English
English Español Português Pусский Deutsch Français Itaaano Nederlands Polski Indonesia العربية ไทย Tiếng Việt Türkçe 繁體中文 简体中文 日本語 한국어
@shellcromancer Profile picture

Daniel Stinson

@shellcromancer

Threat Detection & Response @ Brex, xCloudflare. Hobbyist reverse engineer of things. Dogs are clearly better than people.

373Posts 1KFollowers 2KFollowing
Similar User
Chris Beckett photo

@cbecks_2

Silas Cutler (p1nk) photo

@silascutler

Stairwell photo

@InsideStairwell

Greg Lesnewich photo

@greglesnewich

ACE Responder photo

@ACEResponder

Tony Lambert photo

@ForensicITGuy

Zack Allen photo

@techyteachme

Chuong Dong photo

@cPeterr

Bryce photo

@bryceabdo

J⩜⃝mie 🔜 CWC 🪖⌨️ photo

@jamieantisocial

Ramin Nafisi photo

@MalwareRE

avallach (@xorhex@infosec.exchange) photo

@xorhex

John photo

@BitsOfBinary

The Vertex Project photo

@vtxproject

AmitaiBs3 photo

@AmitaiBs3

Pinned
shellcromancer Profile Picture
Daniel Stinson
 @shellcromancer
28 Feb 2023

Check out audit-logs.tax - we want to crowdsource a list of vendors who don't prioritize high quality, widely available audit logs. We started with a list of apps we're focused on but happy to take issues/PRs for logs you're focused on: github.com/shellcromancer…

Profile Picture
julie agnes 🌈
 @JulieASparks
28 Feb 2023

🧵 Have you ever been trying to ingest audit logs as a security engineer and been frustrated by the quality and cost of the logs? Well so were @shellcromancer and I, so here's an attempt to get them to prioritize the security engineer as a core customer: audit-logs.tax

4
6
38
3
10K
Tweet Image
GitHub - shellcromancer/audit-log-wall-of-shame: Audit log wall of shame.
Source: https://t.co/9nmVI91p6z
1
7
25
4
6K
Daniel Stinson Reposted
ejcx_ Profile Picture
evan j
@ejcx_
4 Sep

Today @RunReveal is announcing support for sigma detections and open sourcing our sigma rule evaluator, sigmalite. Read the blog, and check out the code! sigmalite.dev blog.runreveal.com/introducing-si…

Tweet Image
Introducing Sigmalite. RunReveal's open source sigma rule evaluator for detection
Source: https://t.co/yDB7uZQyAj
2
15
42
15
7K
shellcromancer Profile Picture
Daniel Stinson
 @shellcromancer
23 Aug

Pretty 🔥 how Sigma v2 has a modifier for base64 now 👏 blog.sigmahq.io/introducing-si…

Profile Picture
Daniel Stinson
 @shellcromancer
22 Jan

YARA has had obfuscation modifier like xor since 2018, and base64 in 2020 — 6 years later why don’t SIEMs or intermediate detection languages like Sigma support these??? It keeps detection logic more resilient to adversary changes and readable 🤔 github.com/VirusTotal/yar…

0
0
3
0
683
Tweet Image
Introducing Sigma Specification v2.0
Source: https://t.co/Cnzs4joK5d
0
0
4
0
364
Daniel Stinson Reposted
birchb0y Profile Picture
alden
 @birchb0y
25 Apr

my first blog post since starting at @HuntressLabs just dropped! 🔥 @stuartjash and I take a look at the recently discovered macOS #LightSpy variant and highlight some of the major differences between it and the iOS version!🍎 huntress.com/blog/lightspy-…

Tweet Image
LightSpy Malware Variant Targeting macOS | Huntress
Source: https://t.co/STVKOHqBvr
8
54
139
24
37K
shellcromancer Profile Picture
Daniel Stinson
 @shellcromancer
23 Apr

You asked, they delivered. MITRE ATT&CK has AI now! 🤣 attack.mitre.org/techniques/T15…

0
1
4
0
561
shellcromancer Profile Picture
Daniel Stinson
 @shellcromancer
17 Apr

Great distinction on how the industry should look at threat actors like Sandworm/APT44 (🪱) , absolute🔥🧵 and report!

Profile Picture
Daniel Stinson
 @shellcromancer
22 Jan

YARA has had obfuscation modifier like xor since 2018, and base64 in 2020 — 6 years later why don’t SIEMs or intermediate detection languages like Sigma support these??? It keeps detection logic more resilient to adversary changes and readable 🤔 github.com/VirusTotal/yar…

0
0
3
0
683
0
0
1
0
106
Daniel Stinson Reposted
RustyNoob619 Profile Picture
Yashraj Solanki
 @RustyNoob619
10 Apr

#100DaysofYARA Final post on the challenge for this year, just wanted to share the awesome swag that I received today courtesy of @greglesnewich It was an absolute pleasure participating along side others 🐧 Catch you all next year, until then, stay frosty...

Tweet Image 1
1
1
11
0
865
Daniel Stinson Reposted
RustyNoob619 Profile Picture
Yashraj Solanki
 @RustyNoob619
9 Apr

#100DaysofYARA I think this challenge was a huge success... Kudos to @greglesnewich for creating such an awesome initiative, @fr0gger_ for building YARA toolkit which was super handy, @stvemillertime for the motivation 🐧 I also wrote a Blog on it ⬇️ rustynoob-619.github.io/100-Days-of-YA…

Tweet Image 1
3
4
31
13
3K
Daniel Stinson Reposted
greglesnewich Profile Picture
Greg Lesnewich
 @greglesnewich
31 Mar

#100DaysofYARA it’s the home stretch and we’ve got 3 participants charging towards the finish! @de3ev @RustyNoob619 @petermstewart Show them some love for taking this challenge head on and having the boldness to showcase their YARA journey in public!

5
5
38
3
3K
👾👾 Co-Founder of @RunReveal . 🐄🐄 Former Cloudflare Sr. Director of Security Engineering. JMU Double Duke. There's always more to learn.

evan j

@ejcx_
🇺🇸 🇭🇺 History Enthusiast. Detection & Response Engineer. Currently Security @Datadoghq // Previously @Brexhq @Cloudflare

julie agnes 🌈

@JulieASparks
Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇

Florian Roth ⚡️

@cyb3rops
It's Kari but Karl is fine too. Draws pictures for Cloudflare 🌥

Kari Linder 🎨

@kkblinder
CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars

Justin Elze

@HackingLZ
dale cooper is my spirit animal. opinions are mine. the good content is on bsky now: https://t.co/aw17Tnlzab

Josh Liburdi

@jshlbrd
🛠 🍎 👾 Objective-See'ing & DoubleYou'ing

Patrick Wardle

@patrickwardle
Threat Intel Researcher @Unit42_Intel, formerly 'Jamie from @mitreattack', #UNC1799 forever🤘, @DistrictHeather ♥️,🍷🍷🍷, he/him.

J⩜⃝mie 🔜 CWC 🪖⌨️

@jamieantisocial
Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvil

Will

@BushidoToken
great, now I'm on twitter

Greg Lesnewich

@greglesnewich
cyber-physical intel @google writing & sharing on adversary tradecraft, malware, threat detection, ics/ot intel and all things #yara

Steve YARA Synapse Miller

@stvemillertime
Head of Research and Discovery @Google Threat Intelligence. Leading multidisciplinary teams to defeat adversaries. Posts are attributable to me—not my employer.

Andrew Thompson

@ImposeCost
Security Geek at Thinkst. We build https://t.co/Sv6Gp3sG6b

haroon meer

@haroonmeer
(he/him) Herder of cats, builder of security programs. Staff @hopeconf & @radiostatler. Ex-sib/tweep. Nerd/Hacker/Maker/Cocktail Fan @techdarko@infosec.exchange

(tech)Darko||Dan

@techdarko
Security Operations Manager @brexhq | Love a good crisis | Inappropriate sense of humor | Silly dancing aficionado | she/her

Jessica Rozhin

@JessicaRozhin
Reigning Sixth Man of the Year | Product @cloudflare ⛅️

Abe Carryl

@mrlincolnlogs
Dad / Husband / Marine / Student / Teacher / @Hak5 / @NoVAHackers / @SiliconHBO / @NationalCCDC / @MARFORCYBER Auxiliary

Rob Fuller

@mubix
Christian. Killer grizz w/ a keyboard. Threat Intel & Thrunter. Hack things w/ @bsides_nova. Black Badge @DEFCON & C&E Goon. GSE #344. (VIEWS ARE MY OWN).

☠️ Andy Piazza ☠️

@klrgrz
Finding bad browser extensions Work: https://t.co/dhLUjMRP1I l Home: https://t.co/fHAinX4UdA

tuckner

@tuckner
Author/Operator of @ScumBots. Blue Team by day, Blue Team by night. Opinions, typos, and bad grammar do not represent my employer. He/Him

Paul Melson

@pmelson

Azra Jeffirs

@AzrJeffi

Lynna Whiter

@LynnaWhite26399

Willa Garten

@garte_will

Donald Holdren

@DonaldH12055

Michaela Buchanan

@MichaelaBu75827

Speighs

@SpeighsfCcX7gz

Milena Bogus

@milen_bog
Detection Engineer @PwC | Posting cyber security & tech opinions | BSky: https://t.co/Qs98O2DjC8

Richard Ackroyd

@rfackroyd

Florrar

@FlorrarsC5C
🐸☕️

Bushman

@__fawkesguy___
Detection & Response Engineer • Threat Hunter • Threat Researcher • 🇬🇧💙🎣⛰🍻 • Opinions are my own

David French

@threatpunter

Andrew McCallum

@atr8472

Soumpes

@SoumpeslbARCeq
Get the inside scoop on US 📊stocks 📈currencies 💰 and join our training course! Limited seats available 👉https://t.co/4lGTlT76HZ

Linda

@Linda330038717
Founder & CEO @useorigin - Making Money Easy Previously Founder @ Indio (acq)

Matt Watson

@_M_Watson

Nysmeart

@NysmeartOJ4cm

Deloris

@delorishale46
Just a random person trying to achieve something 🙄

Mohit Chaudhary

@mkmohit257

Diana Creedon

@DianaCreed67671
🏩Elise / My free content👇

Elise Cose

@CoseEli

Dolly Grossetete

@DollGrosset

Aminah Bettinson

@AminBettin

Nalani Bonini

@nala_boni
19 ~ My free content👇💙

Marisela Fulwood

@m_fulw

Crissy Markwell

@MarkweCriss

Anastasia Perilli

@PerilAnastasi

Brooke Domianus

@DomianBroo
Detection Engineer. Data Scientist. Diver. Building Petra Security (YC W24). Prev @abnormalsec, CS + Math @DukeU '22

Adithya Vellal

@avellal14
#OSINT? - Contact me at https://t.co/qstIdu9Jul

BTCINTELL

@sharedoperroom

Michelle Luague

@LuaguMiche

Amelia-rose Spadard

@spadard21622

Naomi Fenlon

@naom_fen

Stacey Moravek

@MoravekSta35513

Shursnirt

@ShursnirtvdaSl

Apolonia Melling

@ApoloniMellin

Felisha Hebdon

@feli_heb
Loading... will be back soon. Github: https://t.co/UfNSH9zypD

Josh Strickland

@_N0vaSky

Katie Gionfriddo

@Gionfriddo8036
CEO & Founder @Nadrama_com 😎 Prev: @Flippa, @Xero, @Cloudflare. Production-ready containers in your cloud account, in minutes, at https://t.co/QcxVdJaFhz

Ryan Djurovich 😎

@ryan0x44

Mankivsky

@Mankivsky1
Security Researcher

𝅙

@joaovarelas
Detection engineer

Cooper Edmunds

@cooperedmunds
Cofounder, CTO @ssoready (YC W24). Used to work at @gem_software @segment. I just love enterprise software, man.

Ulysse Carion

@ucarion
Cofounder and CEO @SSOReady (YC W24) Formerly @Gem_software, @BCG and also some other stuff before that

Ned O'Leary

@_____eko
The largest collection of malware source code, samples, and papers on the internet. Password: infected

vx-underground

@vxunderground
👾👾 Co-Founder of @RunReveal . 🐄🐄 Former Cloudflare Sr. Director of Security Engineering. JMU Double Duke. There's always more to learn.

evan j

@ejcx_
🇺🇸 🇭🇺 History Enthusiast. Detection & Response Engineer. Currently Security @Datadoghq // Previously @Brexhq @Cloudflare

julie agnes 🌈

@JulieASparks
Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇

Florian Roth ⚡️

@cyb3rops
A little bit geek, wonk, and nerd. Repeat entrepreneur, recovering lawyer, and former ski instructor. Co-founder & CEO of Cloudflare (NYSE: NET).

Matthew Prince 🌥

@eastdakota
Hacker. Friend. Cybersecurity Researcher @HuntressLabs || https://t.co/qUeDM3lSCl

John Hammond

@_JohnHammond
Cloudflare is the world’s leading connectivity cloud, and we have our eyes set on an ambitious goal — to help build a better Internet.

Cloudflare

@Cloudflare
Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Podcast. Fam First/Hacker/CSO/USMC/Intel/Fitness. Motto: Make world a better place

Dave Kennedy

@HackingDave
Weird security voyeur. Vibe merchant. CISO of your 🩷 Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast. I like crime actors.

💻 Sherrod DeGrippo 🛸

@sherrod_im
founder & hacker @xintraorg ⚔️🖤 UwU

✞ inversecos

@inversecos
It's Kari but Karl is fine too. Draws pictures for Cloudflare 🌥

Kari Linder 🎨

@kkblinder
CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars

Justin Elze

@HackingLZ
Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @likethecoins@infosec.exchange

Katie Nickels

@likethecoins
Consultant for InfoSec Innovations | @SANSInstitute Principal Instructor | @IANS_Security Faculty | I like information security. How about you?

Mick Douglas 🇺🇦🌻

@bettersafetynet
dale cooper is my spirit animal. opinions are mine. the good content is on bsky now: https://t.co/aw17Tnlzab

Josh Liburdi

@jshlbrd
🛠 🍎 👾 Objective-See'ing & DoubleYou'ing

Patrick Wardle

@patrickwardle
Not here anymore. Profiles: https://t.co/sFoOuGmYK2

MalwareTech

@MalwareTechBlog
Texan in 🇵🇹. Emerging Technology @Cloudflare. I spend most of my free time walking a dog named Mopac.

sam rhea

@LakeAustinBlvd
hacker, weird machine mechanic, exploit dev @xforce

chompie

@chompie1337
Threat Intel Researcher @Unit42_Intel, formerly 'Jamie from @mitreattack', #UNC1799 forever🤘, @DistrictHeather ♥️,🍷🍷🍷, he/him.

J⩜⃝mie 🔜 CWC 🪖⌨️

@jamieantisocial
Internal tech industry emails that surface in public records. 🔍

Internal Tech Emails

@TechEmails
Creator @datasetteproj, co-creator Django. PSF board. @nichemuseums. Hangs out with @natbat + @cleopaws. He/Him. Mastodon: https://t.co/t0MrmnJW0K

Simon Willison

@simonw
Building @loops (YC W22) - The email platform for SaaS

Chris Frantz

@frantzfries
Bad for the economy | ✉️ daniel@hey.com

Daniel Vassallo

@dvassallo
Founder & CEO @useorigin - Making Money Easy Previously Founder @ Indio (acq)

Matt Watson

@_M_Watson
Purpose-built for planning and building products. Streamline issues, projects, and product roadmaps.

Linear

@linear
BDFL @EffectTS_, CEO @EffectfulTech, Co-Founder @matechsdigital. Expect posts about TS & FP. Personal alt @OptVegaPunk

Michael Arnaldi

@MichaelArnaldi
Partner at YC

Michael Seibel

@mwseibel
19. passionate builder and serial shipper. building @SupermemoryAI, winner @_buildspace, 2x acq founder, ex @Cloudflare. @Neo scholar finalist. Tech @sunhacksio

Dhravya Shah

@DhravyaShah
Detection Engineer. Data Scientist. Diver. Building Petra Security (YC W24). Prev @abnormalsec, CS + Math @DukeU '22

Adithya Vellal

@avellal14
🌱 Building opensource stuff at @unjsio • @nitrojsdev • @nuxt_js

Pooya Parsa 🦋

@_pi0_
We are a non-profit international standardization organization of individuals and companies committed to enabling, promoting and protecting OpenID technologies.

OpenID

@openid
Identity, OpenID Connect, OAuth 2.0, SSO, Authorization, Authentication, Technical Standards. Node.js core collaborator.

Filip Skokan

@_panva
Beautiful UI components, crafted by the creators of @tailwindcss.

Tailwind UI

@tailwindui
@vercel CEO

Guillermo Rauch

@rauchg
Designer @linear • Previously cofounder @risecal

Emiel Janson

@emieljanson
👨‍💻 Software Developer @documenso ✍️ Helping people get started with writing @ https://t.co/lrMzneYWwI

Catalin

@catalinmpit
Airbnb

Brian Chesky

@bchesky
Engineering leader, @GoogleChrome • Author • Great user & developer experiences • @ChromiumDev @ChromeDevTools • @____lighthouse • @ChromeUXReport

Addy Osmani

@addyosmani
building → @vercel - @v0 - https://t.co/HJcOr0AUAr / subscribe → https://t.co/oFiSF6zXrh

shadcn

@shadcn
👨‍💻 Staff Engineer at @brexhq, leading web and mobile platform. I love writing about software, teams, productivity, and more. Almond croissant expert 🥐

Konstantin

@getKonstantin
ceo of @linear | previously: design at @airbnb, @coinbase. yc alumn (s12). 🇫🇮

Karri Saarinen

@karrisaarinen
Co-founder @linear, previously senior staff engineer @Uber

Tuomas Artman

@artman
macOS Security | by @stuartjash

Crash Security

@crash_security
CEO of the System Initiative, Co-Founder of Chef. Sustainable free and open source software communities. Music. He/Him. bluesky: @adamhjk.me

Adam Jacob

@adamhjk
CTO & Co-Founder @ConductorOneInc

Paul Querna

@pquerna
Entrepreneur & Investor

Elad Gil

@eladgil
🦋 ➡️@evilpacket.net - Join me over on bluesky - https://t.co/OdoC3KGxXn

Adam Baldwin

@adam_baldwin
If you are not willing to risk the unusual, you will have to settle for the ordinary.

Peculiar Ventures

@peculiarventure
Your #1 source for everything tax. News, commentary, analysis. Nonpartisan nonprofit. #LetsTalkTax & #TaxTwitter | Follow our journalists: https://t.co/1qgIlqOjrz

Tax Notes

@TaxNotes
I'm a big name in deep space, ask your mates

Passle

@passle_
Cofounder, CTO @ssoready (YC W24). Used to work at @gem_software @segment. I just love enterprise software, man.

Ulysse Carion

@ucarion
Rippling payroll & HRIS admin, CEO. Nothing here should be construed as investment advice nor used in any investment decisions related to Rippling.

Parker Conrad

@parkerconrad
Cofounder and CEO @SSOReady (YC W24) Formerly @Gem_software, @BCG and also some other stuff before that

Ned O'Leary

@_____eko
Security guy. https://t.co/PsBN05Eqsb || https://t.co/U2xuM1N95Z || https://t.co/npQi7LLTn1 || https://t.co/JUIQS205kQ

Omkhar Arasaratnam

@_omkhar
prop trader || equities, macro and micro || NYC & TLV ||

ace $

@acemoney21
I make things with computers. Discuss identity, security and privacy in network systems, among other interests. Work @okta. Build @passportjs.

Jared Hanson

@jaredhanson
Run web, AI, & app servers close to your users on CPUs and GPUs. Deploy and scale your app in minutes at https://t.co/ftpvlpWmnU.

Fly.io

@flydotio
Former public school teacher turned Montessori education advocate. 🎯 | Writer @guidepostschool 🪶 | Idealistic step-mom to 11yo & 9yo 🏔

Samantha Joy

@_samantha_joy
Vulnerability researcher

Michael Coppola

@mncoppola
We're making JavaScript better.

TC39

@TC39
Opinions are not my own. As soon as I say something I become new me who hates anything old me did. CEO of HTMX

JLarky

@JLarky
Software person. Building @jsr_io and @deno_land. Creator of Fresh. @tc39 delegate. he/him 🏳️‍🌈🌍🌻💚

Luca Casonato 🏳️‍🌈

@lcasdev
Moving the Internet's security-sensitive software infrastructure to memory safe code, a project from ISRG.

Prossimo

@ProssimoISRG
@platformatic Co-Founder & CTO, @nodejs TSC member, Lead maintainer @fastifyjs, Board @OpenJSF, Conference Speaker, Ph.D. Past: @nearform. Views are my own.

Matteo Collina

@matteocollina
software engineer/nerd/teacher/will try anything once; surgeon with git rebase. @TC39 ex @Coinbase/@Airbnb/@Twitter/@MobBase. Fav punctuation ⸮, scent petrichor

Jordan Harband

@ljharb
High Performance Coach To Entrepreneurs | Helping 1 million transform their lives by 2027. Tweets on health optimization. Sign up for a free strategy call 👇🏽

Dan Go

@FitFounder
CEO @ OffCell Research / Head of Security Engineering @ WitnessAI

Mathew Solnik

@msolnik
Founder and software engineer at @agathist_ Building good software with good people. TypeScript, React & more. AuDHD. He/him.

Kyle Shevlin

@kyleshevlin
working on 📎 @ msft / express tc - he/him views are my own

Jon Church

@jonchurch
United States Trends
Who to follow

Something went wrong.


Something went wrong.