RT @YuG0rd: 🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability.It allows….

trying my luck here, has anyone struggled with "message stream modified" when trying to use a ccache file, valid with KfW, recognized by klist and usable by kinit / kvno, but a Java-based app fails with this error?.

RT @pentest_swissky: Breaking PHP's mt_rand() with 2 values and no bruteforce.

RT @OtterHacker: A few months ago I've created a "Pefect DLL Loader". You can find some details on my article that was just published today….

RT @l4x4: Thanks to a great article from @itm4n, I discovered a bypass to install vulnerable printer's drivers when low level users are all….

Y'a que moi qui ai l'impression que le wifi SNCF c'est de pire en pire ?.Et je vous dis pas si c'est vraiment des Mb et pas des Mo.

Va falloir expliquer ce qu'on appelle une cyber attaque hein, j'en ai déjà géré plusieurs dizaines, mais de la a en avoir 1 pour chaque paire d'humain sur la planète. 🤔. Ou alors 1 paquet malveillant (most likely DDoS) == une cyber attaque ?.

One of the most beautiful classic/epic piano/violin set of tracks I came across in the last years.Congratz to A. S. Versnaeyen & Gabriel Saban. Vol 1: Vol 2:

Very nice article by @OtterHacker on process injection with #NtSetInformationProcess & #Nirvana debugger!.

RT @th3m4ks: Hey @orangecyberdef, you just published a GitHub project under your org’s name whose code is 94% copy-pasted from of a competi….

cc @cnotin @gentilkiwi the GOATs of this game.

Curious case:.* Exploiting ESC01 either via MMC GUI or via certipy.* Using Rubeus & Kekeo to get TGT via certificate.* Certificate is in NTAuthStore and in AD Certification Authorities (so normally in trust stores). Getting KDC_ERR_CLIENT_NOT_TRUSTED in every combinatio. Ideas?.

RT @Synacktiv: Ever wanted to understand PHP concepts in depth? This series of 2 articles by @_remsio_ details a POP chain targeting the do….

RT @CERTXMCO: [#Event🚀] Bravo à @iansus qui remporte son Groot suite à notre challenge ! 🤩.Merci à tous pour cette journée a @_barbhack_ et….

Will be at @_barbhack_ #barbhack23.Twitter TL, will you too?.

Does anyone have a reliable way of decrypting IIS encrypted connection strings without using ASPNet_RegIIS.exe?.

After 10 years & seasons, I just watched the last episode of #TheBlacklist. Truly an amazing and intense thriller show. Thank you @iJamesSpader for your performance!

Road to zombie virus, enjoy your last days!.

🚩 @wavestoneFR CTF team #YoloSw4g ranks first of 80+ teams at #CyberEx23!. 🚩 Thanks @INCIBE and @OEA_Cyber for the organization & challenges!. 🚩 Congratz to @_Qazeer @th3m4ks and @meaz0u for the great team we've been for the last 8 hours, now we go to a well-deserved sleep!

Infosec people, if you use chatGPT-3 in your security research what are your best tips/prompt to face the inaccuracies it produces. In 1 out of 3 prompts, answers on subjects not widely covered are incomplete/wrong (esp. CLIs with missing prerequisites or extrapolated behaviour).