After some months of very enjoyable research, I'm happy to release: "Understanding a Payload's Life (featuring Meterpreter & other guests)" Only slides are available at this time. You can find them at: attl4s.github.io/assets/pdf/Und…

I am proud to announce the release of #BloodHound 4.3! Release blog post: medium.com/p/5795cbf535b2 Limited edition T-shirt: customink.com/fundraising/sp… Get BloodHound 4.3 NOW at bit.ly/GetBloodHound

Releasing a complete rewrite of "Understanding Windows Lateral Movements" - 71 more slides - Better explanations - Less errors and bad assumptions If you liked the 2019 version, you should check this one out Available at attl4s.github.io

Understanding Windows Lateral Movements videos are now available Three videos with more than two hours of content about Windows authentication, user impersonation and lateral movements Find them at attl4s.github.io

Recently I published a plugin for Dirk-jan 's tool ROADrecon which analyses current MFA status for each AAD user based in Conditional Access Policies. It uses Joosua Santasalo 's CAOptics tool as source. Blog post in progress, meanwhile: github.com/dirkjanm/ROADt…

Today I'm releasing a new major version of Monkey365. This new version adds a bunch of fixes and include a lot of new improvements to the core module. github.com/silverhack/mon… #cloud #azure #azuread #microsoft365 #cloudsecurity #compliance

I was, unfortunately, reminded today that not everyone is using Cost anomaly alerts for their Azure subscriptions These alerts are completely free, but you have to enable them. Please set this up to avoid unexpected bills due to attackers or accidents :( learn.microsoft.com/en-us/azure/co…

New airgeddon version is out! v11.20. Awesome new stuff like optional advanced captive portal, improved DoS pursuit mode, changes on graphics detection to work better in wayland environments, kali nethunter, etc. 😎 github.com/v1s1t0r1sh3r3/… #hacking #pentesting #airgeddon #wifi

Folks, quick update on Azure AD Graph retirement and PowerShell modules deprecation. 📌 IMPORTANT: Please don't take the urgency off migrating your apps and scripts to Microsoft Graph. See full details in blog post linked below. x.com/merill/status/…

Restricted management administrative units in Azure Active Directory allows for additional protection of sensitive user accounts and makes it possible to extend tier design to cloud beyond the built-in roles. #AAD #security learn.microsoft.com/en-us/azure/ac…

Great post from _Ray on abusing different Active Directory object controls and how to detect them labs.lares.com/securing-activ… #RedTeam #blueteam #purpleteam #cti

This was a huge week for Microsoft Entra. Hopefully, this mind map helps you visualise all the products that were announced on a single page. I have linked each node to its product/feature page on Microsoft Learn for quick access. If this is helpful and you want to see more of

I'm super excited to launch my next project! Subscribe to my newsletter @ entra.news 👇🏾 I'll be publishing the first newsletter in the next few days and it's going to be bumper issue. Send a link to [email protected] if you want your Microsoft Entra related blog

The second issue of Entra.News just went out to your inboxes. Sign up if you haven't already. Includes posts from Tony Redmond, Shehan Perera | MVP, Thijs Lecomte, ☁ CHARBEL NEMNOM🇨🇭| MVP | MCT | CCSP | CISM ☁, Joosua Santasalo, Niklas Tinner - MVP, Fabian Bader, Bobby Cooke, Steve Borosh, Darren ‘Doc’ Robinson (MVP) 🪪,

First video of "Understanding a Payload's Life" uploaded. As soon as I have some spare time I'll be recording more. Enjoy! youtube.com/watch?v=AIAr2-…

Excited to announce the release of a new version of Monkey365. Multiple bug fixes were fixed and feature enhancements were added. Enjoy! github.com/silverhack/mon… #cloudsecurity #azuresecurity #microsoft365security #office365security #hardening #PenTest #AzureAD #EntraID #CSPM

Privilege escalation through TPM Sniffing when BitLocker PIN is enabled : blog.scrt.ch/2024/10/28/pri… Ref : Extracting Bitlocker keys from TPM : pulsesecurity.co.nz/articles/TPM-s… Sniff, there leaks my BitLocker key : labs.withsecure.com/publications/s…

Fresh meat! We've created a new Evil-WinRM branch with integrated multiple AI LLM support. New docker image, new gem (gem install evil-winrm-ai) and new possibilities Check it out and let us know what you think github.com/Hackplayers/ev… Happy hacking #evilwinrm #hacking #llm #ai

Hi everyone! The company I work for has published a Wi-Fi-related article I wrote. It might interest you. nccgroup.com/us/research-bl… Merry Christmas, by the way! 💥❄️🎄 #airgeddon #pmkid #wifi #hacking #article

My research on CVE-2025-49113 is out. fearsoff.org/research/round…. Happy reading! #CVE #roundcube #poc FearsOff Cybersecurity