Hugow
@hugow_vincent
Followers
896
Following
6K
Media
80
Statuses
3K
Security researcher && cat memes. Climb/fly sometimes 🪂 @rustyphasm.bsky.social
Joined January 2014
Are you a cool kid ?.
Oh, you didn't know? Cool kids are now relaying Kerberos over SMB 😏.Check out our latest blogpost by @hugow_vincent to discover how to perform this attack:.
0
1
15
RT @coffinxp7: Finally, here’s the detailed article where I walk you through, step by step how to find this vulnerability in real bug bount….
0
45
0
RT @TheLaluka: 💣 Hello 💣. Rien de prévu le 1er Juiller au soir ?.Cool. Maintenant oui ! 😎. RDV Mardi 1er Juillet à 21h sur .
0
20
0
RT @Synacktiv: Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromi….
0
262
0
RT @Synacktiv: For the second year in a row, we managed to get first place at the #HackTheBox Business #CTF 2025! 🥇 Congratulations to @gmo….
0
24
0
RT @compasssecurity: Many CI/CD tools promise to keep your dependencies up to date - but if misconfigured, they can expose your organizatio….
0
2
0
RT @YuG0rd: 🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability.It allows….
0
371
0
RT @UK_Daniel_Card: I don't bypass an EDR. I might avoid one, or I might just use a legitimate tool that is signed and doesn't alert. Th….
0
10
0
RT @cnotin: Microsoft hardened the Entra ID synchronization feature last year:.- restricted permissions on Directory Synchronization Accoun….
0
32
0
RT @decoder_it: I just published a blog post where I try to explain and demystify Kerberos relay attacks. I hope it’s a good and comprehens….
0
150
0
RT @TheLaluka: Hello ! 💌. Stream Caritatif pour @oxfamfrance 📢.Dimanche 20 Avril à 15h 🗓️. 5 vs *All* sur @MobileLegendsOL.🎮 Mobile Legends….
0
4
0
RT @Defte_: You have got a valid NTLM relay but SMB and LDAP are signed, LDAPS has got Channel Binding and ESC8 is not available. What ab….
0
205
0
RT @adnanthekhan: Your attack surface isn’t just your attack surface, it’s your upstream’s attack surface, and their upstream’s attack surf….
0
1
0
RT @praetorianlabs: A Praetorian Security Engineer recently found a vuln in @github CodeQL where a token was exposed for 1.022 seconds. In….
0
15
0
RT @Synacktiv: 🚀 This week, @us3r777 & @__pierreg kick off our new Whitebox Vulnerability Research training! Students will dive into PHP, J….
0
14
0
RT @clever_cloud: [𝗣𝗢𝗗𝗖𝗔𝗦𝗧] @waxzce on the @Micode podcast to talk sovereign cloud and answer the question: is the French cloud a failure?….
0
12
0
RT @watchtowrcyber: Welcome to @chudyPB in his debut watchTowr Labs post since joining the phorce in January (of many to come. )!. In today….
0
50
0
RT @BreizhCTF: On passe à la deuxième place de ce #BreizhCTF 2025, qui revient à l'équipe de @Synacktiv 🥈
0
12
0
RT @decoder_it: KrbRelayEx-RPC tool is out! 🎉.Intercepts ISystemActivator requests, extracts Kerberos AP-REQ & dynamic port bindings and re….
0
163
0
RT @infosec_au: The security research team at @assetnote reported a critical pre-auth RCE vulnerability affecting Sitecore XP 10.4 late las….
0
68
0