AD Graph API. Also means, that if you have gaps in CA, those can be read by normal user
@Secureworks' latest Threat Analysis report "Tampering with Conditional Access Policies Using Azure AD Graph API" out now! 1️⃣ Regular users can read Conditional Access Policies (CAPs) 🤔 2️⃣ Administrators can modify CAPs without proper logging 😲 secureworks.com/research/tampe…
@Secureworks' latest Threat Analysis report "Tampering with Conditional Access Policies Using Azure AD Graph API" out now! 1️⃣ Regular users can read Conditional Access Policies (CAPs) 🤔 2️⃣ Administrators can modify CAPs without proper logging 😲 secureworks.com/research/tampe… #IWorkForSecureworks
@424f424f If you are curious how tokentactics exchanges the refresh tokens for other audiences, check out FOCI: github.com/secureworks/fa…
This Friday I'll be running an #AzureAD token workshop in @NorthSec_io conference, Montreal, Canada. Here are some teasers 😋 nsec.io/schedule-works…
Next version of #AADInternals will be published during the @BlackHatEvents #BHAsia on May 11th at #BHArsenal! Some teasers: ◾ Exploitation tooling for findings covered in our Briefings talk with @SravanAkkaram 😈 ◾ Totally re-written token handling 🤞 ◾ Automatic FOCI client handling (thx to @detectdotdev) 🔥
Into Windows security / forensics? I just released a post I started writing 3 years ago: blog.christophetd.fr/dll-unlinking/
I've long been interested in how EDRs work under the hood and how we can apply a more evidence-based approach to evasion. I'm happy to announce that I've written a book covering these topics with @nostarch which is now available for preorder 🎉 nostarch.com/book-edr
This quarter @Secureworks had two researchers in the @msftsecresponse researcher leaderboard🔥 Congratulations to all other researchers who made it, great job everyone! My colleague @SantasaloJoosua have had a fantastic streak this year keeping us all safe - so proud of working with him ❤ msrc.microsoft.com/leaderboard #WeWorkForSecureworks
@DrAzureAD @ManuelBerrueta Reads like an #aadinternals tutorial :)
New chapter of #AzureAD Attack & Defense Playbook: Are you looking for a way to track and verify your identity security posture? @samilamppu, @PitkarantaM and I have worked on a solution which includes also comparison to recommendations and #MITRE mapping. github.com/Cloud-Architek…
I'll deliver a workshop, "Tokens, everywhere!" at @NorthSec_io, Montreal 🇨🇦 in May! In this hands-on deep-dive, I'll cover #AzureAD #OAuth implementation, different token types, #FOCI, and various attack scenarios. Check out details and get tickets at nsec.io
Check out this new doc that lists all the 🍪 cookies involved in an Azure AD authentication. 😀 learn.microsoft.com/azure/active-d…
Antonio Alvarado @antonixp
127 Followers 2K Following Applications software developer and Information security analyst
Justin Bollinger @Bandrel
6K Followers 2K Following hacker, finder of EKUwu (CVE-2024-49019) https://t.co/XQuqk8n8Qy
dexter @dexter79331247
1 Followers 2K Following
Daniel Abay @Ab4y98
171 Followers 1K Following
FranchFrais @FranchFrais
0 Followers 327 Following
Nya Klocko @NKlocko49702
0 Followers 93 Following
Shane @sbh_csec
22 Followers 759 Following
Paul Lipscombe @PaulLipscombe98
3 Followers 121 Following
Lee Echo @iflywithoutwind
8 Followers 164 Following
Ivo @ivoheus
116 Followers 875 Following Natuurliefhebber met een passie voor macro en landschap fotografie.
Venkatraman K @r3dw0lf_sec
281 Followers 2K Following OWASP Chennai Lead l Security Researcher | Red Teamer | CARTE | CRTO | CRTE | CRTP | CEH
José Cachapa @JoseCachapa
26 Followers 393 Following Security Consultant | Azure Cloud Engineer ☁| Microsoft 365 | MCT
Andrew McCallum @atr8472
718 Followers 7K Following
Todd Pigram @pigram86
1K Followers 2K Following Cloud, Open Source, DevOps , Security & a health and Fitness nut. Words are my own. https://t.co/pwpRyM7x3v
Chris Romano @C_r0m132409
9 Followers 192 Following Proactive services @PaloAltoNtwks, Cloud security enthusiast trying to learn and share all the knowledge!
Artem Sychev @sychev_a_k
75 Followers 738 Following #cybersecurity expert, #datascience interesting #threatintelligence #threathunting #soc #malware #DFIR #machinelearning
pfransc @pfransces
43 Followers 2K Following
Nurfed @Nurfed1
397 Followers 1K Following Security researcher - Red Teamer - Team Tasteless CTF boomer
Devin McLean @devinmclean
427 Followers 2K Following SOC & cyber infrastructure manager. I hunt the badness alongside my team. Father of 3. I like video games. Engineer at heart.
Victor Lima @VictorLima17
144 Followers 2K Following
tjepl @tjepl
225 Followers 3K Following
. @NotSoFastRoach
5 Followers 3K Following
test domain @User2Micro
704 Followers 5K Following
Spiros Fraganastasis @m3g9tr0n
14K Followers 2K Following Team @hashcat! Eternal n00b and knowledge seeker! Age is just a number and motivation is the fuel! Whatever you do in your life, do not forget to be humble.
Eric Woodruff | MVP |... @ericonidentity
2K Followers 729 Following Chief Identity Architect @SemperisTech. Microsoft Security MVP, Entra nerd. Part-time hiker, full-time dad and partner. Opinions expressed are from my cat.
PIPΔS @pipasnacave
419 Followers 942 Following InfoSec Pentester, likes to socialize with machines | i will be at @[email protected]
Bene @m0lto_bene
22 Followers 128 Following Red Team Operator at @nsideattack. Focus mostly on Malware Dev, Windows, AD, Entra ID and Azure
bitdressing @jkbkw
1 Followers 4K Following
LuckY @L_uckyY
195 Followers 2K Following Generally interested in computers (DFIR/pentesting/networking) and likes to play wargames/CTF. Deleting tweets regularly. Likes are my way of bookmarking.
Russ @rustla
268 Followers 658 Following Pentester who often hangs out with the blue team. (he/him) https://t.co/1FK1qTVE4f | https://t.co/am6hJzTsmf
Chris Suozzi @chris_suozzi
21 Followers 5K Following
Chris Beckett @cbecks_2
813 Followers 2K Following Infosec and the Green Bay Packers. Interested in all things DFIR, Detection Engineering, Purple, and CTI. Opinions are mine, certainly not those of my employer.
rayh4c @rayh4c
2K Followers 4K Following
barbittybarnum @lerealmrteatime
0 Followers 579 Following
Thomas William @williamthomasdd
2 Followers 100 Following
Thomas Roccia 🤘 @fr0gger_
35K Followers 2K Following AI Security x Threat Intel · Threat Researcher · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @Microsoft @McAfee_Labs
Renzon @r3nzsec
4K Followers 918 Following IR/Forensics @Unit42_Intel | Contributor/Analyst @TheDFIRReport @XintraOrg | Co-Founder @guidemtraining | CTF member @_hackstreetboys
Patrick Klepek 🎃 @patrickklepek
142K Followers 2K Following editor @remapradio, @crossplayblog // email: [email protected] and [email protected] // tips: [email protected] // signal: 224-707-1561
Pavel Pitrucha @PavelPitrucha
3 Followers 238 Following
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Sergio Caltagirone - ... @cnoanalysis
16K Followers 1K Following President @AcademyThreat & Tech Director @GblEmancipation; Fmr @Dragosinc, @Microsoft & @NSAGov He/Him NOW AT https://t.co/ZWCsxBUFeG
DCP Podcast @dcpthepodcast
1K Followers 12 Following Detection: Challenging Paradigms. The premiere adversary detection podcast. Powered by @SpecterOps. Link below to all supported platforms:
Merill Fernando @merill
20K Followers 4K Following Ex-Microsoft PM | Tweets my own Built → https://t.co/QbUp63ffXf • https://t.co/8W7yvQi3jb • https://t.co/NFLDqDIY8h • https://t.co/tSWrIw8Ajh 📰 Newsletter→ https://t.co/tPzAEl0Zuq & https://t.co/894nfObWuU 🎙️ Podcast→ https://t.co/TBlNKTzn8t
Jose Enrique Hernande... @_josehelps
3K Followers 2K Following ⚔️Prevention Engineering @MagicSwordIO | Ex-@Splunk Threat Research Dir. | Co-creator #LOLDrivers #LOLRMM | Maintainer #AtomicRedTeam #LOLBAS 🤿
Kostas @Kostastsale
20K Followers 384 Following I like building things that solve real problems, working across cybersecurity, product, and research | 🇬🇷🇨🇦
Matt Zorich @reprise_99
15K Followers 2K Following @Microsoft Security | https://t.co/HWozKuixTi | Tweets are my own | 🇦🇺
Microsoft BlueHat @MSFTBlueHat
5K Followers 212 Following BlueHat is where the security research community and @Microsoft security pros come together as peers, to connect, share and learn. Run by @MSFTSecResponse
Jamie Levy🦉 @gleeda
10K Followers 6K Following @Volatility Core Dev | Art of Memory Forensics co-author | Sr. Director of Adversary Tactics @HuntressLabs | #DFIR enthusiast/trainer | [email protected]
Christopher Romano @C_R0M13
168 Followers 1K Following Technical Lead @CrowdStrike | Dad, Cloud DFIR, Hacker, Cybersecurity and Cloud enthusiast that’s trying to learn all the things & share the knowledge.
Michael Hendrickx @ndrix
678 Followers 1K Following Security Research at Microsoft, in my spare time I try to ████████████ but █████ has done ████ to it. Making beats drop and calc.exe's pop. :)
Mehmet Ergene @Cyb3rMonk
14K Followers 451 Following Learn Threat Hunting, Detection Engineering, DFIR, and KQL https://t.co/uAlYlXIXot @BluRavenSec Microsoft Security MVP #ThreatHunting #DataScience
Justin Elze @HackingLZ
70K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Jose Rodriguez 🇵�... @Cyb3rPandaH
6K Followers 350 Following #CyberDefense #AI #DataScience @GeorgeMasonU @NOVAcommcollege @pucp
Nevada @nevadaromsdahl
714 Followers 531 Following Professional hacker. Amateur father, husband, hunter, musician, gamer. (he/him) All views and comments are my own opinion.
Chris Beckett @cbecks_2
813 Followers 2K Following Infosec and the Green Bay Packers. Interested in all things DFIR, Detection Engineering, Purple, and CTI. Opinions are mine, certainly not those of my employer.
James S. @securitypiper
14 Followers 133 Following IT professional, lifelong learner, interested in all things cybersecurity, bagpipes 🏴, or Dungeons and Dragons.
Mike Murray @schpanky247
228 Followers 1K Following
Beau Bullock @dafthack
18K Followers 645 Following Hacker, trainer, and guitarist | Black Hills InfoSec #RedTeam | @BreakForge Training | Produces music to hack to at @N0BANDW1DTH
Justin @j_schoen13
452 Followers 2K Following Detection Engineering @crowdstrike | Fmr. @redcanary | Golfer | New Dad ❤️
Josh Buck-Rogers @_coeus
280 Followers 1K Following Security Engineer, Interested in DevOps, crap at woodwork. Views are my own and all that jazz.
rce_trent @rce_trent
199 Followers 760 Following Disclaimer: Does not represent professional advice, opinions, or employer. CTI-League Member. Former Fortinet. Former Symantec. Former Big4. Former Transformer.
alvarohoyo @alvarohoyo
232 Followers 2K Following
Andrew Krug @andrewkrug
1K Followers 537 Following Southern Oregon Based Security/InfoSec and Saxophone Maven. Cloud Security Instructor for @Antisy_Training. #datadog https://t.co/9lsBAYALTp
Nick Frichette @Frichette_n
7K Followers 2K Following Staff Security Researcher @datadoghq | DEF CON/Black Hat main stage speaker | Created https://t.co/QGWMJjuBzE
Kinnaird McQuade @kmcquade3
7K Followers 2K Following AI security research. Chief Security Architect @btphantomlabs
Wes McKinney @wesmckinn
59K Followers 907 Following Founder @kennsoftware, GP @ComposedVC, AI @posit_pbc
Fabian Bader @fabian_bader
10K Followers 889 Following #Security #Azure #AAD #MDE #M365 #AD #PKI #XDR #EntraID Microsoft MVP Tweets and opinions are my own @[email protected]
goproslowyo @goproslowyo
1K Followers 4K Following Hacker. (SRE|DevOps|Cloud|Security) Professional. prev:🚀, @Google, @Apple and @Twilio/@SendGrid who's tweets are these? they're definitely not mine
dorota @dorotaq
787 Followers 449 Following
Gary McGraw @cigitalgem
5K Followers 20 Following software security #swsec machine learning security #mlsec Tech | Life | Music [email protected]
Lee Lawson @leejlawson
457 Followers 758 Following Ex Mil. Intel, bomb disposal, hacker and hacker hunter. Screenwriter. Represented by @imagine_talent
chiheb chebbi @chihebchebbi201
2K Followers 1K Following
Ryan @Haus3c
7K Followers 355 Following Director of Research @BeyondTrust @btphantomlabs. Former @SpecterOps; @Microsoft. "Old man yells at cloud" vibes
@[email protected] @bradarndt
503 Followers 752 Following Moved to mastodon, find me @[email protected]
Jimmy Vo @JimmyVo
4K Followers 2K Following
Paul Asadoorian @paul... @securityweekly
75K Followers 9K Following Founder of Security Weekly, Principal Security Evangelist at Eclypsium
Sebastián Ramírez @tiangolo
84K Followers 278 Following Creator of @FastAPI, Typer, SQLModel, Asyncer, etc. 🚀 From 🇨🇴 in 🇩🇪 . Open Source, APIs, and tools for data/ML. 🤖 Building @FastAPIcloud. ⚡️
Daniel Roy Greenfeld,... @pydanny
17K Followers 657 Following Software engineer, author, father, husband
Jack Daniel is over t... @jack_daniel
58K Followers 3K Following Storyteller, wanderer, comic, historian, world’s oldest millennial. I used to do stuff, now I do other stuff. @[email protected]
Jared Atkinson @jaredcatkinson
10K Followers 2K Following | CTO @specterops | Host @dcpthepodcast | Ex PowerShell MVP | USAF Vet | FC Bayern Supporter | Language Learner 🇳🇴 🇮🇹 🇧🇷 |Trends for United States
You might like
