Anyone interested in yet another attempt at trying to enhance splatting in #PowerShell. I've tried to collate all the options proposed over the years with their pros/cons. Hoping to get any community feedback before trying to champion a proper RFC

Did you know it is possible to use Kerberos keytabs on SSPI. I've released a version of sspilib for #python that exposes this in a friendly way through the SEC_WINNT_AUTH_IDENTITY_EX2 struct. cred = sspi.KeytabCredential("user@DOMAIN.COM", "kerb.keytab").

RT @TheBestTvarynka: A new article in my blog: This is the longest post I've ever written (so far). This is a deep….

RT @gerardo_gr: So Windows 11 Insiders Build introduces `Administrator Protection`. And (to my surprise) no changes were needed on gsudo….

Just pushed a new version of my #Ansible debugging tool ansibug. This new update fixes support for restarting a launched debug session but also adds support for breakpoints for task failures, unreachable hosts, or skipped tasks

Sorry not +1 but add thumbs up to the post.

For anyone interested in making Azure Trusted Signing a good fit for #PowerShell signatures please have a look and add +1 or comments if you think of anything else to so the team can see how important this would be to have.

RT @awakecoding: If you missed the webinar, here is the video recording for "Decrypting RDP Traffic in Wireshark"! The slides are great, bu….

Pushed a new version of my #PowerShell module OpenAuthenticode It adds support for signing using Azure's Trusted Signing service. I've found it has been pretty easy to setup as an individual to use but a pity pwsh's trust model won't work nicely with it.

I've opened a #PowerShell RFC to set environment variables for sub processes like the 'FOO=bar command' functionality on sh based shells If you are interested, it would be great to get some feedback around the proposed syntax or potential alternatives.

Does anything know what the fileHashList and authenticodeHashList represents in Azure Trusted Signing sign operation? How would I have multiple files with 1 digest or even the authenticode signature before signing

I have a security vulnerability to report to Microsoft. I’m wondering if there are any recommendations or things to do first from someone who has gone through the process.

Ever wanted to know what data #PowerShell or other programs send to AMSI. I wrote a C# COM server implementation that logs this data as a JSON string. Had some fun learning more about COM and .NET AOT with this little project

Had some fun working with a challenge posed by @awakecoding. A POC that can run multiple #PowerShell named pipe instances with custom pipe names. Usually you have to start a new process but this can be done in proc. Non-public APIs so not production code

Can anyone explain this behaviour before I dig into the SIP code. #PowerShell's authenticode signature hashes the contents based on the UTF8 encoding unless the script is more than 33 characters AND a non-ASCII character is present after the 32nd character in which it uses "ANSI"

I'm hoping to add an automatic CancellationToken property to #PowerShell functions. If anyone is interested in this I would love any thoughts on the RFC and possible implementation of this RFC

RT @0gtweet: Friendly Reminder: If you have admin privileges but lack the necessary file permissions, you can leverage the SeBackup/SeResto….

Good news the Appx cmdlets work on #PowerShell 7 natively in Server 2025 now. Bad news the Appx cmdlets now fail to load through WinRM PSRemoting on Server 2025 due to extra deps not in the GAC. Here is a "hack" to get it working again

In celebration of #Ansible 2.18 I've updated my debugger library ansibug to support the latest changes made in the engine and get it all working with all the supported releases

I can understand adjust session id as the seclogon service will set the session id to the caller based on the docs but just wondering if the rest is missing because the docs aren't complete or are there other scenarios where more privileges may be needed over others.