ZeroTrust Workshop is now available on the web instead of in an Excel sheet. Last week, Microsoft announced the updated, 🚀brand new ZeroTrust Workshop. Most of us used the Excel sheet with our customers. We hoped to see this Excel sheet on the web, like the ZeroTrust Assessment.

In his latest research, 📔 Michael Grafnetter looks at Okta attack paths, and where they actually show up. Not in Okta itself, but in everything connected to it. With OktaHound you can map that in BloodHound. Check it out! ghst.ly/4dyLThw

Foreign enterprise apps can expose your Entra ID tenant. Today, we release part 1 of our 4-part weekly series on common Entra ID pitfalls and how to detect them with EntraFalcon. Learn how external apps can lead to data access or worse: blog.compass-security.com/2026/03/common…

Thanks to Azox, it is now possible to use psexecsvc (github.com/sensepost/susi…) through a socks proxy like ntlmrelayx allowing executing system commands via a trusted service, as NT System, and evading EDR's. Also thanks to Pixis for his fixes :D

Releasing KslKatz. Combining KslDump and GhostKatz to dump LSASS using no-fix KslD.sys memory read to bypass PPL. Extracts MSV1_0 NT hashes and WDigest cleartext passwords (if enabled) from LSASS using a Microsoft-signed driver. github.com/S1lkys/KslKatz

In this blogpost I tried to sum up everything I know, walking you from the "I have an EDR, I'm secure" mindset to "let's build a resilient tiering model". Let me know what you think about it :)! sensepost.com/blog/2026/from…

Whoopsi: CVE-2026-20963 is now UNAUTHENTICATED!!!! Patch ASAP. msrc.microsoft.com/update-guide/v… Updated the scanner: github.com/LuemmelSec/Pen…

Your Conditional Access policies probably have gaps you don't know about I talked to Emilien Socchi about how he built an engine that tests 250 MILLION sign-in combos in <20 minutes. Runs Offline. No Throttling. No Limits. Watch at entra.news/p/finding-ever…

A new module just got merged into NetExec: get-scriptpath📜 This module queries all users for the scriptpath attribute. If you have privileges over one of these scripts (or they e.g. try to mount a network share) you can compromise this user on their next login. Made by Wyndo

🗝️#NewBlog Passkeys are here to stay and if you are new to this or need to refresh the Passkey knowledge hope this guide will come in handy! #Entra #Passkeys #MicrosoftEntra #FIDO2 wp.me/pb2Sd0-3yT

Introducing Project Leetha. A passive network fingerprinting and analysis engine I created to help identify unknown devices and help discover network devices that are running on a network. github.com/tjnull/leetha

Microsoft Entra just got a "Superpower" 🦸‍♂️ The March 2026 updates are here, and they are a game-changer for Identity Admins. I’m joined by MVPs Nathan McNulty, Ru Campbell, and Thomas Naunheim to go behind the scenes of: ✨ Native Backup & Recovery (The "Holy Grail" feature) ✨

PingCastle Cheat Sheet pentesting.site/cheat-sheets/p…

TailVNC — Drop-in Windows VNC persistence over Tailscale. Single binary, Session 0 bypass, zero exposed ports. Built for offensive security & ops. Inspired by Yeeb 's SockTail. github.com/wh0amitz/TailV… #redteam #Pentesting #CyberSecurity

small cheatsheet on how to abuse some windows privileges and built-in groups github.com/seriotonctf/Re…

M365Pwned. Red Team tooling for Microsoft 365 exploitation via Microsoft Graph API, by OtterHacker github.com/OtterHacker/M3…

In this article I show a way to modify Mimikatz to evade Defender medium.com/@luisgerardomo… #penetrationtesting #redteaming

Justin Elze github.com/n00py/Outpacket Maybe useful

Targeted Keberoasting with NetExec🔥 If you have Write privileges over a user, you can temporarily add an SPN to your target user, request the service ticket, and then remove the SPN. Voilà: a crackable hash without interfering with potentially critical users. Made by Azox🚀

Huh. Am I the only one who didn't know that Microsoft makes a tool called EventLogExpert that is supposed to be an improved version of event viewer for IT/helpdesk people? github.com/microsoft/Even…