🔥Telegram İfşa

you can’t make this stuff up.

This is like asking if the patient should clean the doctor's office after a visit. Yes, it is the red team's responsibility to leave the environment as clean as possible after an engagement. Leaving your stuff everywhere is messy and unprofessional. If you can't clean it up by

This is bad for AD big time 🤯... Don't understand why they decided not to service this immediately. Awesome research!

Fun fact: macOS provides a sysctl that lets you disable the creation of the com.apple.quarantine attribute – security.mac.qtn.sandbox_enforce Fun fact 2: This feature has been broken for years because they accidentally inverted a condition in Quarantine.kext.

Thanks to everyone who joined my DEFCON33 talk!🎉 For those of you who missed it and are interested in seeing how we can extract cleartext credentials and bypass MFA directly from the official Microsoft login page, I just uploaded the recording to YouTube: youtu.be/z6GJqrkL0S0

This is awesome research and worth a watch!

I wanted to find out if you could start the WebClient service remotely, so I ended up digging into it specterops.io/blog/2025/08/1…

This is a game you play when you don't want to feel the passage of time.

It seems there now is a BOF implementation of ADSyncDecrypt to dump Entra ID connect creds 👀 github.com/Paradoxis/ADSy…

It's been 5 months since Elijah passed, and I thought everyone except my wife I would have forgotten it and moved on. Then today, I see SpecterOps is running a fundraiser for Hope for HIE ☀️, who help us so much during that time. 🥹 ghst.ly/bh8-tshirt

A massive thank you to everyone that supported the SpecterOps fundraiser for Hope for HIE ☀️, almost 2x the goal ❤️‍🔥 ghst.ly/bh8-tshirt

Think you understand how LLMs work? You might be surprised. 😳 In his latest blog post, Blaise explains the history, challenges, and attack primitives that make securing AI systems such an extreme challenge. Read more ⤵️ ghst.ly/497pxl0

Credential Guard was supposed to end credential dumping. It didn't. Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️ ghst.ly/4qtl2rm

When you get an email that it's time to renew a cert

Just in time for the holidays, I wanted to share something that a lot of people have asked for: youtube.com/playlist?list=… Short videos about Mythic development and customizations. This is just the start - I'll release a survey soon that'll get feedback for the next batch :)