I just pwned Certificate on Hack The Box! hackthebox.com/achievement/ma… #HackTheBox #htb #CyberSecurity #EthicalHacking #InfoSec #PenTesting

I just pwned TombWatcher on Hack The Box! hackthebox.com/achievement/ma… #HackTheBox #htb #CyberSecurity #EthicalHacking #InfoSec #PenTesting

Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by Guillaume André and Wil. synacktiv.com/publications/n…

Ticket to #Defcon33 ✅ Hope to see ya’ll there!

Happy to share that I passed the PT1! Thank you !

I just pwned Artificial on Hack The Box! labs.hackthebox.com/achievement/ma… #HackTheBox #htb #CyberSecurity #EthicalHacking #InfoSec #PenTesting

I'm SO hyped to finally make MSSQLHound public! It's a new BloodHound collector that adds 37 new edges and 7 new nodes for MSSQL attack paths using the new OpenGraph feature for 8.0!. Let me know what you find with it! - github.com/SpecterOps/MSS… - specterops.io/blog/2025/07/2…

From Defcon33 to BsidesRDU!! 🔥🔥🔥

Here's an initial release of a LDAP browser written in python with a nice GUI and some integrations with #BloodHound github.com/ZephrFish/pyLD…

On November 18 Cloudflare experienced a service outage, triggered by an issue with a Bot Management feature, impacting multiple Cloudflare services. Here's a detailed breakdown of what happened. cfl.re/43Bw8AI

Dumping juicy secrets from SAM/LSA is always nice right? I've added an implementation for the --sam and --lsa flags to the MSSQL protocol of NetExec🚀 No need for manual registry hive extraction anymore!

🔥🔥🔥 Which book will you add to your collection next? Let me know!

"[...] Kerberos delegation is easily among my top favorite vectors of abuse, and [...] I’ve noticed that Impacket doesn’t get nearly as much coverage as tools like Rubeus or Mimikatz. Read more: blackhillsinfosec.com/abusing-delega… Abusing Delegation with Impacket (Part 1): Unconstrained

What's the future of #AI? In our next #webinar, our experts will discuss: 🔮 Future AI Trends 🐋 Emerging Threats 🏆 AI-Driven Solutions And so much more. Secure your spot and join us next week! hubs.la/Q041M7_D0 Dave Kennedy Justin Elze Paul Sems

Happy #BloodHoundBasics Friday w/ Martin Sohn! Did you know the BloodHound Query Library now includes a ZIP of all queries in Releases on GitHub for bulk importing? No more copying queries one by one—grab & import the whole collection in seconds! 🧵: 1/3

Kubernetes is one of the pieces of infrastructure most companies are using, but rarely gets evaluated by offsec teams. The attack surface is MASSIVE. Next week I'll be spilling the tea on how to start researching these attack paths yourself! Hope to see you there.

Microsoft Defender researchers observed attackers using yet another evasion approach to the ClickFix technique: Asking targets to run a command that executes a custom DNS lookup and parses the `Name:` response to receive the next-stage payload for execution.