RT @_EthicalChaos_: Working on a new tool that will be ready soon. One thing I can say from the research. if your environment leverages….

Gotcha, 𝗦𝗲𝗰𝗿𝗲𝘁.𝘁𝘅𝘁 in My Hands! ✊. I'm happy to share that I've achieved the OSEP certification from @offsectraining !.

RT @_xpn_: Quick POC this evening looking at how LAPS (v2) passwords are stored and decrypted on Active Directory (tl;dr, msLAPS-EncryptedP….

RT @cyb3rops: If you're a read teamer and want your work to have a higher impact, I recommend the following: . 1. put yourself in the persp….

I earned a badge from Zero-Point Security! Thanks @zeropointsecltd, the lab exams are well-designed, enjoyable, and challenging. If you want to explore and use Command and Control (C&C) like Cobalt Strike, I absolutely recommend it!😜.

RT @mrd0x: Reminder to not trust calendar (.ics) attendees.

RT @_vivami: Bypassing CrowdStrike, Microsoft Defender for Endpoint etc. for fun. not profit .

RT @Yanir_: (10/10) Read about the full discovery here >

Finally! I got the final extreme certification from eLearnSecurity about Red Teaming and Active Directory security to challenge myself again and complete my learning path. This one was one of the hardest exams I've ever taken, very challenging, but I learned a lot.

RT @_nullbind: Great blog on Azure SAS Token privilege abuse:

RT @ManasH4rsh: This repo contains almost everything about appsec. Refer this and you should have enough idea about appsec:). https://t.co/….

RT @Kostastsale: I created a #CyberChef recipe to ease the extraction of URLs from the word document (.doc & .docm) which download #Emotet.….

RT @mrd0x: Here I bypassed Defender AV by making:. eyb files as .exe . faq files as .dll. I'm sure this can work on other security solution….

RT @gsuberland: Made a thing for fancy visualisation of CPUID values.

RT @VbScrub: Rubeus is a great command line tool for performing various Kerberos attacks: But I don't use it often….

RT @mcbazza: Red-Teamers:. [lazy]People like me use Notepad++ as a note-taking thing. We create a 'new', then never get around to saving th….

Hi folks, I would like to share a free ebook about my recon workflow, tools, POV, & some idea. Leastwise, this might work & help to increase the effectiveness when doing pentest, red team & bug hunting. Thank & hope you like it, download on #bugbountytips

Hi Folks, Happy New Year 2021 !!.This Year, Sudomy release version - v1.2.1#dev support generate network graph visualization subdomain & virtualhosts. Here's an example: More detail, read the documentation & changelog. Feel free to contribute \o/. #recon

RT @Six2dez1: I'm proud to release my recon suites review. Again, thanks to all the developers who make it easy for all hackers and researc….

RT @_wald0: (1/5) Here's my last #FF and "best of" list for 2020:. Best defense-oriented blog post: Restricting SMB-based lateral movement….