The slides of our joint research talk “10 Years of Windows Privilege Escalation with Potatoes” at #POC2023 are out! . 👉 cc @decoder_it

RT @decoder_it: I just published a blog post where I try to explain and demystify Kerberos relay attacks. I hope it’s a good and comprehens….

RT @MsftSecIntel: Microsoft has discovered post-compromise exploitation of CVE 2025-29824, a zero-day elevation of privilege vulnerability….

RT @elad_shamir: NTLM relay is still a major threat and is now even easier to abuse. We just added new NTLM relay edges to BloodHound to he….

RT @oct0xor: We (me + @2igosha) have discovered a new Google Chrome 0-day that is being used in targeted attacks to deliver sophisticated s….

RT @syrion89: Check out our new blog post!.

RT @SBousseaden: new #elastic defend rules out :.- PPL bypass via ComDotNetExploit.- Execution via Windows-Run (trending delivery method IT….

RT @decoder_it: Hey, we should really switch from NTLM to something like Kerberos, yet another good reason, right? cc @ShitSecure @splinte….

RT @decoder_it: KrbRelayEx-RPC tool is out! 🎉.Intercepts ISystemActivator requests, extracts Kerberos AP-REQ & dynamic port bindings and re….

RT @SBousseaden: Great work! few detection points: . - registry change "HKLM\\SOFTWARE\\Classes\\CLSID\\{0BE35203-8F91-11CE-9DE3-00AA004BB8….

RT @decoder_it: Another simple standalone tool for creating machine accounts with custom password in Windows AD

RT @decoder_it: Skiing with @cybersaiyanIT sticker is priceless 😀

RT @BushidoToken: @splinter_code This tweet was mentioned in the BlackBasta Leak bestflowers.json ( timestamp: 2023-10-23 16:17:02 ).

RT @cybersaiyanIT: 🚀 #RomHack 2025 #callforpapers is OPEN! .Are you a #cybersecurity pro with a passion for sharing knowledge? .This is you….

RT @dez_: Multi-Platform FINALDRAFT malware targeting government orgs. Outlook drafts for C2. We published a deep dive on the malware and….

RT @decoder_it: Notes from the Field: My journey in trying to change Windows password in the most complex way, purely for fun, very little….

RT @0x64616e: NTLM Relaying with DCOM cross-session activation over an external OXID resolver. This variant has the advantage over regular….

RT @decoder_it: @splinter_code Are you sure they fixed? 🤨 This is the latest w11 insider canary .

RT @itswillis: Two new posts from @tiraniddo today:. on reviving a memory trapping primitive from his 2021 post.….

Also kudos to my friend @decoder_it that was the first to spot those as Admin Protection bypasses 👇.

Very interesting post by Microsoft about the internals of the new Admin Protection feature.It seems they have patched my SSPI UAC bypass based on NTLM as well as the Kerberos UAC bypass in which both were able to bypass AP as well.More details here 👇.