One-shot ESC1 + unPAC BOF for Havoc and CS. The certificate request includes the target's SID in the SAN to comply with strong mapping requirements (KB5014754). Hope it’s useful https://t.co/vPaDur297s

🔥Introducing a new Red Team tool - SessionHop: https://t.co/hChhDXzhiE SessionHop utilizes the IHxHelpPaneServer COM object to hijack specified user sessions. This session hijacking technique is an alternative to remote process injection or dumping LSASS. Kudos to @tiraniddo

España, el país donde no puedes ver los resultados de tus análisis clínicos los días de partido , @LaLiga @Cloudflare

Vibe coding last week, I wanted to automate some AD techniques in a single tool. Currently supports ESC1/4 (with strong mapping), ShadowCreds, UnPAC, LAPS, Kerberoast (and targeted), RBCD (just set, no S4U2Self/Proxy yet) more features coming https://t.co/oU2CZWkMir

[Crystal Kit] Evasion kit for Cobalt Strike. https://t.co/RYlbXGn1bQ

Technical analysis of APT28’s Phantom Net Voxel operation by @sekoia_io https://t.co/bd7WBMMvLc #infosec

I just released Flareprox 🔥 A Cloudflare based Fireprox alternative that allows you to route HTTP traffic through Cloudflare, to gain mostly unique IP Addresses, to avoid detection and blocks.

🚀H-C0N returns in 2026! Abierto CFP Los próximos 6 y 7 de febrero en Madrid volvemos con una nueva edición de H-C0N. ¿Quieres impartir una charla o taller y convertirte en uno de los ponentes de esta sexta edición? No lo dudes y mándanos tu propuesta a https://t.co/pwLsY8Forx

I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog:

cool post https://t.co/3ITmIWeuci

Recently, a friend fell victim to an email account compromise so I decided to investigate the attack chain to help. The attack leveraged well-known techniques such as stolen credentials, malicious OAuth apps, and hidden Outlook rules:

AvePoint has fixed a vulnerability in DocAve, Perimeter and Compliance Guardian discovered by our researchers @m1ntko and @Calvaruga. This vulnerability can be used to achieve Remote Code Execution (RCE) in affected systems. ➡️ Advisory: https://t.co/bD9hLomlG1

Understanding #ScatteredSpider is key to smarter defense. At Lares, we simulate advanced TTPs: social engineering, malware, lateral movement & exfiltration, to expose gaps and improve readiness. ✍️Raúl Redondo (@_RayRT), Senior Adversarial Engineer

I've got ~5000 IP addresses to port scan for an engagement this week. Ax did it for me in minutes using hundreds of AWS EC2s. Ez https://t.co/QclBODKB5K

CVE-2025-50061, is a stored XSS @s0lfer and I found when testing an Oracle product a couple months ago. CVE details and fix will be released in a couple days 🙏

I wrote a short post about how you only need the NtReadVirtualMemory address for dynamic API resolution, plus how you could use a vulnerable binary to leak its address (and you would not have GetProcAddress, GetModuleHandle or LoadLibrary in the IAT) -

Modern lateral movement techniques detection (mainly DCOM/DCE/RPC/RDP) with examples. Some assumptions worth mentioning: visibility into source IP/port/hostname, logon activity, remote process metadata. A blog post by @HuntressLabs team. Awesome read, guys!

🚨 New attack disclosed: GitHub Device Code Phishing John, Matt, and Mason reveal how they've been using this technique to compromise F500 orgs with high success rates. 📖 Blog covers methodology, red team case studies & detection strategies https://t.co/xfej8uhOIW

Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by @yaumn_ and @wil_fri3d. https://t.co/EY5Z53w1ZT

🎉 It is finally time for a new blog post! 🎉 Join us on our deep dive into Windows Authentication Coercion and its current state in 2025, including some brand-new tooling ✨ #itsec #infosec #pentest #redteam https://t.co/ESePMwDIoc