This post was originally published here by Danny Akacki.

On the heels of our “Hunting For Web Shells” webinar, I wanted to follow up with a short post that came from an attendee question. I’m paraphrasing here but it was something along the lines of,

“I’m new to the infosec world, where can I go to learn more about things like web shells or overall information security?”

My answer was immediate and unequivocal, Twitter is where you need to be. I don’t know where I’d be today both in the evolution of my career as a person without such an epic treasure trove of people and information readily available 24 hours a day, 7 days a week, 365 days a year.

Any time there is a new breach, new technology, or new hacker philosophy, you can find at least 20 people with opinions on any subject, research to back up their opinions and others commenting on it. The hacker community has carved a deep niche into the Twitterverse and whether you’re new to this field or well worn and battle scarred, there is never a shortage of education to be found there.

For the sake of my sanity and yours, I’m not releasing the entire InfoSec Social Media firehose on you all at once, I have started with two of my main areas of interest, Digital Forensics and Incident Response (DFIR) and Offensive Security (Red Teaming, Penetration Testing, etc.). The third list is a snippet of a larger list that I’ve curated over the last year or so. It’s an excerpt of my “Quality Over Quantity” list. If I deleted my Twitter tomorrow and started all over again, this is the list of people I’d re-follow immediately. The official list about 80 accounts long but I have narrowed it down to my Top 20. A painful endeavor I assure you.

So, without further ado but with some caveats, I present some of my favorite InfoSec Twitter accounts. These are people and pages that have helped shaped my hacker worldview for the better. Now for the caveat, this is by no means an exhaustive list. I’m sure someone will tell me I’ve made a grave oversight at not mentioning some of their favorite people. I welcome those comments because I’m always looking for new and interesting accounts to follow. We can all stand to learn something new. Enjoy.

P.S. Shameless plug, you can also find me at


Andrew Case –  Core developer at Volatility, and  Direrctor of Research at Volexity

Jessica Payne – Security Person at Microsoft

Devon Kerr – R&D expert at EndGame Inc.

Paul Jaramillo – DFIR expert and host of the cyberguardians blog

Jake Williams – Founder of Rendition Infosec

Phill Moore – Blogger at

SANS DFIR – Official SANS DFIR account

Matt Bromiley – Incident responder, SANS instructor

Matthew Dunwoody – Incident response consultant at Mandiant  

Nick Carr – Adversary detection and incident response at Mandiant/Fireeye

John D. Swanson – Blogger at

Josh Liburdi – Former security technologist at Sqrrl

Jack Crook – Principal Incident Responder for Fortune 10 Company

Chris Sanders – Founder at Applied Defense

Paul Melson – Blogger at

David J. Bianco – Threat Hunting expert, manages

Jackie Stokes – Cybersecurity Leader at Accenture

Alan Orlikoski – Incident Responder and Log Analyst

Phil Hagen – Infosec blogger at

Stephen Hinck – DFIR and infosec analyst


Chris Gates – Blogger at

Khalil Sehnaoui – Founder at Krypton Security

Red team wrangler – Red teamer and fabricator

Ed Skoudis – Pen testing and incident response

Offensive Security – Official account of Offensive Security training

Sneakerhax – Red Team Microsoft and Sneakerhead

Vuln Hub – Official twitter account for Vuln Hub

SANS PenTest – SANS content relevant to the Penetration Testing community

Cannibal – Former medical infosec specialist, currently at Phobos Group

Jason Wood – Founder at Paladin Security

Carlos Perez – host of security weekly podcast

Sean Secure – Red team lead for target

Caston Perla – OSCP and red teamer

Beau Bullock – Host of Tradecraft Security Weekly

Harmj0y -co-founder of  Empire, BloodHound and the Veil-Framework

KaliTut – A blog dedicated to Penetration Testing, Tutorials on hacking and security

My personal “Quality Over Quantity” list.

Jayson Street – VP of InfoSec at SphereNY

Lesley Pancakes – DFIR & OSINT specialist

Da_667 – author of “Building Virtual Machine Labs: A Hands-On Guide”

Peiter Zatko/Mudge – Formerly at L0pht/DARPA

Hacker – Developer at Cobalt Strike

3ncr1pt3d – InfoSec analyst & researcher

Dave Kennedy – Founder at TrustedSec

The grugq – security researcher and blogger at

April C. Wright – Blogger at

Katie Moussouris – Founder at

Lenny Zeltser – Blogger at

Tavis Ormandy – Vulnerability researcher at Google

Dan Tentler – Founder at the Phobos Group

Rob Fuller– Blogger at

Magen Wu – Senior security consultant at Rapid7

HumanHacker – Official account of SEORG

If you want to learn more about hunting for web shells, be sure to check out “Three Threat Hunting Starting Points.” Additionally, if you have insights into information security or hunting, be sure to add your voice on Twitter.



No posts to display