Vincent Le Toux (Paris, France)
@mysmartlogon
Followers
12K
Following
919
Media
427
Statuses
1K
Author of #PingCastle, contributor to #mimikatz (DCSync, setntlm, DCShadow) and #OpenSC. Wrote GIDS applet, OpenPGP card driver on Windows and OpenSC stuff.
France
Joined July 2016
#PingCastle 3.3 released !!!. Active Directory & AzureAD security health check in seconds >200k AD audited, management readable, no install, no admin, no data sent "to a cloud". Example of report: github:
5
117
423
Big change at #PingCastle !.The release cycle is changing from "every 6 months" to a "new features" based cycle. No more rush to issue a release with limited tests just to stick to the schedule. See below for the full message, available at
4
13
93
RT @malmoeb: New blog post: Tear Down The Castle - Part 2. I analyzed 250 PingCastle Reports, grouping the findings….
0
49
0
I’ve put my hand into a 20+ year old collector Chartreuse bottle, factory sealed.
1
0
14
I’m thrilled to be part of the Netwrix webinar series, Securing Active Directory: From Risk Mitigation to Incident Response. I’ll make a live demo & you get the opportunity to ask me questions. November 20 & 21. Registration link:
0
12
64
RT @malmoeb: FortiManager cases are incoming. We see the exact same TTPs as outlined by Mandiant in their blog post [1]. "Once the threat….
0
52
0
It’s fun how apple replies to a registered letter: « we were not able to reach you; if you estimate that the case has not been resolved, contact us back ». You have 3 weeks to comply to my GDPR data request before escalation to the regulator.
0
0
4
My recommend watch list for people joining my team:.1) Margin call About how a situation can quickly escalate and how companies react.2) Who Am I - Kein System ist sicher About how you think differently in real life hacking.
3
5
25
15 days to get ‘please open a support ticket.’ Does Apple hire robots? 🤖. My response: formal GDPR request via registered letter. 📬. Note: You practically need a law degree to figure out who handles your private data. 🕵️♂️
1
0
3
RT @_wald0: Do you want to mitigate Active Directory attacks? The @NSAGov .and @ASDGovAu recommend you use:. BloodHound (@SpecterOps).PingC….
0
96
0
We have released PingCastle 3.3.0.1 to fix 2 minor bugs. Go to for the latest release & change log.
pingcastle.com
Download PingCastle binaries and source code to audit your Active Directory or get the map of your domains.
0
17
56
GDPR request sent. We'll see where it goes
1
0
0
RT @malmoeb: In a recent engagement, my colleague @hackerkartellet discovered that an account had logged into a server as part of the later….
0
17
0
Life goal achieved:.Login to my TV with a smart card. Behind the scene this is a raspberry 4 with Windows 11 ARM installed. Login software is EIDAuthenticate and the smart card is GIDS. I designed both. The test here is about EIDAuthenticate for ARM64.
2
4
34
I’m banned from @Apple for no reason. Just spent 10 minutes on apple support with a human robot just repeating to me “use another email”. Astonishing.
I want to restore an ipad backup. 1) From itunes : "you need to disable localize to continue". 2) icloud : you have to "forget a device".3) Asked for security questions my wife setup almost 10 years ago. This is not the answer.4) go to reset them: Impossible.How do I restore ?
4
0
3
Not smart enough to create an appleid.Cannot create an appleid with my email because it is not available. Already created an account ? No .
0
0
0
Next in my apple adventure : already spent 2 days creating my daughter’s account with this shitty error message « unable to proceed for the moment »
1
0
1
