Olivia
Online
Constantin
@HackmichNet
Windows security novice ... Always try to learn something new ... Happy hacking
Joined June 2011
1.9K Following
464 Followers
4.1K Posts
Pinned Tweet
Extracting #Azure Access Tokens from various processes like #Word, #Excel, #PowerShell and many more.
https://t.co/SljokpRhI3
If you want to learn malware reverse engineering and have no idea where to start, this is it. RE101 takes you from zero to reversing real Windows malware. RE102 covers anti-RE techniques, encryption, VM evasion, and packing. PE Injection Study walks through extracting process injection techniques from Cryptowall. macOS workshop covers Mach-O headers, code caves, and dynamic library injection.
Hands-on labs. Downloadable VMs. Real malware samples. IDA Pro cheat sheet included.
Free. No paywall. No signup.
https://t.co/mpbBMNJWrT
Author: @malwareunicorn
#MalwareAnalysis #ReverseEngineering #InfoSec
One of the best FREE Windows exploit development and security research blogs out there. Kernel pool exploitation. PTE overwrites. HVCI and kernel CFG bypass. XFG internals. Browser type confusion. Kernel shadow stacks. Secure kernel internals. ARM64 Pointer Authentication bypass. ETW and PPL research.
Covers everything from ROP fundamentals all the way to cutting edge ARM64 and VBS security research. Still actively publishing in 2026.
https://t.co/tyfevXiWOp
Author: @33y0re
#ExploitDevelopment #WindowsInternals #ReverseEngineering
🧙 We built Grimoire: a single search box for every offensive playbook, fully offline.
Type ssrf, kerberoast, jwt, sudo and instantly hit the right page across more than 100 curated sources at once. 🔍⚡
I made this Windows security research toolkit for LPE, persistence, COM hijacking, and attack surface enumeration.
Leave a star and follow on GitHub so I can feed my 10 kids <3
https://t.co/esI60KXU2X
MSSQL has always been a favorite target. Now it ships its own egress channel.
@gershsec's latest research breaks down how SQL Server 2025's native AI features enable exfil, NTLM coercion, and C2 transport, all functioning as intended.
Read more 👇 https://t.co/ugDN4IcZXW
U2U powers UnPAC-the-Hash and chains into Shadow Credentials and ADCS ESC attacks, but most resources skip the “how.”
@GrayHatKiller breaks down Kerberos U2U auth from the RFC to Windows’ divergences—and why modern attacks rely on it.
https://t.co/Ci49LjpHwQ
yeh so anyways this is is a thing now (this is from yesterday, fwiw)
New blog post is up looking at what GEPA is, and how it can be used for refining prompts for security agents. https://t.co/Ps2uyGGz0s
How to Build Security Al Analyst agent in Defender XDR https://t.co/D4kGeD3T8B
Wrote a blogpost about how you can use the Windows server 2003 source code as a red teamer to make your tools look less like tools.
I also go over and map out the main/important files and practical examples of using it to augment MS-*/RFC specs: https://t.co/HfUYBAdCJJ
Most people learn security research by reading finished writeups. This one shows the actual process.
The messy, organic, step-by-step reality of reversing an unknown Windows mitigation from scratch. WinDbg. IDA. Hex Rays. Guard page violations. Trap flags. Zero prior knowledge of the target.
If you want to learn how to actually approach unknown Windows internals, start here.
https://t.co/Xq8xbSnG75
Author: @yarden_shafir
#ReverseEngineering #WindowsInternals #InfoSec
Cleaned up my old ETW notes from Obsidian and put them into one post.
No new research here.
Just a practical map of the parts I keep coming back to, providers, sessions, kernel loggers, ETWTI, tampering, and detection.
https://t.co/e068LAH8p7
Can you fix Opus 4.8/4.7 to work for offensive security with proper cyber validation approval? I’m a big fan of Claude code but at this point it’s unusable. 4.6 is usable but it’s hard to justify/advocate for the spend of a model 2 versions behind frontier. @bcherny @AnthropicAI
Round two!
Yesterday was one report, here’s another: an unpatched NTLM coercion via the Windows Search (search-ms://) URI handler.
Same questions about how it got handled. It’s all in the writeup, timeline included.
https://t.co/eMbyEGbx8b
Bring Your Own Trusted Binary (BYOTB).
Tools, tunnels and trusts, a post by David Kennedy (@JUMPSEC)
Source: https://t.co/DsCEO7HQbW
#redteam #blueteam #maldev #malwaredevelopment
Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks. https://t.co/QTnbJID5UK
My latest blog post: Using BYOVD to loot LSASS bypassing HVCI and all other security protections built in to Windows 11 25h2:
https://t.co/xuKSBQSwYr
Precious Gemstones: The New Generation of Kerberos Attacks
https://t.co/HLXk5uxPz6
Best malware analysis blogs on the internet:
Malware Unicorn → https://t.co/ctP9ISZeC5
Hexacorn → https://t.co/cUtJxUUaGV
Didier Stevens → https://t.co/2swSJFTQrR
DFIR Report → https://t.co/7IjW1sjoRU
Malware Traffic Analysis → https://t.co/Cptin440m2
MalwareTech → https://t.co/H8uYA8FFzy
Elastic Security Labs → https://t.co/VtBvJNHn6z
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.7M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers