Try red teaming a Finnish bank as a non-native speaker.... Where every group, user, computer etc looks like "verkkotunnuksen järjestelmänvalvojat"

Please reply with other weird Windows admin tricks

Time for another giveaway! We are going to send a t-shirt and a few goodies to one person who follows @PentesterLab and retweets this tweet!! And we are going to give a 12-month voucher to someone who follows @PentesterLab and likes this tweet!!

Another AMSI bypass alternative, usable from for example C++/C/Nim binaries as amsi.dll is not loaded there by default: https://t.co/4isRAszjLC

Just added the two new AMSI bypass PoC's via Provider Patching into my Amsi-Bypass-Powershell repo. Plus one PoC in Nim as pull request for OffensiveNim: https://t.co/CSqnqAuUaz https://t.co/4W8RSPuzVG Tested both, works perfectly fine. 👌 (1/2)

Oh holy Nimikätz / custom invoke-mimikatz If you want the l33t shit for your next engagement you should: Read -> https://t.co/ZCP5OP1M9e Read -> https://t.co/8ulbUEyZJY Use -> https://t.co/WNRJrDGGIz from @danielhbohannon Use -> private tools from @ShitSecure by sponsoring him

I found an IDOR vulnerability in two @Halfords_uk services in January and April that is leaking customer data such as: full name, home address, email, phone number, VRM + more. I've tried to responsibly disclose this for over 5 months but have had no real response.

Don't even bother activating #windows. It's so easy to get all the locked features without paying or using some weird activator (a thread👇)

You will see more if you configure your #SysInternal tools properly. 💡 1. dbghelp.dll from WinDbg 2. symbols path

I hate tweets like this but as a last resort... does anyone have a security contact for @Halfords_uk

Fancy some new garms? For the chance to win a @PortSwigger t-shirt (as modelled by our @JesscaHaworth) and a bag of Swig goodies RT this and follow us (if you haven't already)✌️

It always gets confusing for me to understand the difference between a URL, URI, and a URN until I stumbled upon this brilliant article from @DanielMiessler. https://t.co/hn00bpNFDC

Unable to extract credentials via DPAPI or Mimikatz? Don't worry. Microsoft got your back. Just use 'rundll32 keymgr.dll, KRShowKeyMgr' to extract all the stored passwords on the host, be it a target server, FTP or chrome's HTTP creds, microsoft has you covered. #redteam

PowerView similar tools, but on Linux: Impacket (PR Pending): https://t.co/gAaSvUB1RB BloodyAD: https://t.co/PE2oe8VUyN acltoolkit: https://t.co/mGHiQVs52a Useful for ACL attack paths

Pretty stoked that I finally got Red Team Ops approved against the CREST Certified Simulated Attack Specialist (CCSAS) examination.

alternate but similar for domain initial access: 1.) unauth #PetitPotam against (unpatched) DC 2.) ntlmrelay it (with socks) to any SMB with no sign enforced (using #impacket) 3.) RID cycle through the socks using the relayed session: profit = userlist 4.) pw spray

Microsoft Security has been tracking criminal actor DEV-0537 (LAPSUS$) targeting organizations with data exfiltration and destructive attacks - including Microsoft. Analysis and guidance in our latest blog:

Short write-up, covering AppLocker bypass by hash caching misuse:

Conti using EDR products to secure its admins computers... https://t.co/5z1uEMTsce