Mayfly
@M4yFly
Followers
7K
Following
3K
Media
58
Statuses
544
Former Dev and DevOps| Pentester and red teamer at orange cyberdefense | OSCE³| Tweet are my own| discord: m4yfly
Joined November 2017
CVE-2025-33073 is really insane 🤯.Reproduce this attack in GOAD in 3 commands.
Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by @yaumn_ and @wil_fri3d.
8
124
487
Great course, definitely worth it! Thanks @mariuszbit 🙏, now I have weeks of homework to do 😅.
We're frying brains with Initial Access lore for the forth time at x33fcon! I have a blast having a great class! 🔥 Also, completely overhauled the agenda ☢️.
1
4
34
RT @Synacktiv: Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromi….
0
262
0
RT @RedTeamPT: 🚨 Our new blog post about Windows CVE-2025-33073 which we discovered is live:. 🪞 The Reflective Kerberos Relay Attack - Remo….
0
180
0
RT @_CPResearch_: Zero-Day used by Stealth Falcon APT group in a spear-phishing campaign: .💥 .URL file exploitation (assigned CVE-2025-3305….
0
105
0
RT @hacknspeak: 🇫🇷🎙️Nouvel épisode du podcast Hack'n Speak accompagné de @shadow_gatt 🔥. On aborde le sujet du redteam, des missions, un re….
0
10
0
RT @decoder_it: I just published a blog post where I try to explain and demystify Kerberos relay attacks. I hope it’s a good and comprehens….
0
150
0
RT @SpecterOps: New blog post just dropped! 🙌. Read the latest from @Tw1sm on how an operator can perform situational awareness steps prior….
0
50
0
RT @0xBoku: As promised. this is Loki Command & Control! 🧙♂️🔮🪄.Thanks to @d_tranman for his work done on the project and everyone else o….
0
237
0
RT @GuilhemRioux: Glad to publish a blog post on a critical vulnerability I found some months ago on GLPI, that impacts all default install….
0
44
0
RT @0xBoku: Loki C2 blog drop! Thank you for all those who helped and all the support from the community. Big shoutout to @d_tranman and @c….
0
132
0
📩 Exchange Exploitation - Part 1 (Without Credentials) . Explore Exchange exploitation in Game of Active Directory and learn about attacks without valid credentials.
2
55
170
GOAD Writeup - Part 14: ADCS – The Rest.Exploiting ESC 5, 7, 9, 10, 11, 13, 14, and 15 in Game of Active Directory.
4
115
317
RT @sensepost: Attacks against AD CS are de rigueur these days, but sometimes a working attack doesn’t work somewhere else, and the inscrut….
0
111
0
New Active Directory Mindmap v2025.03! 🚀. 📖 Readable version: 🔧 Now fully generated from markdown files—way easier to update and maintain!. 💡 Got improvements? PRs welcome! 👉
9
328
877