🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

PR has been merged into #impacket 🥳

i was bored at night, so i played with the netsync attack. Meet netdumper.py, a pure TCP RPC based script to netsync machine (and gMSA!) accounts. Nothing new, mostly based on previous works by Charlie Clark, Andrew, @evi1cg et al. gist.github.com/ThePirateWhoSm… 🌻

Another free #impacket IoC: just search for packets with Auth Context ID = 79231 within your DCERPC traffic.🕵️‍♂️

#pywerview 0.7.3 is out! github.com/the-useless-on… 🌻

Glad to publish a blog post on a critical vulnerability I found some months ago on GLPI, that impacts all default installation under a certain version: sensepost.com/blog/2025/leak… We also released a tool that implements some check for known vulnerabilities: github.com/Orange-Cyberde…

Did you know you can run certutil to decode Windows HRESULT/NTSTATUS error values? certutil -error <code>

ldap3 is not dead! 🥳🎉 cc Lucas Hennessy github.com/cannatag/ldap3…

Since this is on here now, here's how to avoid the ADExplorer `(objectGUID=*)` IoC

👇 github.com/ly4k/Certipy/d…

Hello, small error on the date the meetup will be held on May 19. Program: 🎙️ "Your cloud identity providers are phishing platforms" - by Alexandre S. 🎙️ "Understanding EDRs to better bypass them" - by CursedFRA 📍 Oculto, 27 R. Quincampoix, 75004 🕖 19:00 See you there !

🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷‍♂️ Read Here - akamai.com/blog/security-…

Many missed this on #BadSuccessor: it’s also a credential dumper. I wrote a simple PowerShell script that uses Rubeus to dump Kerberos keys and NTLM hashes for every principal-krbtgt, users, machines. no DCSync required, no code execution on DC.

Why're we still doing the Impacket thing when @skelsec's stuff is so sick? gist.github.com/snovvcrash/a1a… (just kidding ofc, Impacket is forever in our hearts)

Newer Windows clients often enforce signing ✍️ when using SMB fileshares. To quickly deploy an SMB server with signing supported we implemented this in impacket's smbserver.py based on a prior work by drm. github.com/fortra/impacke…

1k stars 🌟 Thank you everyone.

Uses the Empire version, so props to ThePirateWhoSmellsOfSunflowers. x.com/_RastaMouse/st…