Zeroed @Zeroedtech
Just a guy that talks at conferences sometimes Joined July 2019-
Tweets59
-
Followers326
-
Following84
-
Likes25
If you're attending #BSidesMelb2026 this weekend, there's still a handful of tickets available for my Friday training session "Attacking and Defending Microsoft IIS" bsidesmelbourne.com/2026-training-… Come and learn how to write and detect web shells, there's something for everyone
A slightly scary commit, on the plus side, my .NET profiler is a million times easier to extend now
If you're attending #BSidesMelb2026 and have an interest in IIS security, I'll be running training the day before bsidesmelbourne.com/2026-training-… Come and learn how to write and detect web shells, there's something for everyone
Success! After hours of debugging, I found that removing runat="server" from the outer most element of the CVE-2025-49704 payload generated by YSoNet fixed it. Every in the wild sample I've seen has this field set so I'm pretty confused now. @irsdl any idea why this might be?
Has anyone managed to exploit any of the SharePoint ToolPane CVE's on a freshly installed server? I'm testing out a CVE-2025-49704 payload generated with YSo.NET against 16.0.10417.20018 in my lab and whilst the auth bypass works, the payloads fail to deserialise
I’ve recently done a deep dive into how IIS view state machine keys are generated and how they are used to decrypt view state messages. I’ve written up my findings in a new blog post and developed an application to assist with the decryption of view states zeroed.tech/blog/decryptin…
Not the response I want when I resort to AI to debug some mutual TLS issues
@irsdl @BSidesLondon I'd be very keen, viewstate exploration is a massive issue these days but getting people to under the issue is a nightmare
@BertJanCyber I suspect this will follow the same route as the recent SharePoint vulns, adversaries will start simple with basic subprocesses execution but within a few days we'll have malicious .NET assemblies being reflectively loaded
I've recently been experimenting with using .NET profilers to hook .NET functions under IIS and decided to write up a blog post while it was fresh in my mind zeroed.tech/blog/hooking-n…
TOLLBOOTH: What's yours, IIS mine elastic.co/security-labs/…
12 months ago I presented a 3 hour course on attacking and defending Microsoft IIS servers to a packed room at BSides Canberra, today the 30+ hour version went live on @XintraOrg !
New XINTRA course‼️ Advanced IIS Post Exploitation, Detection & Evasion Modern APT groups are actively weaponizing ToolShell and fileless IIS tradecraft to compromise Exchange, SharePoint, ASP workloads. If your detection and response capabilities lag exposure, this course
@irsdl @0xTib3rius @TheRealC3rul34n You don't like waiting 5 mins for the installer to launch, just to tell you you're missing a dependency?
Not a bad read, I think they may be overanalysing a compiled webshell and its a shame they didn't get a memory dump but its great to see more companies talking about this stuff github.com/RedDrip7/Night…
@vinopaljiri Nice, I've always assumed these timestamps had just been tampered with
After a bit more digging it look like its referenced in Microsoft.JScript, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a but not Microsoft.JScript, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a The later of which is used by my IIS
For years I've seen adversaries using the "unsafe" keyword in their JScript eval shells and assumed it was required to eval complex statements (i.e code), but after trying to work out what it actually does for some training I'm working on I found it does nothing! Its unreferenced
@AlienPacket @DebugPrivilege Sometimes you just don't care, as long as you achieve your objective, does it really matter that the blue team knows how you did it? A lot of the c# malware I look at does very little to hide what it's doing
chmakorkrich🍚 ⛓ @chmakorkrich
24 Followers 602 Following just an ordinary curios boy, wandering in Web3, Cybersecurity to learn.
DVRK @dvrk98607
12 Followers 508 Following
Lav. @Lavpanditt
0 Followers 26 Following
YuridiaT @YuridiaT87561
3 Followers 92 Following
TREX @TREXNEGRO_ECU
7 Followers 129 Following 𝖊𝖑 𝕿𝕽𝕰𝖃, 𝖈𝖗𝖊𝖆𝖙𝖎𝖛𝖔, 𝖕𝖊𝖘𝖆𝖉𝖔, 𝖕𝖔𝖊𝖙𝖆, 𝖎𝖓𝖈𝖑𝖚𝖘𝖔 𝖇𝖚𝖊𝖓𝖆 𝖕𝖊𝖗𝖘𝖔𝖓𝖆 𝖊𝖓 𝖒𝖎𝖘 𝖙𝖎𝖊𝖒𝖕𝖔𝖘 𝖑𝖎𝖇𝖗𝖊𝖘
rectifier00x @rectifier00x
11 Followers 172 Following
Pierre B. @Horgh_rce
1K Followers 973 Following French guy interested in reverse engineering / malware analysis / threat intel.
×cybereyes× @xcybereyesx
271 Followers 2K Following
John Molloy @jemolloy
23 Followers 6K Following
jovial @grepNstep
345 Followers 7K Following Retweet ≠ endorsement. Trust those who seek the truth, doubt those who find it
Gerardo Iglesias @iglesiasgg
291 Followers 4K Following
伍默 @_wumo
171 Followers 2K Following 灵活就业的理论派玩家 一言不合移除关注者 我主要会移除和拉黑:非技术从业者 三无号(没有喜欢 , 没有原创推文 ,没有回复),不正常账号 , 我不认可者。 一般不会回关,如果你的内容我觉得认可,我会回关。 总之,非常主观,如果你想解释,可以直接私信。 发的内容包含技术和我的部分日常。
`Ivan @Ivanlef0u
11K Followers 4K Following
pfransc @pfransces
43 Followers 2K Following
Jack Thomson @jackrsthomson
112 Followers 707 Following
Mysticzen @sakkaramaat
53 Followers 869 Following
Cassio @CASSIO_TT
163 Followers 5K Following
HH1 @E0_0E101
4 Followers 323 Following
Afonso Julio @ajulio_afonso
53 Followers 964 Following Open Education Evangelist #OpenEdu #oer #digitalskills #Mooc #inclusivediversity #digitaltransformation #digitalinclusion -All@Mindset - #criticalthinking
Shyam Kiran Adabala @vjsk_adabala
1 Followers 112 Following
zhiwang.chen @ring0rz
4 Followers 442 Following
Jorge Gibbs @V4ltzz
395 Followers 2K Following 🇲🇽 Cybersecurity professional | SOC Analyst | CTF player | DFIR, Threat Intelligence | I like to think like an attacker | Opinions are my own
Andy Gill @ZephrFish
20K Followers 639 Following Security Researcher, RT, Director & Course Author at @ZephrSec |Staff on @CuratedIntel | Lab Creation @XintraOrg | https://t.co/gvGwReANzD - check out my RT course
Missingsnowman ☃ @missingsnowman
3K Followers 8K Following Oliver died 17/6/22 during High Court appeal against vax. Dystonic crisis misdiagnosed. INQUEST adjourned partially heard. Resuming 12/12/23
anvegue @anvegue
43 Followers 2K Following
Beate Klatschfeld @c_qkie
40 Followers 3K Following Ohrfeigen möchte ich meinen zarten Wurstfinger trotzdem nicht antun
Kylm @0xKylm
369 Followers 1K Following reverse fuzzing and maldev / internals enjoyer at @FuzzingLabs 20yo https://t.co/koi6Phdmmf
AbuMuslim (أبومُ... @m19o__
10K Followers 3K Following Security Philosopher, Organizer @BSides_ABQ, Board Member @OWASPEgypt. R&D @aivillage_dc. YT @CyberDose_ Coffee++
hector @sherlockh645
2 Followers 1K Following
Brian Kelly @briankelly1010
51 Followers 392 Following
Dave Kennedy @HackingDave
231K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
Valve @valvesoftware
864K Followers 11 Following We make games, Steam, and hardware. For support, visit https://t.co/VRsFD4GURP.
John Hammond @_JohnHammond
320K Followers 3K Following Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyiEk || https://t.co/narO3syzIy
SummoningTeam @SummoningTeam
1K Followers 7 Following Independent Security Research Team managed by @SinSinology
Pavel Yosifovich @zodiacon
15K Followers 915 Following Windows Internals expert, author, and trainer. Teaching system programming & debugging at TrainSec. Check out my books & courses! 🚀 #WindowsInternals #TrainSec
Satoshi Tanda @standa_t
8K Followers 397 Following Software security engineer and trainer https://t.co/tenaquooTc
Khoa Dinh @_l0gg
2K Followers 117 Following
Alvaro Muñoz @pwntester
13K Followers 511 Following Security Researcher with @XBOW. CTF #int3pids. Opinions here are mine! bluesky: https://t.co/9HRRzpBECt
RedDrip Team @RedDrip7
17K Followers 29 Following Technical Twitter of QiAnXin Technology, leading Chinese security vendor. It is operated by RedDrip Team which focuses on malware, APT and threat intelligence.
Dr. Nestori Syynimaa @DrAzureAD
21K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
SinSinology @SinSinology
13K Followers 735 Following Pwn2Own 20{22,23,24*2,25*3,26*2}, i look for 0-Days but i find N-Days & i chase oranges 🍊
Marc-André Moreau @awakecoding
6K Followers 2K Following Remote desktop protocol expert, OSS contributor and Microsoft MVP. I love designing products with Rust, C# and PowerShell. Proud to be CTO at Devolutions. 🇨🇦
Huntress @HuntressLabs
40K Followers 533 Following Managed #cybersecurity without the complexity. EDR, ITDR, SIEM & SAT crafted for under-resourced IT and Security teams.
Anurag Khanna @khannaanurag
767 Followers 1K Following SANS Certified Instructor, Incident Response@CRWD, GSE #97, Detecting and Responding to Security breaches. My personal views. Down Under.
Soroush Dalili @irsdl
20K Followers 941 Following Hacker (ethical), web appsec specialist, trainer, tools builder & apps breaker 🕸️https://t.co/YipuTcYnWc🥷 🍏A dad-joke maker🍐
𝕏 Bug Bounty Write... @bountywriteups
40K Followers 4K Following 🔍 Bug Bounty Hunter | Content Creator | Sharing cybersecurity write-ups & resources | AI | | by @piyush_supiy #bugbounty #bugbountytips
Justin Elze @HackingLZ
70K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
DebugPrivilege @DebugPrivilege
41K Followers 2K Following Not active anymore on X. Problem solver with a passion for troubleshooting complex issues.
RooCon @RooCon_AU
400 Followers 0 Following RooCon, a free conference on cyber threat intelligence & attribution, is happening in Sydney on 5-6 November 2025.
/ˈziːf-kɒn/ @x33fcon
7K Followers 1 Following When Red meets Blue... The very first security conference for Purple Teams on the planet
Kevin Gosse @KooKiz
6K Followers 134 Following Bluesky: @kevingosse.net Principal engineer @ JetBrains, passionate about .NET, performance, and debugging. MVP. Coauthor of Pro .NET Memory Management - 2nd ed
Dan Patrascu @danpdc
4K Followers 267 Following I’ve spent 15 years building software systems. Now I’m building the system that builds systems as the CTO @ Atherio. Also running the Codewrinkles universe :)
Mandiant (part of Goo... @Mandiant
129K Followers 4K Following We’re determined to make organizations secure against cyber threats and confident in their readiness.
James Newton-King ♔ @JamesNK
42K Followers 61 Following Principal Software Engineer @Microsoft Aspire & https://t.co/LE9LGGmZuk. Author of Newtonsoft.Json.
David Fowler @davidfowl
146K Followers 1K Following Distinguished Engineer at Microsoft, Creator of NuGet, SignalR, https://t.co/PiydKAsC8g Core, Aspire and Barbadian 🇧🇧, Tennis Player, Father, other half @symonefowler
Jenny @jennylwrnce
203 Followers 65 Following building Container Apps and App Service Linux, ninja dev and debugger, awesome laugh, loving mom.
French @nfFrenchie
4K Followers 5K Following InfoSec geek for Cloud/Clusters/Containers/things-starting-with-C ex: @BrexHQ & @Cruise. founder @ensignia_dev honk the planet
Nerdrotic @Nerdrotics
276K Followers 777 Following YouTuber, sober ex-felon, Africa expert, and Alt-Rohirrim. Home of #FridayNightTights - https://t.co/W7zTNKiSzk
Maoni Stephens @maoni0
8K Followers 179 Following loves working on dotnet GC and other perf stuff; avid zoo-goer; wannabe hiphop dancer. old blog https://t.co/FIoh6vkZpn
ComfyCon AU @ComfyConAU
1K Followers 90 Following Cyber without leaving your Isolation Tank | https://t.co/AhVHD3aH8k
BSides Melbourne @BSidesMelbourne
2K Followers 91 Following #BSidesMelb2026 Training 15th May, 2026 Conference 16-17th May, 2026
Chetan Nayak (Brute R... @NinjaParanoid
32K Followers 0 Following Dark Vortex Founder/Brute Ratel Author
Kleiton Kurti @kleiton0x7e
2K Followers 70 Following A web security guy, Red Team Enthusiast and wannabe Malware Developer. Opinions and views are my own.
Angie Tsuboi @AngelinaTsuboi
4K Followers 1K Following programmer, hacker, avionics eng @ icarus, EE @ caltech
Disparu @disparutoo
53K Followers 362 Following
Andrew Munchbach @amunchbach
563 Followers 247 Following @[email protected] — Engineer. Cheez-It connoisseur. Fragment abuser. Forever in search of the perfect backpack.
eric pointcrow @PointCrow
180K Followers 544 Following i do things | https://t.co/yZa1iEdB8p | https://t.co/3huar9V4kH | Business inquiries: [email protected]
DevNQ @dev_nq
130 Followers 38 Following A community of software developers and programmers who want to learn new things, share their knowledge and meet new people!
Jiří Vinopal @vinopaljiri
10K Followers 562 Following Threat Researcher at Check Point @_CPResearch_ All opinions expressed here are mine only. https://t.co/iWvwWF1AnN
Black Hat @BlackHatEvents
424K Followers 2K Following The World's Premier Technical Cybersecurity Conference Series
George Kurtz @George_Kurtz
106K Followers 460 Following President & CEO CrowdStrike, Former CEO of Foundstone, Former CTO of McAfee, and author of Hacking Exposed
Dray Agha @Purp1eW0lf
6K Followers 3K Following Hunt & Response Senior Manager @HuntressLabs || "Competition is the law of the jungle, but cooperation is the law of civilisation” - Kropotkin
Flipper Devices @flipper_net
105K Followers 152 Following A portable multi-tool device in a toy-like body for pentesters and hardware geeks. Buy worldwide here ➡️ https://t.co/n09EKVnYgQTrends for United States
You might like
