Adriaan was struggling to get an interactive shell on the *nix application server he had popped, so he wrote a turn-based mini binary to give you a semi-interactive shell in restrictive environments. Writeup & code 👇🧵

Some weeks ago, TrustedSec has posted a really interesting blog post about the MDT shares, and credentials that can be found inside. But one question remained unanswered: where are they? I have tried to answer this question: hideandsec.sh/books/windows-…

Reverse engineering Microsoft’s SQLCMD.exe to implement Channel Binding support for MSSQL into Impacket’s mssqlclient.py. Storytime from Aurelien (Aurélien Chalot), including instructions for reproducing the test environment yourself. (link below)

Last month I spent hours implementing Channel Binding for MSSQLClient on Impacket. If you are interested in how CBT is computed, handling STARTTLS in python, TLS introspection on Windows or simply MSSQL databases check it out sensepost.com/blog/2025/a-jo… :)

hashcat v7.0.0 released! After nearly 3 years of development and over 900,000 lines of code changed, this is easily the largest release we have ever had. Detailed writeup is available here: hashcat.net/forum/thread-1…

Go fuck yourself EU 😊

This was implemented in bloodhound but missing in NXC, not anymore 🥳🥳🥳

gpoParser, which I presented at #leHACK2025 and #DEFCON, is available here: github.com/synacktiv/gpoP… It is a specialized utility designed to enumerate Group Policy Objects (GPOs) and identify potential security misconfigurations.