Mayfly mpgn If it's using the machine account then maybe it's possible to just tgtdeleg + s4u2self? This way you don't have to rely on another vuln (absence of LDAP signing/CB) for the full chain

A BloodHound collector for Microsoft Configuration Manager github.com/CrowdStrike/sc… #redteam

📢 SHOW ANNOUNCEMENT 🚨 I’m excited to announce that I’ll be performing at The Conduit in Orlando, FL on May 17th! Tickets are available now at the link below: conduitfl.com/tm-event/noban…

😂😂😂😂😂😂😂😂 owwww yip yip

This is an IMPRESSIVELY good pdf password dictionary brute forcer, got a password in literally milliseconds, if you're doing recon this is 👌 github.com/mufeedvh/pdfrip

Good morning everyone happy magnificent Monday. I love you all. Owwwwwww yip yip 😃😃😃😃

Good morning everyone happy wonderful Wednesday I love you all owwwww yip yip 😃😃😃

I'm just gonna slide this little teaser shot in for today's Black Hills Information Security webcast I'm giving.... And you thought self-signed ClickOnce payloads were dead..

In-case you missed the webcast, here's the GitHub link github.com/rvrsh3ll/Bolth…. Blog post coming soon! One of my fav bits we talked about was using this to have your C2 call to 127.0.0.1:port or even adding dev tunnels to the ClickOnce. Many options. Modify to taste 🧑‍🍳

Good morning everyone happy fantastic Friday. I love you all owwwww yip yip 😃😃😃😃

Me and the homies are dropping browser exploits on the red team engagement 😎. Find out how to bypass WDAC + execute native shellcode using this one weird trick -- exploiting the V8 engine of a vulnerable trusted application. ibm.com/think/x-force/…

And it begins 😀😀😀😀

Okay so this is HUGE - our amazing AI red team have open sourced their AI red team labs so you can set up your own training! aka.ms/AIRTlabs Ram Shankar Siva Kumar

FindGPPPasswords A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts. meterpreter.org/findgpppasswor…

Active Directory Hardening Series Part 1 Disabling NTLMv1 techcommunity.microsoft.com/blog/coreinfra… Part 2 Removing SMBv1 techcommunity.microsoft.com/blog/coreinfra… Part 3 Enforcing LDAP Signing techcommunity.microsoft.com/blog/coreinfra… Part 4 Enforcing AES for Kerberos techcommunity.microsoft.com/blog/coreinfra…

Get ready for the new episode of Security Noise next week! We chat with Sean Metcalf about securing #ActiveDirectory, Entra, DS, and that messy space in between. Listen wherever you get your #podcasts!

The first step to finding a crit in bug bounty is looking for one. Just start. Use the app. And ask critical questions to yourself.

Thinking about a career change? Our experts are here to help. In this session, they’ll cover different roles in InfoSec, what employers are looking for, and practical ways to build the skills you need. Register now so you can stand out from the crowd! trustedsec.zoom.us/webinar/regist…

𝗶𝗢𝗦 𝗔𝗽𝗽 𝗘𝘅𝗽𝗹𝗼𝗶𝘁𝗮𝘁𝗶𝗼𝗻 𝘂𝘀𝗶𝗻𝗴 𝗶𝗢𝗦 𝟭𝟴.𝟱 ❲ 𝗡𝗼 𝗥𝗼𝗼𝘁𝗲𝗱 𝗗𝗲𝘃𝗶𝗰𝗲𝘀, 𝗡𝗼 𝗘𝗺𝘂𝗹𝗮𝘁𝗼𝗿 ❳ Hacking #iOS Application using 𝗥𝗲𝗮𝗹 𝗶𝗗𝗲𝘃𝗶𝗲𝘀. 𝗪𝗲 𝗲𝘅𝗽𝗹𝗼𝗿𝗲𝗱 𝘁𝗵𝗲 𝗽𝗼𝘄𝗲𝗿 𝗼𝗳 𝗙𝗿𝗶𝗱𝗮 𝟭𝟳.𝟬.𝟳 𝘁𝗼 𝘂𝗻𝗰𝗼𝘃𝗲𝗿

Ever wonder if two companies are secretly working together? You might be able to find out! Azure user enumeration includes guest accounts. This means that if you have a list of email addresses, you can easily check to see if they exist in a specific Azure tenant.