
Terrance DeJesus
@_xDeJesus
Followers
765
Following
3K
Media
141
Statuses
3K
☁️ Cloud & Identity Security | Hunting threats & safeguarding the cloud | #cybersecurity #threathunting #cloudsecurity | {opinions are my own}
United States
Joined May 2014
Excited to host a hands-on investigation lab at #DEFCON33 in the #CloudVillage!. Built from the perspective of an opportunistic adversary, this E2E AWS breach simulation leaves footprints for hunters and detection engineers to track across cloud, identity, storage, endpoint &.
1
4
14
RT @cloudvillage_dc: 🔥 Cloud Village Labs schedule for @defcon is live!. The Cloud Village Labs lineup is organized by genre to help you di….
0
8
0
RT @cyb3rops: So apparently the --host option in sudo has been broken since 2013. You could just trick it into accepting remote rules on th….
0
166
0
RT @_sigil: ☁️ My fwd:cloudsec talk, "I SPy: Rethinking Entra ID research for new paths to Global Admin", is up! Learn what a service princ….
0
31
0
RT @MsftSecIntel: Since 2024, Microsoft Threat Intelligence has observed remote IT workers deployed by North Korea leveraging AI to improve….
0
52
0
RT @elasticseclabs: New research from our #ElasticSecurityLabs team: we dive into how infostealers are leveraging a stolen Shellter evasion….
0
48
0
If anything this week, I highly recommend giving this #EntraID research by @fabian_bader and @_dirkjan on CA bypasses a read.
0
14
47
RT @Antonlovesdnb: Coming up on my 1 year anniversary with @HuntressLabs ! . Taking this opportunity to go over some things myself and the….
0
46
0
RT @_dirkjan: Since several people already asked: the slides from @fabian_bader and myself for @WEareTROOPERS are available! "Finding Entra….
0
85
0
RT @BleepinComputer: Microsoft 365 'Direct Send' abused to send phishing as internal users - @LawrenceAbrams. https….
0
40
0
RT @ericonidentity: At @WEareTROOPERS I dropped new research on #nOAuth, an abuse of #EntraID that allows you to spoof users in vulnerable….
0
37
0
RT @fabian_bader: One of the results of the joined research with @_dirkjan is . Basically the yellow pages for Micr….
0
66
0
Did a write-up on OAuth phishing (offense and defense). It's based on phishing campaign's reported by @Volexity earlier this year. - What are OAuth phishing links; what is the workflows behind them.- How to emulate (examples) and use ROADtools for further compromise.-.
0
17
56
RT @SBousseaden: cool alternative to clickfix, thanks for sharing!. possible detection is to looks for process.parent.args :"--message-loop….
0
11
0
RT @mrgretzky: If you're battling phishing detections through CSS canary tokens, make sure to add these entries into your Evilginx MS365 ph….
0
54
0
RT @rad9800: People often ask why I pivoted away from malware. Sometimes I ask myself the same question. After all, everything I've publis….
0
49
0