🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

No pain, no gain. Reduced weight for "pain management" lol

Truth #Bitcoin

It slices it dices it ScreenShots, OCR's, detects, categorizes and even has its own super fast AI model 3 commands and your up and running Pipe the output to your favorite flavor of DB and start searching your screenshots github.com/DotNetRussell/…

Since we now can use Entra ID connect sync with a service principal, I thought I'd look into the new security measures. On hosts without a TPM, we can dump the cert+key. On hosts with TPM (second picture) we can use the key to create an auth assertion for roadtx to req tokens.

I'm finally releasing a project that I've been working on for a little while now. Here's Boflink, a linker for Beacon Object Files. github.com/MEhrn00/boflink Supporting blog post about it. blog.cybershenanigans.space/posts/boflink-…

😬

₿REAKING: New Record Bitcoin Hashrate 920,000,000,000,000,000,000x per second

It's. About. To. Go. Down.

Costa Rica 🕺

Had a great weekend. Now, back to taking over the world.

Had a great weekend. Now, back to taking over the world.

Ever wonder if two companies are secretly working together? You might be able to find out! Azure user enumeration includes guest accounts. This means that if you have a list of email addresses, you can easily check to see if they exist in a specific Azure tenant.

I released a tool a couple years back at DEF CON that lets you check if an email exists as a guest in a tenant. github.com/nyxgeek/guestl… You can include an AWS key for fireprox rotation (thnx Mike Felch (Stay Ready) !) as this endpoint is prone to false positives after 50-100 attempts.

Love this trick

👽🕺

NetExec now has native checks for LDAP signing and channel binding capabilities of the target DC, thanks to the implementation of Thomas Seigneuret 🚀 I also fixed querying LDAP with non-ASCII characters, so you can finally query groups such as "Dämonen-Administratoren"🎉

Unconstrained Delegation on a gMSA and Webclient / NTLMv1 active on servers that can retrieve the credentials of a gMSA with unconstrained delegation can lead to a complete domain compromise from domain users. nothingspecialforu.github.io/UCgMSAExploita… Micah Van Deusen, Dirk-jan, nice tools :)

"I love your vibe!" My favorite compliment to receive from locals here in Costa Rica. Typically given to me whilst dancing. Confirmation that I have found my tribe.

Nice blog post! I remember using a non-network exploit chain that was custom to VMWare for the pgsql jdbc attack :-> github.com/sourceincite/h…