Non-infosec post this time. I try to stray away from talking about my personal life here as much as I can especially when it comes to my family. In November 2023 my son Oliver was diagnosed with level 3 Autism Spectrum Disorder.

knew win10 had the dsquery.dll laying around but never knew what to do with it. "rundll32.exe dsquery.dll OpenQueryWindow" will pop open a console for you and you can do some light LDAP recon. you can also open with with win + ctrl + f. probably useful for VDI/Citrix type tests

Wanted to say thank you to everyone who shared/donated! My wife hit her goal and I couldn't be more grateful!.

RT @BurningRiverCon: Calling all hackers from Cleveland and beyond!. Burning River Cyber Con will be held on November 15, 2025. We are lo….

RT @_dirkjan: @NathanMcNulty Intune be like

RT @_logangoins: I Just documented a cool way to authenticate proxied tooling to LDAP in an AD environment using C2 payload auth context, w….

I automated the POC for stealing policies from MP relays from this blog into a modified version of mssqlclient would work too with any other piv account to the DB. (no PR because impacket doesnt merge, sorry).

RT @0xthirteen: I wanted to find out if you could start the WebClient service remotely, so I ended up digging into it .

@nyxgeek did you do this

RT @lastweekinfosec: DEF CON releases, PDQ SmartDeploy creds (@unsigned_sh0rt), FortiSIEM root command injection (@SinSinology), a cat them….

RT @SpecterOps: The DSInternals PowerShell module just got an upgrade! 🔥. Updates include:.✅ Golden dMSA Attack.✅ Full LAPS support.✅ Trust….

here's the POC for decrypting the creds if you ever run into them.

Who doesn't like free creds?.

My wife just showed me Taylor Swift’s website…buckle up

RT @SpecterOps: The AD CS security landscape keeps evolving, and so does our tooling. 🛠️. @bytewreck drops info on Certify 2.0, including a….

RT @RonB_Y: Speaking at @defcon was as fun as always! My new tool called RPC-Racer is now available. It masquerades as a legitimate RPC ser….

RT @_dirkjan: Good article from Bleeping Computer about the Exchange hybrid tradecraft I dropped at Black Hat yesterday, with some of my co….

WSFC misconfigurations can turn your domain into one big fustercluck. I'm sharing fustercluck today as part of my #BHUSA presentation. The README summarizes the issues and a detailed blog is coming soon.

My presentation starts in 20 minutes! Oceanside C level 2. Hope to see you there! #BHUSA

I pushed updates to SCCMHunter as part of my Arsenal demo at #BHUSA today! New features include a relay module for TAKEOVER-5 and a community contribution to coerce client push from a *nix host for ELEVATE-2.

RT @SpecterOps: MSSQLHound leverages BloodHound's OpenGraph to visualize MSSQL attack paths with 7 new nodes & 37 new edges, all without to….