This post was originally published here by Danny Akacki.
On the heels of our “Hunting For Web Shells” webinar, I wanted to follow up with a short post that came from an attendee question. I’m paraphrasing here but it was something along the lines of,
“I’m new to the infosec world, where can I go to learn more about things like web shells or overall information security?”
My answer was immediate and unequivocal, Twitter is where you need to be. I don’t know where I’d be today both in the evolution of my career as a person without such an epic treasure trove of people and information readily available 24 hours a day, 7 days a week, 365 days a year.
Any time there is a new breach, new technology, or new hacker philosophy, you can find at least 20 people with opinions on any subject, research to back up their opinions and others commenting on it. The hacker community has carved a deep niche into the Twitterverse and whether you’re new to this field or well worn and battle scarred, there is never a shortage of education to be found there.
For the sake of my sanity and yours, I’m not releasing the entire InfoSec Social Media firehose on you all at once, I have started with two of my main areas of interest, Digital Forensics and Incident Response (DFIR) and Offensive Security (Red Teaming, Penetration Testing, etc.). The third list is a snippet of a larger list that I’ve curated over the last year or so. It’s an excerpt of my “Quality Over Quantity” list. If I deleted my Twitter tomorrow and started all over again, this is the list of people I’d re-follow immediately. The official list about 80 accounts long but I have narrowed it down to my Top 20. A painful endeavor I assure you.
So, without further ado but with some caveats, I present some of my favorite InfoSec Twitter accounts. These are people and pages that have helped shaped my hacker worldview for the better. Now for the caveat, this is by no means an exhaustive list. I’m sure someone will tell me I’ve made a grave oversight at not mentioning some of their favorite people. I welcome those comments because I’m always looking for new and interesting accounts to follow. We can all stand to learn something new. Enjoy.
P.S. Shameless plug, you can also find me at www.twitter.com/dakacki
Andrew Case – Core developer at Volatility, and Direrctor of Research at Volexity
Jessica Payne – Security Person at Microsoft
Devon Kerr – R&D expert at EndGame Inc.
Paul Jaramillo – DFIR expert and host of the cyberguardians blog
Jake Williams – Founder of Rendition Infosec
Phill Moore – Blogger at https://thinkdfir.com/
SANS DFIR – Official SANS DFIR account
Matt Bromiley – Incident responder, SANS instructor
Matthew Dunwoody – Incident response consultant at Mandiant
Nick Carr – Adversary detection and incident response at Mandiant/Fireeye
John D. Swanson – Blogger at https://swannysec.net/
Josh Liburdi – Former security technologist at Sqrrl
Jack Crook – Principal Incident Responder for Fortune 10 Company
Chris Sanders – Founder at Applied Defense
Paul Melson – Blogger at http://pmelson.blogspot.com/
David J. Bianco – Threat Hunting expert, manages http://detect-respond.blogspot.com/
Jackie Stokes – Cybersecurity Leader at Accenture
Alan Orlikoski – Incident Responder and Log Analyst
Phil Hagen – Infosec blogger at http://stuffphilwrites.com/
Stephen Hinck – DFIR and infosec analyst
Chris Gates – Blogger at http://carnal0wnage.attackresearch.com/
Khalil Sehnaoui – Founder at Krypton Security
Red team wrangler – Red teamer and fabricator
Ed Skoudis – Pen testing and incident response
Offensive Security – Official account of Offensive Security training
Sneakerhax – Red Team Microsoft and Sneakerhead
Vuln Hub – Official twitter account for Vuln Hub
SANS PenTest – SANS content relevant to the Penetration Testing community
Cannibal – Former medical infosec specialist, currently at Phobos Group
Jason Wood – Founder at Paladin Security
Carlos Perez – host of security weekly podcast
Sean Secure – Red team lead for target
Caston Perla – OSCP and red teamer
Beau Bullock – Host of Tradecraft Security Weekly
Harmj0y -co-founder of Empire, BloodHound and the Veil-Framework
KaliTut – A blog dedicated to Penetration Testing, Tutorials on hacking and security
My personal “Quality Over Quantity” list.
Jayson Street – VP of InfoSec at SphereNY
Lesley Pancakes – DFIR & OSINT specialist
Da_667 – author of “Building Virtual Machine Labs: A Hands-On Guide”
Peiter Zatko/Mudge – Formerly at L0pht/DARPA
Hacker – Developer at Cobalt Strike
3ncr1pt3d – InfoSec analyst & researcher
Dave Kennedy – Founder at TrustedSec
The grugq – security researcher and blogger at https://medium.com/@thegrugq/
April C. Wright – Blogger at https://architectsecurity.org/blog/
Katie Moussouris – Founder at http://lutasecurity.com/
Lenny Zeltser – Blogger at https://zeltser.com/
Tavis Ormandy – Vulnerability researcher at Google
Dan Tentler – Founder at the Phobos Group
Rob Fuller– Blogger at https://room362.com/
Magen Wu – Senior security consultant at Rapid7
HumanHacker – Official account of SEORG
If you want to learn more about hunting for web shells, be sure to check out “Three Threat Hunting Starting Points.” Additionally, if you have insights into information security or hunting, be sure to add your voice on Twitter.