My latest blog post: how to turn Domain Admin in a child domain into Enterprise Admin with ADCS ESC5: posts.specterops.io/from-da-to-ea-…

Congratulations to Joe Farjallah for clearing our Certified Azure Red Team Professional exam! #AzADLab #CARTP #AlteredSecurity cc Nikhil Mittal alteredsecurity.com/azureadlab

Just tried Joe Farjallah's linWinPwn for the first time. Wow, such a game saver! Can only recommend this for recon and low hanging fruit exploitation 👌🔥 github.com/lefayjey/linWi…

#linWinPwn major update v1.0.0: github.com/lefayjey/linWi… - Restructure of the modules, now you have only auto mode (enumeration only), and interactive mode - Add tools and attacks: mssqlrelay, GPO, raiseChild, change user password, add to group, rbcd, shadowcreds, ....

Plenty of new updates in linWinPwn, and now the option to install the requirements in a Docker image. Check it out here: github.com/lefayjey/linWi…

Didn't check the code yet, but looks like SilverPotato and CertifiedDCOM have a working public weaponized tool by now: github.com/CICADA8-Resear… That's huge news from my perspective🔥

Tired of wasting time managing multiple BloodHound data sets, and manually running analysis tools? Check this out: github.com/lefayjey/Blood… #bloodhound #activedirectory #pentesting #pentest

BEWARE: New GitHub phish. Pretty clever.

linWinPwn's new update includes the exciting new improvements in netexec v1.4.0, and many bug fixes! Check it out here if you want a better chance of breaking your record of getting DA: github.com/lefayjey/linWi…

I'm SO hyped to finally make MSSQLHound public! It's a new BloodHound collector that adds 37 new edges and 7 new nodes for MSSQL attack paths using the new OpenGraph feature for 8.0!. Let me know what you find with it! - github.com/SpecterOps/MSS… - specterops.io/blog/2025/07/2…