Chris Campbell @obscuresec
Threat Emulation Lead at ⟦redacted⟧. Obscure security researcher. My handle flags bad AV. #PowerShell, #IoT sec, #OST, father of a bunch and Army Vet obscuresec.com $env:USERDNSDOMAIN Joined November 2011-
Tweets10K
-
Followers11K
-
Following654
-
Likes8K
Physical assessments are just adult hide and seek
Microsoft Red Team has multiple roles open at different levels. They even have an intelligence focused role responsible for understanding the security graph and helping the red teams to target! jobs.careers.microsoft.com/global/en/sear… #infosecjobs #microsoftredteam
A gentle reminder: high quality security research is hard. Sometimes it's not about being tired or energized, in the zone or out of it, having a good or bad sleep; sometimes it's just that it's *hard*.
It is going to take more than that to fix the Sabres. x.com/mysportsupdate…
It is going to take more than that to fix the Sabres. x.com/mysportsupdate…
📜 A tale as old as time...📜 #hacking #infosec #cybersecurity
The NFL is a tough business. Stefon Diggs is a great player and I am sure he will have many more productive years. I hope he ends up in Canton. He played catch with kids while warming up before every game. He was a leader on the sideline for the Bills. I won't root against him.
Don’t worry everyone. There’s only one backdoor and we found it, so everything’s totally ok now.
The setup behind the CVE-2024-3094 supply-chain attack is fascinating. I originally wanted to finish and share a tool to audit other OSS projects for anomalous contributor behavior, but I feel what I found trying to MVP it is way more interesting. 🧵 1/25 gist.github.com/rubyroobs/77cc…
My hot take on the xz back door: it’s a success for the community. It took 2 years to sneak it in and it was caught in 1 month before it was in any major distro. It is really hard to backdoor a distro which is pretty cool.
An upstream attack on an operating system dependency has made your remotely accessible SSH servers vulnerable to malicious access / code execution.
Security Consultancy #3 Sr Sales Exec at Consultancy: "We have an unspoken agreement with our clients, we don't do thorough testing because they don't want it. They just want to check the pentest off the yearly list."
There are companies out there selling Nessus and Nuclei scans, marketing them as penetration testing and red teaming... Basically, push a button, import to a reporting tool, and deliver to the client. I'll be posting some stories from these places, as I have some sources...
Ghidra 11.0.2 released. Bug fixes and minor improvements. Check out the "What's New" link for details. github.com/NationalSecuri…
APT31 sent its victims emails w/hidden tracking links that uncovered recipients' IP, location & device info. The info was then used to facilitate more complex targeted attacks, such as hacking into the targets' home routers. We should all be using plain text email and opening…
What are people using for home virtualization labs now?
Interested in red team operations using almost all internal tooling against some of the hardest companies in the world? Love coding on the fly? TrustedSec Targeted Operations may be for you. Shoot me a DM.
Oh, yes! The "Progress" way to keep researchers out of your stuff...
Oh, yes! The "Progress" way to keep researchers out of your stuff... https://t.co/BG4uBZ9o4r
When I see someone with 10 certs in their signature block
Florian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsDave Kennedy @HackingDave
207K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Podcast. Fam First/Hacker/CSO/USMC/Intel/Fitness. Motto: Make world a better placeMike Felch (Stay Read.. @ustayready
15K Followers 2K Following Pentester / Red Team | Hacking since Renegade BBS backdoors | Dev since vb3 | Content since '99-'03 ezines | Prior CrowdStrike / BHIS | In Christ's gripNicolas Krassas @Dinosn
122K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3rootsecdev @rootsecdev
24K Followers 1K Following Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.Mick Douglas 🇺🇦.. @bettersafetynet
26K Followers 571 Following Consultant for InfoSec Innovations | @SANSInstitute Principal Instructor | @IANS_Security Faculty | I like information security. How about you?bohops @bohops
13K Followers 454 Following Full StackOverflow Developer | Security Researcher | Red/PurplePtrace Security GmbH @ptracesecurity
53K Followers 883 Following Empowering IT Security Professionals through Hands-On Online Courses.b33f | 🇺🇦✊ @FuzzySec
32K Followers 840 Following 意志 / Antiquarian @ IBM Adversary Services / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabsn00py @n00py1
13K Followers 955 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research. [email protected] on MastodogeJosh @passthehashbrwn
7K Followers 344 Following Adversarial Simulation at IBM, tweets are mine etc.Jason Lang @curi0usJack
15K Followers 195 Following @TrustedSec Red Team | Hi-Fidelity trolling | Privacy Enthusiast | Putting the "no" in nano | Avatar: https://t.co/3XHmKR8VrSMarcello @byt3bl33d3r
29K Followers 531 Following CyBeRsEcUrItY | Not afraid to put down with some THICC malware on disk | securing and breaking AI @ProtectAICorp | Ex @spacex🥝🏳️🌈 Be.. @gentilkiwi
62K Followers 277 Following A kiwi coding mimikatz & kekeo github: https://t.co/eS3LVgU6i0 Head of security services @banquedefrance Tweets are my own and not the views of my employerstrandjs - strandjs@b.. @strandjs
45K Followers 2K Following I will light the way by the bridges I burn. Retired Senior SANS Instructor IANS Faculty Black Hills Information Security Active CountermeasuresSteve Syfuhs @SteveSyfuhs
17K Followers 2K Following Windows and Authentication at Microsoft. Developer. Mostly dog pictures. Might actually be two dogs in a trench coat. 🇺🇸 / 🇨🇦 @syfuhs.net on blue skyTarantula @Taraacula
0 Followers 65 Following Wicked Spider. A beautiful bunch of ripe banana (Daylight come and me wan' go home) Hide the deadly black tarantula (Daylight come and me wan' goChriss_0x01 @Chriss_0x01
903 Followers 4K Following Proud #EthicalHacker #CyberCrime🖥️#Investigator #BugBounty🏆#Hunter #ThreatHunter (#InfoSec & #CyberSec) #Expert🧑💼 && _I_AM_: CEO @EthiclSecAgency 👀404 Law Not Found @404lawnotfound
11 Followers 46 FollowingPanda909 @kebablover369
8 Followers 49 FollowingKristen! @SecPanda_
422 Followers 2K Following Bears. Beets. Battlestar Galactica. Cyber Threat Intel. Eater of snacks. 🐼 @[email protected]template @897d85b1d0b6
61 Followers 526 Followinghamsterruby @hamsterrubyy
0 Followers 484 FollowingTony UV @t0nyuv
1K Followers 870 Following @VerSprite CEO & Founder | @OWASPAtl Leader | Author of Process for Attack Simulation & Threat Analysis (#risk centric #threatmodeling Methodology & Book) 🇻🇦Van hai Nguyen @VanhaiN37559827
2 Followers 122 FollowingNoel @noel_kitonga
335 Followers 541 Following I help brands and non-profits grow by leveraging Brand Strategy, SEO, and Social Media to attract quality traffic, leads, and sales online.SecG3ek @SecG3ek
26 Followers 121 Followingbadhombre @cortafuego11
36 Followers 105 FollowingHasan @Hasan1410387
52 Followers 1K FollowingA @cindy7castillo
67 Followers 356 Following Love life, enjoy traveling, enjoy different landscapes and cultural history (hope to meet friends with common interests)Thorapan Shaji @ThorapanS
0 Followers 10 Followings4dmach1ne @s4dmach1ne
65 Followers 559 FollowingRich Rowley @B_Claw12
19 Followers 110 FollowingVile @Vile_ircN
50 Followers 474 FollowingTrunorth @Trunorth_pak
59 Followers 492 FollowingTyler Horschig @JamesHorschig
5 Followers 60 FollowingBoss Hog @InnDaSpace
206 Followers 183 Followingaj LakesideLiving @LakesidelivingJ
460 Followers 4K Following earthling amongst earthlings earth is our home borders where friends celebrate life friends to the world truth is a possibility. life for life future lifeK1R0 M4G3D @kokomagedd
90 Followers 177 Following Cybersecurity engineer - Bug Bounty Hunter | CTF Player | HTB CBBHCharley ☠ @charleytonge
7 Followers 769 Following Red Team | Vulnerability Research & Exploit Dev | Mal Dev & RE 🗡️cyberlearn98 @cyberlearn57972
2 Followers 45 FollowingSerag Adeen Fouzi @AdeenFouzi
275 Followers 3K Followingfaan ross @faanross
449 Followers 911 Following | maldev | ctfs | pixels | ascii | dithering | glitch | motion | indie games | meme magik |Naman Devnani @naman_devnani
328 Followers 5K Following Security Researcher | Purple Team | Bug Hunter | CTF Player | Science & Tech Enthusiast | R&D | All-Source Intelligence | CAP | DCSP | TTIA | BCDEPr@$#@_2024 @PrashPrash63766
156 Followers 2K FollowingAhmad Hassan @Ahmadasn97
0 Followers 121 Followingcheesyquesadilla @quesadilla_exe
521 Followers 3K Following CTF player and CS student. Still bad at computers.Confidence Daniel @ConfidencDaniel
311 Followers 925 Following Cybergirl 3.0 Red Teamer @ Virtually Testing FoundationGustavo lozano @Gustavoalozano
211 Followers 3K Following a simple and quiet life bring you more happiness than the search for success in a constant restlessness.bl4ck_W01f @0xd0s3nt
37 Followers 294 Following It's always easier to break things if we already know how to build them.Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsDave Kennedy @HackingDave
207K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Podcast. Fam First/Hacker/CSO/USMC/Intel/Fitness. Motto: Make world a better placeNicolas Krassas @Dinosn
122K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3Vincent Yiu @vysecurity
27K Followers 203 Following Follow me for Cybersecurity #Thought #Leadership. Director Red Team. Help organizations safeguard their businesses from the bad guys.Dirk-jan @_dirkjan
25K Followers 173 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.Will Dormann @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. @[email protected]Greg Linares (Laughin.. @Laughing_Mantis
29K Followers 2K Following 20+ yrs in Infosec. Cybergoth. Musician. Autistic. Art @MalwareArt. 4x Pwnie Nominee. Red Teamer. 𝕍𝕏. Chronic Illness Fighter. I love Smite, Gamedev & Synthsrootsecdev @rootsecdev
24K Followers 1K Following Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.Mick Douglas 🇺🇦.. @bettersafetynet
26K Followers 571 Following Consultant for InfoSec Innovations | @SANSInstitute Principal Instructor | @IANS_Security Faculty | I like information security. How about you?bohops @bohops
13K Followers 454 Following Full StackOverflow Developer | Security Researcher | Red/Purpleb33f | 🇺🇦✊ @FuzzySec
32K Followers 840 Following 意志 / Antiquarian @ IBM Adversary Services / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabsn00py @n00py1
13K Followers 955 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research. [email protected] on MastodogeJosh @passthehashbrwn
7K Followers 344 Following Adversarial Simulation at IBM, tweets are mine etc.Jason Lang @curi0usJack
15K Followers 195 Following @TrustedSec Red Team | Hi-Fidelity trolling | Privacy Enthusiast | Putting the "no" in nano | Avatar: https://t.co/3XHmKR8VrSJames Forshaw @tiraniddo
48K Followers 364 Following Security researcher in Google Project Zero. Author of Attacking Network Protocols. Tweets are my own etc. Mastodon: @[email protected]Marcello @byt3bl33d3r
29K Followers 531 Following CyBeRsEcUrItY | Not afraid to put down with some THICC malware on disk | securing and breaking AI @ProtectAICorp | Ex @spacexSECurityTr8Ker @SECurityTr8Ker
3K Followers 5 Following I monitor the SEC's RSS feed for 8-K and 6-K filings with Item 1.05. Last SEC check: 2024-04-27 10:20:23 ET.N. M. Curry @realNickCurry
9K Followers 3K Following Senior Advisor to the Chief Executive Officer (CEO) on organizational structure, material resources, and manpower. Follow on Instagram: n.m.curryPierre Kingpin @Pierre_Kingpin
19K Followers 10K Following Founder/Co-Owner CEO at @BfloFanatics ✊🏾↙️ #RememberWhoWeHave (Check out the Highlights)Pierogi @ScammerPayback
64K Followers 130 Following Come join us as we go on the adventure of giving visibility into scammers and how they operate. [email protected] (Business ONLY, no investigations)Happy Captain @EODHappyCaptain
18K Followers 5K Following not an official Army account | I tweet about the Army and dad things | Dad to a toddler who loves TV shows I hate (except Bluey) | views are my own, not DoD.Aaron Schatz 🏈 @ASchatzNFL
87K Followers 566 Following Chief Analytics Officer @FTNFantasy. Creator of DVOA. ESPN+ NFL analyst. Ex-radio DJ. AP All-Pro/MVP voter. I specialize in nuanced, ice-cold NFL takes.Jonny Johnson @jsecurity101
7K Followers 368 Following Principal Security Engineer @preludeorg | Windows Internals & ResearchAaron Grattafiori @dyn___
6K Followers 2K Following AI/ML Red Teaming Lead at Meta. Ex-Security Red Team Lead. Ex-Principal Consultant and Researcher @ iSEC Partners/NCC Group.Thinkst Canary @ThinkstCanary
12K Followers 10K Following Most companies only realise they are breached when informed by a 3rd party. This is a stupid problem! Thinkst Canary. Know. When it Matters.Justin Kennedy @jstnkndy
8K Followers 880 Following Infosec professional & beverage snob. Vice President of Research Consulting @ Atredis Partners. Forever terrified of Kithicor. @[email protected]Empire @EmpireC2Project
2K Followers 22 Following GitHub: https://t.co/7Utqi0iYau Mastodon: @[email protected] Instagram: EmpireC2Project TikTok: EmpireC2ProjectMatt | HuskyHacks @HuskyHacksMK
17K Followers 95 Following Security researcher at @HuntressLabs. AT Thru Hiker 2023. not really using twitter anymore but still respond/answer questions from time to time 🏔🚶♂️🏔 ✌Stargeezer @Stargeezerlabs
35 Followers 164 Following Teacher of 1s & 0s, hacker, husband, dad, devoted to God, and vintage computer obsessed. Welcome to the Lab....Please Stand By. Formerly: @vastargazerChris Inglis @ncdinglis
10K Followers 32 Following National Cyber Director. Principal adviser to the President on cyber policy and strategy.Tim McGuffin @NotMedic
6K Followers 1K Following Adversarial Cartographer. Risk Hunter. DEFCON Staff & CFP Board. MS in DF. Fmr Fire/EMS. Red and Blue. Builder. Tinkerer. Chaotic Good. Morally Flexible.TruBluFan (True) / @t.. @TheTruBluFan
728 Followers 1K Following @defcon (Speaker Ops) #Goon, https://t.co/DzATo2ycqC {Moderator}, @Shmoocon/@BsidesDC/@BSides_NoVA/@BSidesLV volunteer,@BSidesCharm organizer, @BSidesPhilly coordinatorHope Walker @Icemoonhsv
1K Followers 128 Following Senior Consultant on Adversary Simulation at @SpecterOps. All opinions are my own.@[email protected].. @2600
57K Followers 5 Following The Hacker Quarterly Bluesky: @2600.com Mastodon: @[email protected]Matt Hand @matterpreter
9K Followers 290 Following Director, Security Research @preludeorg 💜 | Author of Evading EDR https://t.co/E5fs0sSTOv 📖 | Adversary tradecraft & windows internals 🦠Atomic Threat Coverag.. @atc_project
2K Followers 1K Following Actionable analytics designed to combat threatsJen Easterly🛡️ @CISAJen
61K Followers 422 Following Director, America’s Cyber Defense Agency/Head Goalie, Team Cyber. Combat Veteran. Proud Mom. Rubik’s🧊 Enthusiast. Aspiring Electric 🎸. ❤️/RT ≠ endorsementCorgi @corg_e
48K Followers 3K Following ssh’d into the espresso machine // chaotic neutral // (mostly) harmless pentester // president @bsidesnash // organizes @defcon615Fran Donoso (@francis.. @Francisckrs
2K Followers 855 Following The analysis is severely limited by my lack of understanding of what I am doing. @[email protected] @francisck.bsky.socialOffice of the Nationa.. @ONCD
21K Followers 116 Following ONCD’s mission is to advance national security, economic prosperity, and technological innovation through cybersecurity policy leadership.C2 Matrix | #C2Matrix @c2_matrix
6K Followers 90 Following Matrix of Command and Control (C2) Frameworks #C2Matrix #RedTeam #BlueTeam #PurpleTeamVincent Le Toux (Pari.. @mysmartlogon
11K Followers 56 Following Author of #PingCastle, contributor to #mimikatz (DCSync, setntlm, DCShadow) and #OpenSC. Wrote GIDS applet, OpenPGP card driver on Windows and OpenSC stuff.Ryan Cobb @cobbr_io
11K Followers 490 Following Red Teamer | Hobbyist Software Developer | Operator @SpecterOps Developer: Covenant, SharpSploit, PSAmsimRr3b00t @UK_Daniel_Card
92K Followers 7K Following 真理的揭露者 Quis custodiet ipsos custodes fella in cyberspace #nafo undercover #FVEY Lovely Horse #fella #meme #farm #appreciator #cyber #specialistChris Davis @hee_nalu.. @chris_e_davis
66 Followers 215 Following primate at a keyboard | Red Team founder @AWSCloud | he/him | @[email protected]Jeff Dimmock @bluscreenofjeff
8K Followers 305 Following @SpecterOps | https://t.co/84xca2tQdx | Tweets are my ownOddvar Moe @Oddvarmoe
19K Followers 1K Following Red Teamer @TrustedSec | MS MVP | Speaker | Security Researcher | Blogger | Total n00b & always learning | UNC1194 | Tinkerer | Gamer I try to inspire!David Maynor @Dave_Maynor
15K Followers 6K Following No tree, it is said, can grow to heaven, unless it’s roots reach down to hell. Offensive Security, AI LLM Ops, hardware hackingAdrien B @Int2e_
2K Followers 89 Following Malware research and threat intel ex #DFIR responder at @MandiantJoe Vest @joevest
7K Followers 916 Following Red Teamer丨Author of Red Team Development and Operations https://t.co/LTiTgnGiyY 丨Don't let perfect be the enemy of good | @[email protected]dr.dennis.dever @RealHalpinian
8 Followers 207 FollowingJamie Williams @jamieantisocial
6K Followers 5K Following 🤘@mitreattack for Enterprise Lead, former ATT&CK Evals water distribution engineer (the artists known as #UNC1799), @DistrictHeather ♥️🍷, he/him.blackthornellc @blackthornellc
30 Followers 6 Following Blackthorne Consulting - https://t.co/0yLHTVFbkYCoreLabs Research @CoreAdvisories
4K Followers 18 Following @CoreSecurity and Cobalt Strike's CoreLabs Research team is dedicated to researching and anticipating future security trends. Follow for technical updates.Lesley Carhart @hacks4pancakes
168K Followers 7K Following ICS DFIR @dragosinc, martial artist, marksman, humanist, Lvl14 Neutral Good rogue, USAF Ret. Tweet *very serious* things about infosec. Thoughts mine. They/themCybersecurity and Inf.. @CISAgov
279K Followers 109 Following America's Cyber Defense Agency and National Coordinator for critical infrastructure security & resilience. Likes, RTs, follows ≠ endorsements.lol Fastly glad they banned red teams though
"...results reveal that domain fronting is feasible in 22 out of 30 CDNs tested, including some major CDN providers like Akamai and Fastly. This indicates that domain fronting remains widely available & can be easily abused for malicious purposes" -great😐 arxiv.org/abs/2310.17851
Physical assessments are just adult hide and seek
Why is every open source C2 framework over engineered and excessively difficult to develop a custom agent for
What everyone thinks getting a beachhead beacon is like: I'm in 😎 What it's actually like: oh God oh shit don't get caught don't get caught don't get caught
If I'm being honest... The real reason I want the Bills to trade up on Thursday night is so I can go to bed at a reasonable hour.
attack.mitre.org/techniques/T15…
Cisco warns that a group of state-sponsored hackers has exploited two zero days in its ASA security appliances to spy on government networks over the last several months. Sources close to the investigation tell us they suspect China. wired.com/story/arcanedo…
A tale as old as time right @thepacketrat
Yo. Stop giving on advice on shit you haven’t accomplished. Example, if someone is striving to take on the OSCP course and exam and you haven’t touched either, please STFU. They are looking for actionable advice to accomplish their goal not for you to to speak on shit you…
Its Noon on a Monday, and I've already had 2 calls with organizations that had more tools than they knew how to use / could use / had properly deployed / and were still asking for info on more. TOOLS ARE NOT THE ANSWER! You need to be measuring the efficacy of your stack 1st!
A gentle reminder: high quality security research is hard. Sometimes it's not about being tired or energized, in the zone or out of it, having a good or bad sleep; sometimes it's just that it's *hard*.
The Fallout show reminds me of how nerdy I can be. In 2016, I gave a talk on WebShells. The slides were themed as a RobCo terminal, and I'm wearing a hacker Valult Boy shirt.
On the pointlessness of "aligning" chat models to censor information I was able to get the llama 3 70B instruct model to give me direct instructions on manufacturing meth with 3 simple steps. It's probably possible to do with less, but in this thread I'll show one approach.
As someone at the Luke Combs concert tonight solo, all I'll say is don't be afraid to make memories alone. You only live once. Make the most out of every opportunity.