We are going live tonight at 7 Pam EDT. How Azure and Entra ID can be misused as part of a red team exercise. More information below. #Azure #RedTeam https://t.co/YhgFRD8Weh

For some reason, Azure is assumed to be secure by design, which is not the case. Validating the default user permissions is important to ensure that everything that can be hardened is hardened. #Azure #RedTeam https://t.co/1q8AxyuTSY

We are hiring for a senior red teaming / pentest role at CYPFER. Interested in applying, feel free to reach out to me. 100% remote role; more information here: https://t.co/SasPPGBBFS #redteam #hiring #pentest

We are going live tonight at 7 PM EDT. Tonight's session is about Microsoft Azure. We will do a deep dive into how it can be abused as part of a red team. We will automate the process by writing a complete tool to perform attacks and reconnaissance. https://t.co/Efv3aYp2in

The Azure Graph API /beta/users endpoint is definitely an interesting one, as it now includes on-premise Active Directory information, which was not included in the previous /v1.0/users. https://t.co/CDFZYE0eZd #Azure #RedTeam #Graph

Interested in attack vectors in Azure. I have documented another example to have read permission on all the applications exposed in the tenant and more. Blocking default applications is crucial to prevent such vectors. https://t.co/U8w6xRoOtm #Azure #RedTeam

I'm working on a useful tool that allowed me to discover quite a few interesting attack vectors in Azure. UsersPermissionToReadOtherUsersEnabled bypass MFA bypass Privileges escalation And more https://t.co/ad8gsRx3ha #Azure #RedTeam

We are going live tonight at 7 PM EDT. Tonight's session is about running your own LLM locally and building a simple cross-platform .NET client interface to interact with it. The private LLM is quite useful during red team exercises. https://t.co/wHGC8v8NjE #redteam

You want to load your shellcode in .NET without calling VirtualProtect? Use RuntimeHelpers.PrepareMethod to create a predictable RWX memory region for you. This method also doesn't require a delegate function pointer, since you override a .NET method. https://t.co/8oavXwyGEv

It's time for the long weekend sale! Get 50% OFF when you purchase both the Coding Class and the Red Team Training for just $400 (regularly $800). This includes over 200 hours of videos and source code. More details here https://t.co/YXPrhZsavw #redteam #discount

We are going live tonight at 7 PM EDT. Tonight's session is about understanding the underlying concepts of Active Directory Certificate Service (ADCS) and how certificate templates can be audited using C#. https://t.co/Efv3aYp2in

Tomorrow at 10 AM, I’ll be presenting a live webinar with CYPFER, where we’ll explore a technique for executing malicious code within a .NET environment. This method is particularly noteworthy because .NET is installed by default on Windows systems. https://t.co/VNkYeyR801

Next week, I will present a live webinar covering an interesting technique for executing shellcode using built-in .NET capabilities. https://t.co/OITN7kh0oq #redteam #webinar

We are going live tonight at 7 PM EST. Tonight's session is about auditing and searching for misconfigured GPOs using C# during a red team exercise. https://t.co/Efv3aYp2in

We are going live tonight at 7 PM EDT. Tonight's episode is about writing your own SOCKS5 proxy that can serve as your complete C2, allowing you to perform all operations remotely. https://t.co/Efv3aYpA7V

How would you describe the world situation in 2025? Three words maximum!

We are going live tonight at 7 PM! Tonight's session is about incorporating sandbox evasion techniques into your malware using C and C#. https://t.co/Efv3aYp2in

The upcoming live session will be presented live from @NorthSec_io this Friday, May 16, 2025, at 1 PM EST. We will be chaining a novel technique in .NET that does not require any RWX memory allocation or external APIs. https://t.co/wHGC8v8NjE

If you are in Athens for @TheOffensiveX. Come say hi during my training or talk.

You are interested in attending the @HackSpaceCon 2025 conference? I will give away 5 tickets. All the information here: