XiaoliChan
@Memory_before
Followers
294
Following
2K
Media
3
Statuses
1K
RT @mpgn_x64: Writeup from @mael91620 is now available 🎉. From coerce into SPN less RBDC, gmsa decryption, dpapi, constraint delegation w/….
github.com
Full write-up for the Active Directory Lab built for Barbhack 2025 by @mpgn and my contributions. - mael91620/Barbhack-2025-AD-writeup
0
39
0
RT @guyrleech: Did you know that Entra ID SIDs start S-1-12-1 whereas (legacy?) AD domain and local normal accounts start S-1-5-21 ? https:….
0
62
0
Generate videos in just a few seconds. Try Grok Imagine, free for a limited time.
522
942
4K
RT @_logangoins: Made some changes to SoaPy to allow ADWS recon to be ingested into @Tw1sm 's BOFHound offline for upload to BloodHound. A….
github.com
SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts. - logangoins/SOAPy
0
23
0
RT @ShitSecure: This is so much! 🔥🔥😎. Found two new Potato triggers just today. Not only Potato but can also be used for LPE as remote auth….
github.com
Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By following this approach, a security researcher will hopefully...
0
181
0
RT @0x64616e: Onboard yourself - PaloAlto Global Protect edition:.1. Become local admin.2. Export device cert from original workstation.3.….
0
104
0
RT @seriotonctf: updated my ADCS cheatsheet.
seriotonctf.github.io
ADCS Attacks with Certipy cheatsheet
0
69
0
RT @5mukx: Doppelganger: An Advanced LSASS Dumper with Process Cloning.
labs.yarix.com
Github Repo: https://github.com/vari-sh/RedTeamGrimoire/tree/main/Doppelganger What is LSASS? The Local Security Authority Subsystem Service (LSASS) is a core component of the Windows operating...
0
71
0
RT @5mukx: NtSockets: An Improved Version of HTTP File Downloader using NtCreateFile and NtDeviceIoControlFile. Code: .
0
29
0
0
49
0
RT @5mukx: Playbook Hunting Chinese APT.an Chinese APT TTPs and LOLBAS Operations.
detect.fyi
Chinese APT TTPs and LOLBAS Operations
0
91
0
RT @RedTeamPT: 🚨 Our new blog post about Windows CVE-2025-33073 which we discovered is live:. 🪞 The Reflective Kerberos Relay Attack - Remo….
blog.redteam-pentesting.de
It is a sad truth in IT security that some vulnerabilities never quite want to die and time and time again, vulnerabilities that have long been fixed get revived and come right back at you. While...
0
176
0
RT @LazyTitan33: Excellent article from @Synacktiv detailing CVE-2025-33073. It's an easy peasy LPE on any server where SMB signing is not….
0
94
0
RT @jeffmcjunkin: Smells like authenticated (as any user) RCE as SYSTEM. So not quite MS17-010 levels of bad (as that requires no authent….
0
37
0