Here's a way to spot SCCM primary sites with a basic scan: Port 10123 is a telltale of the Configuration Manager installation and AFAIK cannot be disabled. If reachable, look for the CN in the certificate and if it contains "SMS", that could very likely be SCCM.

Today we are releasing GraphRunner, a post-exploitation toolset for M365 and Entra ID accounts that myself and Steve Borosh have been building for the last few months. Read the blog post here: blackhillsinfosec.com/introducing-gr… Code is here: github.com/dafthack/Graph…

Well, the good news is standard audit logs will now be retained for 180 days (previously 90 for standard, 365 for premium) The bad news is it won't include MailItemsAccessed, Send, or SearchQueryInitiated* events until September 2024...

It is out! FalconHound is now public. github.com/FalconForceTea… A blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion Yesterday I spoke about FalconHound Wild West Hackin' Fest, slides to the talk: github.com/olafhartong/Pr…

This was fun!

As promised after my Wild West Hackin' Fest talk, I am releasing a HOWTO repo on Malware As A Service #maas. Check it out here --> yoda66/MAAS: Malware As A Service (github.com) Black Hills Information Security Matt Eidelberg @notshenetworks

💻🦃 In the wake of Thanksgiving, while we count our blessings, let's also safeguard them! Join me at Antisyphon Training's Snake Oil Summit to learn "Hacking Active Directory: Fundamentals and Techniques" Register here --> antisyphontraining.com/event/hacking-… 🦃💻

Dear Rogers, Telus, Bell and any other service provider attempting to peddle your wares, if I’m interested in your services rest assured I’ll call you. If I tell you no, my answer isn’t going to change if you call me 4 more times today!

Want to learn how to Hack Active Directory? Join me at the Antisyphon Training Snakeoil Summit, and take a 16 hour interactive class on Hacking Active Directory Dec 7th, 2023 for 2 fun days! antisyphontraining.com/event/hacking-…

Got this text from my wife this morning. Can anyone translate into man speak? “When you come up babe, can I please ask Kimberly your bag for the kitties that are the vacuum?”

There’s still time to register for this. Chris is a great instructor!

I’ve never understood how one can attend a security conference and leave their laptop unattended let alone unattended AND logged in!!

Hmmm!

Join me LIVE on March 19-22 to get hands-on training with Hacking Active Directory: Fundamentals and Techniques! For more information on this training, visit us here: antisyphontraining.com/live-courses-c…

Sorry ⁦Dave Kennedy⁩, no special treatment for you! lol!!

test

🚨 {{$json["summary"]}} Read more: {{$json["link"]}}

🚨You have a true positive alert on a Windows/Linux endpoint—this is not a drill! Learn how to investigate & respond fast in Rapid Endpoint Investigations w/ Patterson Cake. Live demos + hands-on labs. 📅 Friday, June 6 💸 Pay-What-You-Can Register Now: antisyphontraining.com/course/worksho…

"NetExec is an open-source tool designed to conduct network reconnaissance, lateral movement, and security assessments [...]" Read more: blackhillsinfosec.com/getting-starte… Getting Started with NetExec: Streamlining Network Discovery and Access by: Dale Hobbs Published: 7/9/2025

🚨 New on demand course just dropped Intro to Active Directory is now available on the Antisyphon Training On Demand platform. Learn how AD really works, users, groups, OUs, permissions, and why misconfigurations matter in real environments. 👉 antisyphontraining.com/product/intro-…