Don't we all get to the point where all you want to do is capture and relay NTLM and Kerberos authentications in a BOF? It's just faster to write a capture & relaying framework in C for ntlm, kerberos, dcom, smb, http, mssql with native Windows support than fixing impacket.

Hard AD chain? By Geiseric? My gut says this will be a Kerberos nightmare :D

Given the recent trend in VL Chains one could only guess what this one will be about :D

A video walkthrough is now available: youtu.be/CPOJt-Gujkc

Hi, we're on giveaway ??? (???) Our friends at CyberWarFare Labs hooked us up with 5 vouchers for the Certified Multi-Cloud Red Team Analyst If you wanna big brain science and get more stuff for the Holidays, leave a comment below - Winners will be selected randomly in the next

/me sighs I said we were declining more giveaways, but I've made an exception and I've accepted 1 more. After this addition, NO MORE GIVEAWAYS will be accepted. Okay? New giveaway added to queue (this isn't the official giveaway yet, please don't spam the comment section) Our

Best platform out there with a good community!

Hello, It's giveaway-number-plz-make-it-end Our friends from Vulnlab hooked us up with 10 vouchers to their Vulnerability Lab with full access for 90 days. If you want to practice hacking stuff, on various difficulties, for 90 days, leave a comment below. - Winners will

We’re kicking off the new year with a Linux machine - Barrier is arriving in the lab on Thursday! This new addition will let us explore an area we haven’t focused on before.

🎉 A new machine is on its way to the lab! Odori is a medium-rated hybrid machine offering a mix of Windows and Linux challenges.

Kicking Off the year with the OSCP+. Sadly, this will likely be my last OffSec certification for a long time. Esoteric, irrelevant, "ctfy". Can I get the old OffSec back? Will follow up with a detailed post in the future.

New blog from me on using CLR customizations to improve the OPSEC of your .NET execution harness. This includes a novel AMSI bypass that I identified in 2023. By taking control of CLR assembly loads, we can load assemblies from memory with no AMSI scan. securityintelligence.com/x-force/being-…

Small follow up on my latest tweet for the OSCP+ The SecOps Group reached out and wanted me to give their exam a shot. Well I did. Read about it here :). linkedin.com/pulse/my-exper… via LinkedIn

I don't pay for premium, so please read the longform in the picture. TLDR: Cool new VS x86/x64 shellcode template from alex short 🇺🇦 at github.com/rbmm/SC_DEMO, he lives in Ukraine and is looking for remote work, help him make a connection if you can.

It’s time to dive back into Active Directory! Shibuya is a medium-difficulty AD machine featuring elements from recent engagements.

Our red team is growing and we have a rare open position for a Principal RT Operator - if this sounds like you, get in touch 🙏 MDSec

Well, it happened. The company I worked at for 6 years will be closing and thus I got laid off. This doesn't affect Octopwn operations in any negative ways, but I'm actively looking for a new day job. If someone has something please DM me. Retweets are appreciated.

Their only weakness...

Currently at the beach with the kids. What does this remind you of? Don’t tell me you can’t already hear the music :D

The Vulnlab track on Hack The Box already has 15 machines now: app.hackthebox.com/tracks/Vulnlab… Keep an eye out for Rainbow if you want to dive into Windows binary exploitation :)