A follow up on last week’s FileFix blog. FileFix (Part 2) https://t.co/pIcrbQnccc

👇 https://t.co/bz5mDBUAwu

I believe there is a simple way to remediate #ESC15 Wrote a PowerShell script for it: https://t.co/kUnS9UW7T8 🧵 1/5

Want to check for #ESC15 ? Use the following cypher with #BloodHound MATCH p=(:Base)-[:MemberOf*0..]->()-[:Enroll|AllExtendedRights]->(ct:CertTemplate)-[:PublishedTo]->(:EnterpriseCA)-[:TrustedForNTAuth]->(:NTAuthStore)-[:NTAuthStoreFor]->(:Domain) WHERE

More ADCS attack paths in BloodHound! 🧩🔍 This blog post is about implicit mapping abuse and how we have implemented ESC6, ESC9, and ESC10.

I have written a blogpost with Jakob Mollerup about the diffence between NT AUTHORITY\SERVICE and NT SERVICE\ALL SERVICES because we found the existing documentation to be a bit too brief #Windows #sysinternals https://t.co/Qo2YEEC2Bl

Wrote a blog post about a new ADCS abuse technique involvering issuance policies and OID group links 📝

ADCS attack paths in BloodHound! 🥳 This blog post breaks down the implementation of the ESC1 requirements and guides you on effectively leveraging BloodHound to identify attack paths that include ESC1 privileges. https://t.co/ubWPm2xdLO

I am releasing my book on email security for free, you can get it here: https://t.co/CFG1GIj1x4 Share as you wish. Merry Xmas to all my fellow hackers

Last week @_wald0 and I presented a webinar about the workings of ADCS and how we are implementing the ADCS attack paths in BloodHound. You can watch the recording here :)

https://t.co/TWYO4riMkN @stevenmarkryan @TeslaPodcast

Starship launch live broadcast https://t.co/hRmOPXJ296

New #BloodHound documentation: Getting started with BloodHound Community Edition It's describing a short step-by-step process of deploying and using #BloodHoundCE https://t.co/0dQdSAjroF

Is it an issue if I can modify the msDS-ExternalDirectoryObjectId on myself? @_dirkjan

If ever there is still someone using RSH out there, you should consider moving away from it: https://t.co/tqRKNb4m5M

Our ‘What is Tier Zero’ blog post is out! 🚀 https://t.co/8O3V3kFoGf It'll be the first in a series where we'll deep-dive into the critical assets of AD and Azure. We will build out a Tier Zero table with all the assets we consider throughout the series.

Let's define Tier Zero! 📽️🔼 Join @elad_shamir and me for our webinar "Defining the Undefined: What is Tier Zero?" on June 22nd. It will be the first in a @SpecterOps series on this topic where we'll deep-dive into the critical assets of Active Directory and Azure.

Do Tesla have this problem? @elonmusk @Tesla @stevenmarkryan @TeslaPodcast https://t.co/U7JahJU8G0

My Active Directory Tiering webinar is now on YouTube. Check it out :) https://t.co/3j8TVRTgFH

Released a new Backup Operator to Domain Admin tool. It contains 4 different methods for escalation, more methods will be added: