Olivia
Online
Marat Nigmatullin
@_mnigma_
Hacking & Researching @falconforceteam | Ex-Unit 42
Netherlands
Joined June 2019
132 Following
113 Followers
378 Posts
Next august, we'll host our newly designed advanced defensive engineering training at @BlackHatEvents in Las Vegas. Next to detection engineering we'll also cover topics like enrichment, lifecycle management and AI. There are still some spot left!
https://t.co/2mD07Fu3HM
Last week, we joined @SpecterOps' SO-CON conference in Arlington, US. It has been an exciting week, with two FalconForce presentations on stage from @_mnigma_ and @olafhartong .
We look back at a great time at SO-CON!
CyberArk is built to protect your crown jewels, but what if it becomes the attack path?
@_mnigma_ shows how misconfigurations in PVWA & CCP can be abused to extract credentials and escalate privileges in just a few steps. #SOCON2026
In one week I will be presenting at @SpecterOps SO-CON 2026 about CyberArk PAM. I will share our practical experience and insights on PVWA edge cases and CCP API misconfigurations. #SOCON2026
More information and registration: https://t.co/dHORi2Jooo
FalconForce is proud to be part of @SpecterOps' SO-CON conference in April.
And this year, there’s not one but two FalconForce talks at #SOCON!
More information and registration: https://t.co/lDO1QFpNux
At FalconForce, we are always looking to enhance our detection engineering practices. In our latest #FalconFriday blog, we present the applied research that was done and our observations on near-real-time (NRT) analytic rules in practice: https://t.co/vDjMWhS3KZ
New year, new training dates! First stop of the year will be at @1ns0mn1h4ck, March 16-18 in Lausanne, Switzerland. Tickets for my Entra ID class are now on sale. More info and registration: https://t.co/DmFc24HKwW
Happy New Year! 2026 has started and we are eager to share with you our ambitions for this brand-new year.
Read the full post: https://t.co/ID7u2L64Wt
Thrilled to speak at @SpecterOps SO-CON 2026! 🔥 Expect to learn about CyberArk PVWA edge cases & common CCP API misconfigurations to access "hidden" secrets: "4 GET requests = 3 Domain Admins – CyberArk magic you didn't know." #SOCON2026
FalconForce is proud to be part of @SpecterOps' SO-CON conference in April 2026. @_mnigma_ will present a talk on abusing misconfigurations in #CyberArk to get high privileges: “4 Get requests = 3 Domain admins: CyberArk magic you didn’t know about”.
https://t.co/lDO1QFpNux
#MDE custom collection is finally in public preview! It's a centrally managed solution to improve visibility and detection opportunities.
We're releasing a management tool and rule repository in YAML format to share new rules with the community.
https://t.co/kxit8fFjhU
Back in July, Neeraj Gupta introduced DeepPass2, a smarter secret scanner that finds both API keys/tokens & contextual passwords using BERT + LLM validation.
The model & tool code are now live!
Model ➡️ https://t.co/dzFnhyHW6J
Code ➡️ https://t.co/N2aShS3xYg
🧵: 1/2
What happens when the User-Account-Restrictions property gets misconfigured?
Spoiler: It's not good. From account compromise to full domain takeover, @unsigned_sh0rt breaks down why this permission set is more dangerous than most realize. https://t.co/czepcA58Qu
Big thanks to @MDSecLabs & @OutflankNL for organizing #RedTreat 🙌 Great content, awesome panel discussions, and amazing people. Thanks to all the presenters and to the new people I had the chance to meet🫶
#RedTreat2025 is a wrap @StanHacked @MarcOverIP - thanks to all the speakers and the panel team for an extra awesome con this year 🫶
Made a thing, mucking about with python and a LDAP browser concept to ingest straight into BloodHound, simple LDAP browser using PyQt as a GUI and neo4j-driver to ingest into BH. Coming Soon #itstimetobrowse
During my #BHUSA talk I've released many ETW research tools, of which the most notable is BamboozlEDR. This tool allows you to inject events into ETW, allowing you to generate fake alerts and blind EDRs.
https://t.co/Gnz0ssUXYN
Slides available here:
https://t.co/2zhhBe83Df
In about an hour I’ll present my talk I’m in your logs now, deceiving your analysts and blinding your EDR at #BHUSA25 @BlackHatEvents in Islander E/I. Come and hang out!
One of the least discussed topics in detection engineering is maintenance. But why is no one talking about this? In this first blog we explore its relevance to #detectionengineering and the paradox that keeps us awake at night. Enjoy!
https://t.co/18u2SD6EFG
Just me exploring new undocumented Entra APIs and doing some TTD to make Device Registration Service to change some Device attributes🙂
https://t.co/XTZM2GDowL
.NET GAC and NIC hijacking for lateral movement: https://t.co/1AIxHyrnVn
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers