Chris Sanders 🔎 🧠 @chrissanders88
Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSM chrissanders.org/links/ Mayfield KY ➡️ Gainesville GA Joined July 2008-
Tweets14K
-
Followers32K
-
Following506
-
Likes17K
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇Dave Kennedy @HackingDave
207K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Podcast. Fam First/Hacker/CSO/USMC/Intel/Fitness. Motto: Make world a better placeJake Williams @MalwareJake
130K Followers 2K Following Breaker of software | GSE #150 | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | He/himmRr3b00t @UK_Daniel_Card
92K Followers 7K Following 真理的揭露者 Quis custodiet ipsos custodes fella in cyberspace #nafo undercover #FVEY Lovely Horse #fella #meme #farm #appreciator #cyber #specialistJustin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsMick Douglas 🇺🇦.. @bettersafetynet
26K Followers 571 Following Consultant for InfoSec Innovations | @SANSInstitute Principal Instructor | @IANS_Security Faculty | I like information security. How about you?Ali Hadi | B!n@ry @binaryz0ne
29K Followers 568 Following DFIR and Adversary Simulation | DFIR @ ProtonMail | Perfect Stranger | Stronger Together |Katie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]Andrew Thompson @ImposeCost
34K Followers 1K Following Head of Research and Discovery @Mandiant/@GoogleCloud. Understanding and countering adversaries. Posts attributable to me—not my employer.Sherrod DeGrippo 🦓 @sherrod_im
31K Followers 7K Following Strawberry Tempest. Weird security voyeur. Vibe merchant. CISO of your heart. Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast.strandjs - strandjs@b.. @strandjs
45K Followers 2K Following I will light the way by the bridges I burn. Retired Senior SANS Instructor IANS Faculty Black Hills Information Security Active CountermeasuresAccidental CISO @AccidentalCISO
54K Followers 2K Following I accidentally became the CISO. I didn't want this job, but the job chose me. I'm scared, and I want to go home.Kostas @Kostastsale
16K Followers 364 Following @TheDFIRReport member | Tweeting and following mostly #ThreatIntel,#malware,#IR & #Threat_Hunting. Opinions are mine only! 🇬🇷🇨🇦Dr. Maik Ro @maikroservice
19K Followers 708 Following Training the next generation of Hackers | 💜-Team Hacker | CRTP, PNPT, eCPPTv2, BTL1, CRTO, CARTP, BTL2 (last one soon™ CRTL) | he/himMehmet Ergene @Cyb3rMonk
11K Followers 422 Following 👉 Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR at https://t.co/uAlYlXIpyV - Founder @BluRavenSec | Microsoft Security MVP | #DataScienceFrank McGovern @FrankMcG
16K Followers 249 Following Cybersecurity @ Fortune 100’s ● @BlueTeamCon Founder ● @MARFORCYBER Cyber Auxiliarist ● Former USMC Intel ● Auto Enthusiast ● Real Estate Owner ● RuckerJust Another Nerd @NicoleBeckwith
41K Followers 8K Following Manager, Threat Operations @kroger 🍓 Intel, Hunting, Detection Engineering, Insider Risk & Fraud. 💻 Fmr LE & DFIR for OH & Secret Service TF. ✝️ #FSDEvilMog @Evil_Mog
15K Followers 2K Following X-Force, Team Hashcat, Bishop of the Church of Wifi, Uber Badge Collector. Views != Employers. Not a Ph.D, Recycled Memes. Multi User Dungeon Shenanigator.rootsecdev @rootsecdev
24K Followers 1K Following Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.Andy strozewski @Andy_stroze
213 Followers 162 Followingissa mohammed @issamohamm17941
27 Followers 729 FollowingBlue Sky @Bye00Sky
0 Followers 62 Followingcreamy.eth @nickpcool
9 Followers 93 Following #QueenOfTears#Abhisha #TATAIPL#WELL3 #ShivangiJoshi #TikTok #healixprotocol #GardeningXDharamveer Kotiya @Dharamveer73127
6 Followers 48 FollowingTony V @TonyV23456
150 Followers 2K FollowingThanks Always @iTimonPumbaa
5 Followers 368 FollowingKushal Awaghad @itzzkushal
22 Followers 125 FollowingDeen @itxDeeni
3K Followers 3K Following Backend/ API Engineer | Technical Writer 👨💻 ⚡️Typescript 🐍Python ☕️Java 🐙Git 🐧Linux ⚓️Scrum ☁️AWS 🐳Docker 🌟GitHub 🏆Agile 📊SEO 🤖AICH.Nesrine 🇩🇿�.. @Ch25Nesrine
35 Followers 200 FollowingTamilselvi @ChellaTamil25
3 Followers 194 FollowingFred_Santos @_fredssantos_
68 Followers 2K FollowingMichele @MicheleAnne_24
0 Followers 124 FollowingErick Gama @ErickGa05577852
12 Followers 184 Followingdig8italX @dig8italX
135 Followers 2K Following dig8italX, the leading artificial intelligence firm that specializes in creating customized AI solutions for businesses.Alexia Ovando @alexia_og14
161 Followers 574 Following ⚽️ Habló de fútbol todo el día ❤️🤍 ✨Que nadie te diga que no puedes✨Angelolol @aangelolol
57 Followers 843 FollowingX0V @X0V00
16 Followers 373 FollowingDan Sanders @SandersEngineer
435 Followers 2K Followingdiarrhea_goat @diarrhea_goat
0 Followers 238 Following Systems eng by day, pentester by night. Sharing what I learn along the way and randomly bitching about IBD.Peter @Petersharmaus
4 Followers 12 FollowingTrex @Ty_016
116 Followers 225 Followingwhatever douchebag @notsureigetthis
40 Followers 639 FollowingPat Kelly @BARN5280_Pat
111 Followers 469 Following I once punched a hole in the wall in College during a Nuggets Spurs playoff game.Danny Hillis @dannyhillix
23 Followers 75 FollowingAndrizzle @Andrizzle221
126 Followers 3K FollowingIs this dangerous? @random_reboot
13 Followers 322 Followingsayed essam @sayedessam76860
3 Followers 288 Followingjustanumber @brassybel
380 Followers 2K Following just here to learn and support those doing great work. posts are not a personal attack mumCostantin Wonn @w264481hh
24 Followers 365 Followingsignalblur📡🛸 @signalblur
60 Followers 384 Following Founder @ Signalblur Cyber Threat Intelligence, parked - find me on mastodon @ https://t.co/PDJPhsbMxKZheray @SatelliteNetSec
8K Followers 4K Following 3️⃣0️⃣ | InfoSec @TMobile, previously of @Bungie & @Expedia | Avid reader | ASOIAF aficionado | History & GeoPoli & Econ | AI/ML & Blockchain enthusiast | 🇵🇸Larissa Sukup @LarissaSukup
0 Followers 47 FollowingVinayak Kapoor @vinayakkapoor
60 Followers 274 FollowingInto The Shadows @IntoTheShado
365 Followers 389 Following Dive into the shadows as we deliver groundbreaking & immersive research on social media manipulation, social engineering, and cyber security.Nithin S @NithinS1548654
44 Followers 412 FollowingIjona Technologies @ijonatech
18 Followers 176 Following Ijona Technologies is an IT services and solutions company that provides software development, web and app development, cloud computing,digital marketing.JenniferClara @2ueoW23B4cF10W7
20 Followers 238 Followingaravindsrisai6@gmail... @aravindsriragu
6 Followers 22 FollowingFlorian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇Dave Kennedy @HackingDave
207K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Podcast. Fam First/Hacker/CSO/USMC/Intel/Fitness. Motto: Make world a better placeJustin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsAli Hadi | B!n@ry @binaryz0ne
29K Followers 568 Following DFIR and Adversary Simulation | DFIR @ ProtonMail | Perfect Stranger | Stronger Together |Katie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]strandjs - strandjs@b.. @strandjs
45K Followers 2K Following I will light the way by the bridges I burn. Retired Senior SANS Instructor IANS Faculty Black Hills Information Security Active CountermeasuresSANS DFIR @sansforensics
104K Followers 98 Following The world's leading Digital Forensics and Incident Response provider. This feed updates you on latest DFIR news, events, and training.Kostas @Kostastsale
16K Followers 364 Following @TheDFIRReport member | Tweeting and following mostly #ThreatIntel,#malware,#IR & #Threat_Hunting. Opinions are mine only! 🇬🇷🇨🇦Dr. Maik Ro @maikroservice
19K Followers 708 Following Training the next generation of Hackers | 💜-Team Hacker | CRTP, PNPT, eCPPTv2, BTL1, CRTO, CARTP, BTL2 (last one soon™ CRTL) | he/himThe DFIR Report @TheDFIRReport
53K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion. Services: https://t.co/XW613EKt2wNasreddine Benchercha.. @nas_bench
10K Followers 1K Following Detection @nextronsystems | @sigma_hq & LOLDrivers maintainer | Avid learner and passionate about all things #Detection #Sigmaedskoudis @edskoudis
62K Followers 294 Following President SANS Technology Institute College. SANS Fellow. Pen Tests & Inc Handling. Founder & CEO @CounterHackSec. Board of @manasquanbank and @fpatheatre.comChad Tilbury @chadtilbury
23K Followers 624 Following Digital forensics and incident response. Ex-AFOSI, Mandiant, and CrowdStrike. SANS Institute Fellow and co-author of #FOR500 and #FOR508 courses.Samir @SBousseaden
24K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]DirectoryRanger @DirectoryRanger
31K Followers 100 Following This account assembles and disseminates information related to Active Directory and Windows security.John Hultquist @JohnHultquist
28K Followers 1K Following Chief Analyst, Mandiant Intelligence @Google. @CYBERWARCON and @SLEUTHCON founder. Johns Hopkins professor. Army vet.SANS.edu Internet Sto.. @sans_isc
116K Followers 86 Following @[email protected] - https://t.co/8IgCGtJnZd - Global Network Security Information Sharing Community -Eric Capuano @eric_capuano
10K Followers 3K Following Director @limacharlieio | Founder @recon_infosec | SANS DFIR Instructor | IANS Faculty | https://t.co/yCVDASYk8s | ⬡Microsoft Threat Inte.. @MsftSecIntel
180K Followers 1K Following We are Microsoft's global network of security experts. Follow for security research and threat intelligence.Mario A Maitland @MarioMaitland_3
9K Followers 450 Following Digital Content Creator For Kentucky Sports Radio & IHeartMedia 🎥 •Talk Radio Host WXLU 93.9 FM 🎙️• Host of @whats_nextpod • University of Kentucky Alum 🎓HackSpaceCon @HackSpaceCon
3K Followers 1K Following Launch with us! Hack Space Con April 10-13th,2024. Tickets Available Now: https://t.co/VtWXzZwbybCaitlin @TheGamblingBird
3K Followers 2K Following Incident response and systems thinking. Birder. Equal parts minx and battle axe. Forever a wild card.Mathias Fuchs @mathias_fuchs
3K Followers 1K Following Something with IR and Intelligence @InfoGuardAG, Certified Instructor and author @SANSInstitute (@SANSEMEA), Former Principal IR Consultant @MandiantLEGO® IDEAS @LEGOIdeas
241K Followers 19 Following Share ideas for new LEGO® products, enter cool contests, and vote for your favorites. @LEGO_GroupJosh Brunty @joshbrunty
2K Followers 2K Following Head Coach @uscybergames | Professor @marshallu | Digital Forensics @marshallu_cfs𝙿𝚛𝚘𝚏. �.. @Identatron
672 Followers 640 Following Experienced #DFIR Investigator & Academic. Casework active across Civil, Criminal, Intelligence, Media, etc. Based @unisouthampton, My Views are my own!!KicksFinder @KicksFinder
491K Followers 2 Following Links to the best sneaker releases, deals and restocks. (Affiliate links)OVW Wrestling @ovwrestling
49K Followers 1K Following LIVE on FITE TV Thursdays 7pm EST - Historic Professional Wrestling organization in Louisville, KY - Catch WRESTLERS on NETFLIX now! #WrestlersNetflixKSR @KSRonX
15K Followers 80 Following KSR on X: University of Kentucky sports news in the most ridiculous manner possible. Some call me Ron.Nikki Siapno @NikkiSiapno
150K Followers 306 Following Engineering Manager at @Canva | Founder of Level Up Coding | — A big thank you to our partner @getpostman who keeps our content free to the communityRegular Obsession @reg0bs
354 Followers 1K Following SOC Tech Lead. Lecturer. Course Author. Security and Data Enthusiast. Coffee Nerd. He/Him.Internal Tech Emails @TechEmails
523K Followers 901 Following Internal tech industry emails that surface in public records. 🔍Sneaker News @SneakerNews
1.5M Followers 142 Following The Authority in Sneaker News. Follow @kicksfinder for release links to all the latest sneakers.Adrian Sanabria (@saw.. @sawaba
10K Followers 2K Following 🎙️ Enterprise @secweekly Podcast, 🤝 Founder @bsidesknoxville, 🗣️ Faculty @IANS_Security, 🍳 Cooking, 🏎️ F1, ⛰️ HikingCraig Chamberlain @randomuserid
3K Followers 2K Following Former Elastic, QRadar. I do detection. I'll find you, it's what I do. It's all I do. Tweets my own @[email protected] | @randomuserid.bsky.socialErica Peterson @ericalikestech
3K Followers 4K Following Sales & Marketing @vtxproject | J.D. Candidate @duqklinelaw | Board Member @kc7cyberNathan Baugh @nathanbaugh27
250K Followers 921 Following Exploring the art & science of story. Writing fiction. Join 84,000 getting better at storytelling every Sunday → https://t.co/vXSuZPW1dCPremium @premium
799K Followers 1 Following Subscribe to get your blue checkmark, no ads in For You, custom navigation, long videos, 25k+ character long posts, bookmark folders and more.Daniel @DanielOfService
270 Followers 370 Following Cybersecurity enthusiast with the main interest in DFIR | Tweet in English and IndonesianVV @_vventura
1K Followers 567 Following THIS ACCOUNT IS NOT ACTIVE. NEW https://t.co/IbsMvvpwZp My opinions are my own not my employerTTI @TikTokInvestors
282K Followers 995 Following We curate funny, interesting, and cringy finance / biz content. We are not affiliated with TikTok. Posts belong to respective owners. Voted #1 hedge fund.PUNS @ThePunnyWorld
658K Followers 5 Following Follow for the most hilarious puns and dad jokes! Not affiliated with any of my tweets.NREA @nrea1
5K Followers 5K Following The National Rural Education Association (NREA) is the oldest established national organization of its kind in the United States.Rural Schools Collabo.. @Rural_Schools
3K Followers 1K Following Building sustainable rural communities through a keen focus on place, teachers, and philanthropy - with rural hubs serving 30+ states.Blake Burge @blakeaburge
416K Followers 147 Following Helping You Learn While I Do The Same | Fan of Bourbon & Books 🥃 📚I Am a Rural Teacher @IAARTCampaign
1K Followers 285 Following Rural teachers from across the US share ideas, stories, and best practices | Submit stories: https://t.co/Lae7L8yWmWDFIR-IRIS @dfir_iris
883 Followers 4 Following Collaborative Incident Response investigation platform, for analysts by analysts. Free and Open Sourcecraig newmark @craignewmark
92K Followers 5K Following craigslist founder & CSR, not management since 2000, https://t.co/MgiGNQGJ9HKen Jennings @KenJennings
465K Followers 560 Following Your Jeopardy! pal. Author of 100 PLACES TO SEE AFTER YOU DIE (https://t.co/pxwTQ2d7lo) and a bunch of other stuff. OMNIBUS co-founder (https://t.co/aURWrO4dAO).Dray Agha @Purp1eW0lf
6K Followers 3K Following Security Operations Center Manager @HuntressLabs || "Competition is the law of the jungle, but cooperation is the law of civilisation” - Kropotkins0cm0nkeysec @s0cm0nkeysec
965 Followers 251 Following Security Operations Manager at Secureworks. I hack things, herd cats, and I eat tacos. My thoughts are my own. Check out my reference guide.Chef José Andrés �.. @chefjoseandres
1.2M Followers 2K Following We all are Citizens of the World. What's good for you, must be good for all. If you are lost, share a plate of food with a stranger...you will find who you are.Jen Easterly🛡️ @CISAJen
61K Followers 422 Following Director, America’s Cyber Defense Agency/Head Goalie, Team Cyber. Combat Veteran. Proud Mom. Rubik’s🧊 Enthusiast. Aspiring Electric 🎸. ❤️/RT ≠ endorsementMuppet History @HistoryMuppet
286K Followers 2K Following FAN PAGE dedicated to continuing the spirit and silliness of Jim Henson! Curated and Operated by @HalfHearted_JG Business: [email protected]@chrissanders88 Why aren’t we talking about the three possum moon t-shirt and where we can get one?
the internet was so much simpler then 🥺
Chris is a great follow for Incident Response and Investigations. This thread reminded me that I had forgotten the degree to which regsrv32 can be leveraged. Then MITRE refreshed me to my ever-increasing horror: attack.mitre.org/techniques/T12…
In an ideal situation, you'd examine the full command line of the execution. However, I limited the scenario by making those logs unavailable, which is a common scenario on many networks, unfortunately.
@chrissanders88 With no EDR and sysmon, I’d probably start with some of the artifacts of execution. I’d look at ShimCache, Amcache, Prefetch, and RecentApps Registry to try to get a picture on how the executable got there. From there I’d be lookin to see what else the executable could be loading
@chrissanders88 Use netstan -anb to Discover whats the process is doing it
@chrissanders88 Check digital signature of regsvr32.exe, Investigate recently modified files in the AppData\Roaming directory,Check scheduled tasks for suspicious entries, Analyze network activity for unusual connections and Consider memory forensics if possible. TA: APT29 & APT32
@chrissanders88 1. I would scan the file with virus total and annotate the creation date. 2. Look at the Registry for newly altered HKEYs. 3. Check for priv escalation. Threat actor COZYBEAR aka APT29 was known for using this with a technique called squiblydoo. Could also show signs of…
@chrissanders88 Ahhh I didn’t see that. Tracking! I know for sure APT 19 and and the authors of QakBot uses it. I would have to refer to the registry keys (run, RunOnce, MRU) to review the entries. I also can ref query the registry to look for any *.dlls This will all be preliminary.
@chrissanders88 Buying cookies? Why the hell aren’t you making those awesome cookies from the recipe at the back of your book?
This is amazing and I demand other farmer markets become TSwift themed pleaseeeee
@chrissanders88 Just have to shake it off and enjoy the sugar cookies :)
Current list of our confirmed Fox Pick Villages for 2024! @bsidesnash @BSidesKnoxville @BSidesAugusta @BSidesGVL @BsidesCLT @BSidesJax #LockCon and @Hak4Kidz!!! Reach out if you would like for us to come to your next event! We would love to meet you!