 
                                Logan Goins
@_logangoins
Offensive Security Consultant Co-op, IBM X-Force Red
ID: 1781163077980860416
https://logan-goins.com 19-04-2024 03:29:10
29 Tweet
886 Followers
110 Following
 
         
         
        Extended on Logan Goins work for BadProcessor Fully native PowerShell Domain joined or not doesn't matter Check DCs Check ACLs Nice gridview Create weaponized dmsa The tool now helps in detectin / mitigation and attacking github.com/LuemmelSec/Pen…
 
                        
                    
                    
                    
                 
        BadSuccessor is a new AD attack primitive that abuses dMSAs, allowing an attacker who can modify or create a dMSA to escalate privileges and take over the forest. Check out Jim Sykora's latest blog post to understand how you can mitigate risk. ghst.ly/4kXTLd9
 
         
        Recently, Microsoft changed the way the Entra Connect Sync agent authenticates to Entra ID. Check out our latest blog post from Daniel Heinsen to learn how the agent works now & how these changes affect attacker tradecraft. ghst.ly/3ZpMc6y
 
        🚨 Our new blog post about Windows CVE-2025-33073 which we discovered is live: 🪞 The Reflective Kerberos Relay Attack - Remote privilege escalation from low-priv user to SYSTEM with RCE by applying a long forgotten NTLM relay technique to Kerberos: blog.redteam-pentesting.de/2025/reflectiv…
 
         
        Thank you so much to /ˈziːf-kɒn/ and its organizers for an awesome experience! Lee Chagolla-Christensen and I had a blast talking about the new Nemesis 2.0 rewrite (code live at github.com/SpecterOps/Nem… !) and hope to be back next year #x33fcon
 
         
        Introducing the BloodHound Query Library! 📚 Martin Sohn & Joey Dreijer explore the new collection of Cypher queries designed to help BloodHound users to unlock the full potential of the BloodHound platform by creating an open query ecosystem. ghst.ly/4jTgRQQ
 
         
         
         
         
         
         
         
         
         
                         
                        