Excellent reference post for those annoyingly cryptic certipy/kerberos errors. Well done guys!

📢Want to make cool animations like us? Check out our new free 🎞️Attack Animator tool: aceresponder.com/attackanimator #DFIR #ThreatHunting #Pentesting #redteam #CyberSecurity #ACEResponder

Adversary playground for EntraID. #TrustEverybodyButCutTheCards Best post ever on this topic - so... actionable: linkedin.com/posts/elishlom… → SSPR + MFA Reset Loop: If self-service password reset is misconfigured, you can reset the user’s MFA, register your own, and walk in — no

You have got a valid NTLM relay but SMB and LDAP are signed, LDAPS has got Channel Binding and ESC8 is not available... What about WinRMS ? :D Blogpost: sensepost.com/blog/2025/is-t… Tool: github.com/fortra/impacke… And also, big thanks to jmk (Joe Mondloch) for the collab' :D!

Been super busy with some secret things but SoucePoint 4.0 is live with all the latest CS stuff github.com/Tylous/SourceP… #redteam #CobaltStrike

The different types of #ActiveDirectory kerberos delegation. #ThreatHunting #DFIR

Sweet tool release on NTLM relay using MS-EVEN RPC - and if they have an AV (i.e. defender), can leak the NetNTLMv2 creds to be used via relay on ntlmrelayx: github.com/Thunter-HackTe…

Reading Microsoft’s new Void Blizzard report, one thing stands out (again): Everything is about credential theft, phishing, and tokens. Initial access comes from buying or stealing creds - often through low-effort phishing. All the real action happens in the cloud, not on

Model Context Protocol (MCP), clearly explained:

Today, together with Jonathan Elkabas, we're releasing EntraGoat - A Deliberately Vulnerable Entra ID Environment. Your own hands-on Entra lab for identity attack simulation. Built for red teams, blue teams and identity nerds. Check it out here👉github.com/semperis/entra…

CypherHound github.com/fin3ss3g0d/cyp… now supports ALL traversable AD edges in BloodHound CE! There have been a lot of traversable edges added by SpecterOps over the last year, my project is providing prebuilt queries for you to use with the latest edges! Don't miss out!

Catch the 5 dollar shodan membership while it lasts!

⚡️You can now use AI to make ACE-style animations in the AttackAnimator! Ask for help or have it create a full video entirely from scratch. aceresponder.com/attackanimator

How domain fronting is used to evade detection. #ThreatHunting #DFIR

> Saturday > 65 degrees > College Gameday on the tv > Top-10 Big-Noon Kickoff matchup on deck > CFB all day …That time of the year

Next month is cyber security awareness month but I'm starting early. If you are not in a role which exposes you to the next best thing and current modern best practices to keep current, sign up for vendor webinars for the products that you wish you could use but can't for

it’s kinda crazy how one interception broke an entire football program