#DSInternals 4.6 has just been released. Offline modification of #ActiveDirectory databases is now supported on Windows Server 2022, including password resets, SID history injection, group membership changes, and enabling/disabling accounts. #PowerShell github.com/MichaelGrafnet…

Certipy is a Python tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). By ollypwn github.com/ollypwn/Certipy

Are you doing write ups for THM, retired HTB, or another platform? Might I suggest you also include how long it took you to perform each step, if you also had to use another write up or how long your enumeration took? It might help boost the confidence of people just starting out

Things that frustrate me far more than they should: Out of all the possible shapes in the world, most fonts manage to make an uppercase i and a lowercase L look IDENTICAL 😫

Delegate to KRBTGT service to get TGT for any users ! Thanks Clément Notin for the help 🙏 skyblue.team/posts/delegate…

me irl

I work in tech, but don’t: - use a super cool monitor setup - put stickers on my laptop - hack all the things all the time - love going to conferences - have any certs Being in tech doesn’t mean you have to check special boxes.

Blog from ippsec and me on the Hack The Box blog - Finding that balance between not giving up too early and being pointlessly stuck is important. But the answer isn't "never seek help". Trying harder isn't always the answer when you're trying to learn. hackthebox.com/blog/It-is-Oka…

NTLM is frowned upon. But is Kerberos really that secure? One thing is for sure, Kerberos is far from being understood by the admins, and default configurations are too much trusted ✨ Patch, update, learn, harden, mitigate, detect, prevent, compartmentalize ✨ ..or get pwned

I've always thought these pop up windows to log in to paypal etc seem like they'd be real easy to fake if you wanted to. We've all got so used to seeing them now, I bet a lot of people don't even check the URL in them. But even if you do, you could still be typing into a fake.

The machine I submitted to Hack The Box last year has finally made its way to the front of the queue. I can't remember if it's any good 🙃 hopefully a few people enjoy it #hackthebox #infosec #ethicalhacking #pentesting #hacker

Nope, this isn't about breakfast 🍳 Scrambled #Medium #Windows Machine created by VbScrub will go live 11 June 2022 at 19:00:00 UTC. Meta will be retired! Join now and start #hacking: hackthebox.com #HackTheBox #CyberSecurity #InfoSec #NewRelease

My latest machine will be going live on Hack The Box later today (19:00 UTC). If you have a go at it, I'd be keen to hear what you think. Obviously won't be giving out any spoilers though. #HackTheBox #pentesting #InfoSec #hacking #ethicalhacking

As someone who always enjoyed using the latest versions of the .NET Framework over the last 13 years, it amazes me how much I still hate .NET Core every time I try it. Sick of editing config files and looking up command lines just to do even basic things. #dotnet #dotnetframework

All I want for xmas is to not have to click allow cookies on literally every website I visit

I realise I'm very late to the party... but if you're even remotely interesting in hacking and infosec stuff, I can't say enough good things about Jack Rhysider 🏴‍☠️'s podcast, Darknet Diaries Been binging it the last few nights before I go to sleep and every episode has been great

Hacking 101 if ur doing a RED TEAM, remember to use disguises - PRETEND to be a printer or MFD. if somsone spots you in the corridor just start throwing paper all over the floor and screaming ERROR ERROR #badRedTeamTips