Nice to have contributed to this release 🕸

🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷‍♂️ Read Here - akamai.com/blog/security-…

My research on CVE-2025-49113 is out. fearsoff.org/research/round…. Happy reading! #CVE #roundcube #poc FearsOff Cybersecurity

🔍 New research on a niche technique to abuse "GPP Local Users and Groups" to elevate privileges locally through sAMAccountName hijacking. This research comes with a new GPOHound update to detect this misconfiguration. 🔗 Read more: cogiceo.com/en/whitepaper_…

Sometimes, SQL injection is still possible, even when prepared statements are being used. Our researcher hashkitten has written up a blog post about a novel technique for SQL Injection in PDO’s prepared statements: slcyber.io/assetnote-secu…

Session enumeration is only possible with admin privileges? That is a problem of the past thanks to the new --reg-sessions core functionality of NetExec, made by Toffy🔥