Trimarc just released a free PowerShell script "Invoke-TrimarcADChecks" that Sean Metcalf (Sean Metcalf) covered in his recent Webcast trimarc.co/tw61720 Download the script along with what it gathers, what to review, & Trimarc recommendations trimarc.co/ADCheckScript

Nothing new but I put together a blog post on a new take on #Petitpotam and leveraging it to get DA blog.zsec.uk/chasing-the-si… #RedTeam #BlueTeam #PurpleTeam

There has never been a better time than right now to get involved with Azure security research. Not convinced yet? Let's compare where we are with Azure versus where we are with on-prem AD: 🧵

Sean O'Mahony DebugPrivilege mRr3b00t Lars Karlslund Separate admin accounts for cloud use Protect cloud from on-prem: techcommunity.microsoft.com/t5/azure-activ… Excellent recommendations for securing privileged access: docs.microsoft.com/en-us/azure/ac… Recommendation for cloud emergency accounts: docs.microsoft.com/en-us/azure/ac…

Here's a thread on some of the interesting things we've seen in the #ContiLeaks. If you would like to read the chat logs and TrickBot Forum information, Kostas has translated them to English here: github.com/tsale/translat…. He will be adding more as things get leaked.

"Anydesk" cmd.exe /c C:\ProgramData\AnyDesk.exe --install C:\ProgramData\AnyDesk --start-with-win --silent "And then we log in with a local admin or a domain account and use the charms of Anydesk You can also download / upload to / from the victim's machine..." #ContiLeaks

hak5.org/blogs/payloads… check out my rubber ducky payload which grabs WiFi passwords from a Windows machine and sends to webserver via POST request #rubberducky #ducky #offsec #infosec #hak5 #DEFCON

Windows binaries: lolbas-project.github.io Linux binaries: gtfobins.github.io Living off Trusted Sites: lots-project.com File Extensions Used by Attackers: filesec.io Blue Team / Binaries that behaves like malware: wtfbins.wtf

I published a blog article detailing a phishing technique I called Browser in the Browser (BITB) Attack. It's very simple but can be very effective. I also published templates on my Github feel free to test them out. mrd0x.com/browser-in-the…

LAPSUS$ didn't invent Insider-Threat-as-a-Service, but they have perfected it. Their recent works shows how vulnerable even large companies are to insider threats (via compromised employees). Brace for a wave of insider threat "prevention" spyware companies with new marketing 💰.

LOLBIN to dump LSASS: Path: C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\Extensions\TestPlatform\Extensions Binary: DumpMinitool.exe The params are case sensitive.

😶‍🌫️While working on Nikhil Mittal outstanding Azure Red Team course I've developed a handy powershell toolkit combining various Azure Red Team tactics. Sharing it now, maybe someone will find it useful✨ github.com/mgeeky/AzureRT

Here is a Metasploit module for the ADSelfService Plus authenticated RCE that we saw being used in the wild. PoC video and pcap within: github.com/rapid7/metaspl…

To be clear CVE-2022-26925 is PetitPotam unauthenticated found by topotam . MS reintroduced the vulnerability in some patch between Dec 2021 and March 2022

Anyone that I know that wants to meetup at DEFCON? If you want to say "hi" I'm going to be in adversary village around 10.30/11

CrackMapExec can now export share results in case you are scanning a /24 or /16 🔥 Thanks to Gray Sec for the PR 🚀

"Skidaddle Skideldi - I just pwnd your PKI " #pentest #redteam #infosec luemmelsec.github.io/Skidaddle-Skid…

Like Evilginx? Like GoPhish? Check out github.com/fin3ss3g0d/evi… It even has the ability to leverage CloudFlare Turnstile for stopping bots and some new phishlets for O365, KnowBe4, and Cisco VPN.

💡TaskHound: Tool to enumerate privileged Scheduled Tasks on Remote Systems GitHub: github.com/1r0BIT/TaskHou…

Cyber risk is a core business risk. In the modern era, when systems fall, the enterprise falls. Protect security, for it is the foundation on which all operations stand.