BSOD is just the Windows kernel rage-quitting with a blue PowerPoint slide

I've emailed Citrix about this and they have updated their documentation, so no more Authenticated Users with GenericAll on the template

THIS IS SIMPLE - This is Wall Street-level accumulation happening right in front of you. THIS IS An OPPORTUNITY ! DONT BLINK DYOR

Do we have too many managers in this field? I've worked for a few Software firms and I see too often more managers than actual engineers lol

Great talk from @OutflankNL where they are talking about applying Blue Team Techniques in their Red Team Operations.

@merill Curious about your thoughts

Take on your Tokyo Mission ⚡ The Sonic Movie 3 crossover event returns with the Shibuya Crossing event stage! Team up with other Rumblers, face Movie Shadow on his Dark Rider, and dash through the mayhem to collect your rewards.

We always hear that granting an App https://t.co/s8xQgcwn04 and AppRoleAssignment.ReadWrite.All is dangerous. I often see these permissions asked by IAM solutions like SailPoint or backup solutions that need to backup Entra ID. Any other valid reasons for giving these permissions

These default configs exists in real environments...

Who's ready for Part 2?

Document was also not that long ago published or updated 🫣

Gotta love Citrix for doing this 😂

If you’re into memes, nerd rages, and me making Cyber jokes. Follow @DebugDiag

Great to see there are still people interested in kernel debugging and crash dump analysis. Analyzing crashes is a great way to learn more about Windows Internals. It might not be as sexy as red teaming, but it’s an underrated skill set that builds problem-solving skills.

I have to admit, but I’m starting to enjoy Reddit 😄

Liked part 1 on vendors pushing ESC1 templates? Here’s a real-world case: a Citrix FAS setup with default perms exposes an ESC3 path. Domain Computers can enroll on Citrix_RegistrationAuthority and chain to Citrix_SmartcardLogon, ending in DA.

Happy Sunday, friends! I hope you all are getting the rest you deserve and need. For those who havent seen, Merill and I sat down for a chat a couple months ago to talk about the some of the security challenges in M365 and how they're almost all preventable. The reality is

I decided to join @Reddit so if you have reddit. Give me a follow!

"I was a former Red Teamer" is the equivalent of "I used to be a Navy SEAL... back in Call of Duty." #badjoke

I just added some new products to the list.

Who still remembers the InfoSec days when people would insult each other by calling them “script kiddies” ? 🫣

As a fun side project - I’ve started tracking vendors whose guides ask customers to create ESC1-style certificate templates, leaving an entire environment exposed 😅