Nous sommes à la recherche de volontaires pour réaliser le challenge SSTIC 2025 ! Si vous êtes intéressé vous pouvez retrouver les informations pour nous contacter sur sstic.org ! Bonne fêtes ☃️

Starting 2025 strong! We’ve developed a PoC exploit for CVE-2024-49112. Read the blog and check out the GitHub repo: hubs.ly/Q030X5Y00 Just the beginning of the great things SafeBreach will deliver this year; stay informed at hubs.ly/Q030X2pM0. #CTEM #whatisPropagate

Super stocked. Currently implementing FalconHound from Olaf Hartong and FalconForce Official and this is beyond awesome. So much more visibility, new attack paths and all that mostly in real time <3

🎉 We've just released 🔐 keycred 🎉 A cross-platform tool for handling Active Directory Shadow Credentials/msDS-KeyCredentialLink 🔑. It supports UnPAC-the-Hash/PKINIT, Pass-the-Cert, Channel Binding and more 💪🚀 🔥 Get it while it's still hot! 🔥 github.com/RedTeamPentest…

In our latest article, laxa revisits the secretsdump implementation, offering an alternative avoiding reg save and eliminates writing files to disk, significantly reducing the likelihood of triggering security alerts. Read the details at synacktiv.com/publications/l….

My intern research from IBM X-Force Red last summer just got released! Introducing SoaPy - a completely custom engineered way to use Active Directory Web Services (ADWS) from Linux hosts for stealthy Active Directory interaction! Read about it here! securityintelligence.com/x-force/stealt…

NTLM relay is still a major threat and is now even easier to abuse. We just added new NTLM relay edges to BloodHound to help defenders fix and attackers think in graphs. Read my detailed post - the most comprehensive guide on NTLM relay & the new edges: ghst.ly/4lv3E31

Le challenge 2025 ouvrira le vendredi 25 Avril à 18h00, heure de Paris

You can have EDR, a SIEM, and tiered accounts but if you’re leaving plaintext creds in logon scripts or logon scripts can be modified by any user none of it matters. Audit your logon scripts with ScriptSentry… github.com/techspence/scr…

The SSTIC 2025 challenge is online: sstic.org/2025/challenge/ Good luck to you all!

TLDR "The attack works by default — your domain doesn’t need to use dMSAs at all. Available as long as the feature exists, which it does in any domain with at least one Windows Server 2025." #BadSuccessor #dMSA

mpgn Florian disliked this.

Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by Guillaume André and Wil. synacktiv.com/publications/n…

Well, it happened. The company I worked at for 6 years will be closing and thus I got laid off. This doesn't affect Octopwn operations in any negative ways, but I'm actively looking for a new day job. If someone has something please DM me. Retweets are appreciated.

I publish two blog posts today! 📝🐫  The first dives into how we're improving the way BloodHound models attack paths through AD trusts: specterops.io/blog/2025/06/2…  The second covers an attack technique I came across while exploring AD trust abuse: specterops.io/blog/2025/06/2…

dMSA are now supported by impacket (thanks fulc2um!), so its time for badsuccessordumper.py ! github.com/fortra/impacke…

Hosts running the WebClient service are prime targets for NTLM relay attacks, and it may be possible to start the service remotely as a low-privileged user. Steven breaks down the service startup mechanics, plus the protocols and technologies. ghst.ly/41QT7GW

spencer SwiftOnSecurity NAT

If you want to extend #BloodHound a little bit and use it for other stuff such as passwordaudits, choke point detection and remediation tracking, increase your session data again etc, than this one's for you. luemmelsec.github.io/Whos-a-good-boy NO OpenGraph extension - sorry fan boys

🛠️ ADCSDevilCOM: A C# tool for requesting certificates from ADCS using DCOM over SMB. ✅ Remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM github.com/7hePr0fess0r/A…